www.payroll-plaza.com Open in urlscan Pro
2a06:2ec0:1::106 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.payroll-plaza.com/
Submission: On February 23 via automatic, source certstream-suspicious (February 23rd 2021, 12:33:41 pm UTC)

Summary HTTP 85 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 85 HTTP transactions. The main IP is 2a06:2ec0:1::106, located in Netherlands and belongs to AS-ZXCS, NL. The main domain is www.payroll-plaza.com.
TLS certificate: Issued by R3 on December 9th 2020. Valid for: 3 months.

This is the only time www.payroll-plaza.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2a06:2ec0:1::106 2a06:2ec0:1::106	206281 (AS-ZXCS) (AS-ZXCS)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
8	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
18	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4000:812::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:4e::c	15169 (GOOGLE) (GOOGLE)
85	17

14 2a06:2ec0:1::106 (Netherlands)

ASN206281 (AS-ZXCS, NL)

www.payroll-plaza.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cdn.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4000:812::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:4e::c (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r6---sn-4g5e6ney.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	269 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	181 KB
14	payroll-plaza.com www.payroll-plaza.com	105 KB
10	doubleclick.net googleads.g.doubleclick.net	51 KB
8	shortpixel.ai cdn.shortpixel.ai	30 KB
3	googletagservices.com www.googletagservices.com	94 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	gvt1.com 1 redirects redirector.gvt1.com r6---sn-4g5e6ney.gvt1.com	1 MB
2	google-analytics.com www.google-analytics.com	19 KB
1	google.com adservice.google.com	803 B
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	645 B
1	googletagmanager.com www.googletagmanager.com	39 KB
85	13

	Domain	Requested by
14	www.payroll-plaza.com	www.payroll-plaza.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.payroll-plaza.com
9	pagead2.googlesyndication.com	www.payroll-plaza.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	cdn.shortpixel.ai	www.payroll-plaza.com
7	fonts.gstatic.com	fonts.googleapis.com
5	csi.gstatic.com	www.gstatic.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	www.payroll-plaza.com googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	r6---sn-4g5e6ney.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.payroll-plaza.com
85	17

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.arfee.nl

Subject Issuer	Validity	Valid
payroll-plaza.com R3	`2020-12-09` - `2021-03-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.shortpixel.ai Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-02-17` - `2021-04-28`	2 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.payroll-plaza.com/
Frame ID: F5B421E68EB87D40E26FF33C361B3FF2
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210217/r20190131/zrt_lookup.html
Frame ID: 48E17602A31118ABEC07845048719D19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&adk=1812271804&adf=3025194257&lmt=1614065700&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614083603700&bpp=19&bdt=227&idt=86&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6609267462776&frm=20&pv=2&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
Frame ID: 060218EFFE8FF5429F79222E2E9D30A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
Frame ID: AC91FE94FAC739C4E78B44580EF23CD0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
Frame ID: F1D5CC9F5A1A0F00D21443B553AE65D8
Requests: 28 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Frame ID: 45F52C626D2124DAD10CC7AFF6EFDA20
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Frame ID: 7753EC2D279AB6F9B4ACBDFFB03F14E0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: DA5DB30CB82C8DCA04A54232DE8AB4AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

85
Requests

98 %
HTTPS

88 %
IPv6

13
Domains

17
Subdomains

17
IPs

3
Countries

1904 kB
Transfer

2951 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/#!/PayrollPlaza
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.arfee.nl/
Title: Arfee Internet Publications

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://redirector.gvt1.com/videoplayback?id=24f6985fef8ed72e&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1614090804&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=3FCE444EF1994BBBB3F198DF3AF7B30D4948033E.6CC66A2645B0F2E34B87F0E2BC121FCACFF2B8A1&key=ck2 HTTP 302
https://r6---sn-4g5e6ney.gvt1.com/videoplayback?id=24f6985fef8ed72e&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1614090804&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=2B283FD4CD8F48FE9FAE1F2BB0918CF006B77EBC.4D767DCAEE3B451221915BDCE077867D36EE4E83&key=cms1&cms_redirect=yes&mh=t7&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5e6ney&ms=nvh&mt=1614083183&mv=u&mvi=6&pl=41

85 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.payroll-plaza.com/ 40 KB
10 KB 70ms
30ms Document
text/html 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

82a219e4ddad1b8698877926842a4719da4449e8cb39e352398f77c8fc16ee3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

:method: GET
:authority: www.payroll-plaza.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
server: Apache/2
vary: Accept-Encoding,Cookie,User-Agent
cache-control: max-age=3, must-revalidate
content-encoding: gzip
strict-transport-security: max-age=63072000;
content-length: 9936
last-modified: Tue, 23 Feb 2021 07:35:00 GMT
content-type: text/html; charset=UTF-8

GET
H2 200 style.css
www.payroll-plaza.com/wp-content/themes/news/ 45 KB
7 KB 19ms
18ms Stylesheet
text/css 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payroll-plaza.com/wp-content/themes/news/style.css?ver=2.1.1

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

a7a4b2aa81c43b7b98b688669a3286d035872cfd670c0c03f1a2e51ce8a0a5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
last-modified: Sun, 15 Jan 2017 16:58:37 GMT
server: Apache/2
etag: "b27f-54624fa67b08d-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 7480

GET
H2 200 style.min.css
www.payroll-plaza.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 18ms
17ms Stylesheet
text/css 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payroll-plaza.com/wp-includes/css/dist/block-library/style.min.css?ver=357727252326a5a41d2c3bf3ee9e92f4

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 12:42:26 GMT
server: Apache/2
etag: "c8e9-5b607643d86ba-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 7855

GET
H2 200 css
fonts.googleapis.com/ 4 KB
749 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7COswald%3A400%2C700&ver=CHILD_THEME_VERSION

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb096f5b4bf02bec131c5f779100e6e9236a0fb7220e3b74dbb46bbcbfd1dd05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 12:33:23 GMT
server: ESF
date: Tue, 23 Feb 2021 12:33:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Feb 2021 12:33:23 GMT

GET
H2 200 style.css
www.payroll-plaza.com/wp-content/plugins/simple-social-icons/css/ 1 KB
547 B 17ms
15ms Stylesheet
text/css 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payroll-plaza.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
last-modified: Tue, 14 Apr 2020 09:27:05 GMT
server: Apache/2
etag: "4cc-5a33ccd86a840-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 437

GET
H2 200 front.min.css
www.payroll-plaza.com/wp-content/plugins/cookie-notice/css/ 7 KB
1 KB 17ms
16ms Stylesheet
text/css 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payroll-plaza.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=357727252326a5a41d2c3bf3ee9e92f4

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
last-modified: Sun, 21 Feb 2021 03:18:10 GMT
server: Apache/2
etag: "1b2b-5bbd0228551f1-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 1285

GET
H2 200 jquery.min.js Show response
www.payroll-plaza.com/wp-includes/js/jquery/ 87 KB
30 KB 31ms
30ms Script
application/javascript 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payroll-plaza.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 12:42:26 GMT
server: Apache/2
etag: "15d98-5b607643a891a-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 30916

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 60ms
38ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3446495-52

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f09a507a90edd7d0e73c40f24ce47217ac75739206d45abfddfbb5a01cdd169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39250
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Feb 2021 12:33:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70ae869f88c74a6b3dfd4a4d020814b4add4c100758e04b95d2a0fb2c6f575aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48575
x-xss-protection: 0
server: cafe
etag: 15339403755875478729
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Feb 2021 12:33:23 GMT

GET
H2 200 autoptimize_d5ea41cb1fb091d3d30e54941f509cb5.js Show response
www.payroll-plaza.com/wp-content/cache/autoptimize/js/ 35 KB
11 KB 18ms
17ms Script
application/javascript 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payroll-plaza.com/wp-content/cache/autoptimize/js/autoptimize_d5ea41cb1fb091d3d30e54941f509cb5.js

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

ea7176639a3862e1a0f849c798199f5ccd37ad4ee963edaea635bc91a619c6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 07:58:41 GMT
server: Apache/2
etag: "8be7-5bb8396587125-gzip"
vary: Accept-Encoding,Cookie,User-Agent
content-type: application/javascript
cache-control: max-age=3, must-revalidate, public, immutable
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 11343
expires: Sun, 13 Feb 2022 12:33:23 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.payroll-plaza.com/wp-includes/js/ 14 KB
5 KB 16ms
16ms Script
application/javascript 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payroll-plaza.com/wp-includes/js/wp-emoji-release.min.js?ver=357727252326a5a41d2c3bf3ee9e92f4

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
last-modified: Fri, 05 Feb 2021 11:18:26 GMT
server: Apache/2
etag: "3795-5ba94fa9df9bc-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 4662

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3446495-52

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1847
date: Tue, 23 Feb 2021 12:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Feb 2021 14:02:36 GMT

GET
H2 200 bg-light.png
www.payroll-plaza.com/wp-content/themes/news/images/ 641 B
698 B 15ms
14ms Image
image/png 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payroll-plaza.com/wp-content/themes/news/images/bg-light.png

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/wp-content/themes/news/style.css?ver=2.1.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

790bc91f5efb42aee84edd0db4261064c9e94c69baf54ed70c19df7effde84ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/wp-content/themes/news/style.css?ver=2.1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Sun, 15 Jan 2017 16:58:37 GMT
server: Apache/2
etag: "281-54624fa679535"
strict-transport-security: max-age=63072000;
content-type: image/png
accept-ranges: bytes
content-length: 641

GET
H2 200 payrollplaza_header.jpg
www.payroll-plaza.com/wp-content/uploads/ 20 KB
21 KB 26ms
25ms Image
image/jpeg 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payroll-plaza.com/wp-content/uploads/payrollplaza_header.jpg

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

4088af1ec49a323f1255eb1bc4aa87f29b6a6e3f1b688d228c69e854e035173c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Sun, 15 Jan 2017 16:58:35 GMT
server: Apache/2
etag: "51fd-54624fa5030ed"
strict-transport-security: max-age=63072000;
content-type: image/jpeg
accept-ranges: bytes
content-length: 20989

GET
H2 200 bg-dark.png
www.payroll-plaza.com/wp-content/themes/news/images/ 512 B
560 B 17ms
16ms Image
image/png 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payroll-plaza.com/wp-content/themes/news/images/bg-dark.png

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/wp-content/themes/news/style.css?ver=2.1.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

be24c5f0222eeb62eb18109b5aa43054340e74a610725bbaf64c3d29b68ce71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/wp-content/themes/news/style.css?ver=2.1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Sun, 15 Jan 2017 16:58:37 GMT
server: Apache/2
etag: "200-54624fa67a4d5"
strict-transport-security: max-age=63072000;
content-type: image/png
accept-ranges: bytes
content-length: 512

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
fonts.gstatic.com/s/droidsans/v12/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7COswald%3A400%2C700&ver=CHILD_THEME_VERSION

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payroll-plaza.com
Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7COswald%3A400%2C700&ver=CHILD_THEME_VERSION
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:07:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
age: 339945
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11396
x-xss-protection: 0
expires: Sat, 19 Feb 2022 14:07:38 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYjMdZwl.woff2
fonts.gstatic.com/s/oswald/v36/ 17 KB
17 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYjMdZwl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7COswald%3A400%2C700&ver=CHILD_THEME_VERSION

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91f4f1aa2437cf886a484ac410eab84dfe059d24ec6249c52f50509e756b730c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payroll-plaza.com
Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7COswald%3A400%2C700&ver=CHILD_THEME_VERSION
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 01:19:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:33:08 GMT
server: sffe
age: 299616
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17540
x-xss-protection: 0
expires: Sun, 20 Feb 2022 01:19:47 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
fonts.gstatic.com/s/droidsans/v12/ 11 KB
11 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7COswald%3A400%2C700&ver=CHILD_THEME_VERSION

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payroll-plaza.com
Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7COswald%3A400%2C700&ver=CHILD_THEME_VERSION
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:07:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:00:07 GMT
server: sffe
age: 339943
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11236
x-xss-protection: 0
expires: Sat, 19 Feb 2022 14:07:40 GMT

GET
H2 200 youngacapital_zomerbanen-150x150.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/ 7 KB
7 KB 198ms
137ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/youngacapital_zomerbanen-150x150.jpg
Requested by: Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 3b18b8fa01f70fed0c7769af9e4da06371e76eb5c39c74b8ff94b32631f8a6ec

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Thu, 11 Feb 2021 13:46:29 GMT
server: nginx
etag: a81197ba019359e4240ed5272cfc29b8
vary: Accept-Encoding
x-tag: Domain:payroll-plaza.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30503586, s-maxage=1559586
accept-ranges: bytes
link: <https://www.payroll-plaza.com/wp-content/uploads/youngacapital_zomerbanen-150x150.jpg>; rel="canonical"
content-length: 7189
x-hw: 1614083603.cds138.fr8.hn,1614083603.cds137.fr8.p

GET
H2 200 tentoo_vrouwelijke_freelancer.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/ 3 KB
3 KB 227ms
167ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/tentoo_vrouwelijke_freelancer.jpg
Requested by: Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e73a193497676b5feb4eacf9fb67966f6aa593abd9d3c1bcd60f0c8a3a45292

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Thu, 11 Feb 2021 13:46:25 GMT
server: nginx
etag: 5c0366478df9057a8651ad26dd6c3e29
vary: Accept-Encoding
x-tag: Domain:payroll-plaza.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30503582, s-maxage=1559582
accept-ranges: bytes
link: <https://www.payroll-plaza.com/wp-content/uploads/tentoo_vrouwelijke_freelancer.jpg>; rel="canonical"
content-length: 2939
x-hw: 1614083603.cds138.fr8.hn,1614083603.cds266.fr8.p

GET
H2 200 tentoo_payroll_ikwordzzper.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/ 3 KB
3 KB 197ms
137ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/tentoo_payroll_ikwordzzper.jpg
Requested by: Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e73a193497676b5feb4eacf9fb67966f6aa593abd9d3c1bcd60f0c8a3a45292

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Thu, 11 Feb 2021 13:46:25 GMT
server: nginx
etag: 051be040299a5fec13608cf3a0069e99
vary: Accept-Encoding
x-tag: Domain:payroll-plaza.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30503582, s-maxage=1559582
accept-ranges: bytes
link: <https://www.payroll-plaza.com/wp-content/uploads/tentoo_payroll_ikwordzzper.jpg>; rel="canonical"
content-length: 2939
x-hw: 1614083603.cds138.fr8.hn,1614083603.cds234.fr8.p

GET
H2 200 tentoo_stijging_jonge_freelancers-150x150.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/ 3 KB
3 KB 208ms
148ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/tentoo_stijging_jonge_freelancers-150x150.jpg
Requested by: Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 085781910c8cfe8a8ff724f58d3ca9536c049a802cf4d4f2931b19a190dbc429

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Sun, 14 Feb 2021 02:20:13 GMT
server: nginx
etag: f9936f22acff003681337faeef814718
vary: Accept-Encoding
x-tag: Domain:payroll-plaza.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30721610, s-maxage=1777610
accept-ranges: bytes
link: <https://www.payroll-plaza.com/wp-content/uploads/tentoo_stijging_jonge_freelancers-150x150.jpg>; rel="canonical"
content-length: 2564
x-hw: 1614083603.cds138.fr8.hn,1614083603.cds253.fr8.p

GET
H2 200 tentoo_lagere_omzet_zzp-150x150.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/ 3 KB
3 KB 212ms
152ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/tentoo_lagere_omzet_zzp-150x150.jpg
Requested by: Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 085781910c8cfe8a8ff724f58d3ca9536c049a802cf4d4f2931b19a190dbc429

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Sun, 14 Feb 2021 02:20:14 GMT
server: nginx
etag: dd9d94eb940172b9ac312935cb2870e2
vary: Accept-Encoding
x-tag: Domain:payroll-plaza.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30721611, s-maxage=1777611
accept-ranges: bytes
link: <https://www.payroll-plaza.com/wp-content/uploads/tentoo_lagere_omzet_zzp-150x150.jpg>; rel="canonical"
content-length: 2564
x-hw: 1614083603.cds138.fr8.hn,1614083603.cds218.fr8.p

GET
H2 200 tentoo_strijp-150x150.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/ 3 KB
3 KB 212ms
152ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/tentoo_strijp-150x150.jpg
Requested by: Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 085781910c8cfe8a8ff724f58d3ca9536c049a802cf4d4f2931b19a190dbc429

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Sun, 14 Feb 2021 02:20:13 GMT
server: nginx
etag: ff6f7a23ebef4426c500329cde47611b
vary: Accept-Encoding
x-tag: Domain:payroll-plaza.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30721610, s-maxage=1777610
accept-ranges: bytes
link: <https://www.payroll-plaza.com/wp-content/uploads/tentoo_strijp-150x150.jpg>; rel="canonical"
content-length: 2564
x-hw: 1614083603.cds138.fr8.hn,1614083603.cds134.fr8.p

GET
H2 200 wetsvoorstel_flexregels-150x139.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img,w_150,h_139/https://www.payroll-plaza.com/wp-content/uploads/ 5 KB
5 KB 132ms
131ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_150,h_139/https://www.payroll-plaza.com/wp-content/uploads/wetsvoorstel_flexregels-150x139.jpg
Requested by: Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 81497920787d2a5e5e02651973203c363db7191674d48c20726273214a90caab

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Thu, 11 Feb 2021 13:46:17 GMT
server: nginx
etag: 97437586616c5293db2f8f1e797203bc
vary: Accept-Encoding
x-tag: Domain:payroll-plaza.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30503574, s-maxage=1559574
accept-ranges: bytes
link: <https://www.payroll-plaza.com/wp-content/uploads/wetsvoorstel_flexregels-150x139.jpg>; rel="canonical"
content-length: 5325
x-hw: 1614083603.cds138.fr8.hn,1614083603.cds262.fr8.p

GET
H2 200 please_payroll_payvda-150x150.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/ 3 KB
3 KB 133ms
133ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_150/https://www.payroll-plaza.com/wp-content/uploads/please_payroll_payvda-150x150.jpg
Requested by: Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f403921a9e60c89ed86108fe780536e6ea12e4423ab3882b30c81172fb5ef7e6

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Sun, 14 Feb 2021 02:20:14 GMT
server: nginx
etag: d2dfa1ff74d300a74d7afd8ba2091d72
vary: Accept-Encoding
x-tag: Domain:payroll-plaza.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=30721611, s-maxage=1777611
accept-ranges: bytes
link: <https://www.payroll-plaza.com/wp-content/uploads/please_payroll_payvda-150x150.jpg>; rel="canonical"
content-length: 3001
x-hw: 1614083603.cds138.fr8.hn,1614083603.cds142.fr8.p

GET
H2 200 symbol-defs.svg
www.payroll-plaza.com/wp-content/plugins/simple-social-icons/ 19 KB
8 KB 19ms
19ms Other
image/svg+xml 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payroll-plaza.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
last-modified: Tue, 14 Apr 2020 09:27:05 GMT
server: Apache/2
etag: "4b81-5a33ccd86a840-gzip"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 7867

GET
H2 200 list.png
www.payroll-plaza.com/wp-content/themes/news/images/ 109 B
157 B 18ms
16ms Image
image/png 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payroll-plaza.com/wp-content/themes/news/images/list.png

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/wp-content/themes/news/style.css?ver=2.1.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

972c4c354ee564f99aca251b52ed094ca20573f86380edb115eaba11c5c59fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/wp-content/themes/news/style.css?ver=2.1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Sun, 15 Jan 2017 16:58:37 GMT
server: Apache/2
etag: "6d-54624fa67a4d5"
strict-transport-security: max-age=63072000;
content-type: image/png
accept-ranges: bytes
content-length: 109

GET
H2 200 footer.png
www.payroll-plaza.com/wp-content/themes/news/images/ 1 KB
1 KB 16ms
15ms Image
image/png 2a06:2ec0:1::106
AS-ZXCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payroll-plaza.com/wp-content/themes/news/images/footer.png

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/wp-content/themes/news/style.css?ver=2.1.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a06:2ec0:1::106 , Netherlands, ASN206281 (AS-ZXCS, NL),

Reverse DNS

Software

Apache/2 /

Resource Hash

d9a02d07bf1aee343d9a1f3506c781f8843ab34adc7ac842e1bcd971f35909b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.payroll-plaza.com/wp-content/themes/news/style.css?ver=2.1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
last-modified: Sun, 15 Jan 2017 16:58:37 GMT
server: Apache/2
etag: "537-54624fa67991d"
strict-transport-security: max-age=63072000;
content-type: image/png
accept-ranges: bytes
content-length: 1335

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
72 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=1225241945&t=pageview&_s=1&dl=https%3A%2F%2Fwww.payroll-plaza.com%2F&ul=en-us&de=UTF-8&dt=Payroll%20Plaza%20%7C%20Nieuws%20over%20payrolling%20en%20payroll%20bedrijven&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1464131916&gjid=98816055&cid=1397042670.1614083604&tid=UA-3446495-52&_gid=915455042.1614083604&_r=1&gtm=2ou2a1&z=2089501486

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.payroll-plaza.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210217/r20190131/ 227 KB
85 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210217/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1853109490509724&plah=www.payroll-plaza.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f793dfd46dbb2e9ccbadda56781c3be33f9524c6a1e494ad944604402eac77fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87090
x-xss-protection: 0
server: cafe
etag: 17667247090758473311
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Feb 2021 12:33:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210217/r20190131/ Frame 48E1 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210217/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210217/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.payroll-plaza.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.payroll-plaza.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Feb 2021 15:45:22 GMT
expires: Mon, 08 Mar 2021 15:45:22 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 74881
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
645 B 124ms
61ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.payroll-plaza.com&callback=_gfp_s_&client=ca-pub-1853109490509724

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210217/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1853109490509724&plah=www.payroll-plaza.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

516cedc1ce9a14eb2e6a968bf58ce3afb282bac969bdb9a9f752cf49e1f48261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 48ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.payroll-plaza.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 37ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.payroll-plaza.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0602 4 KB
785 B 70ms
69ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&adk=1812271804&adf=3025194257&lmt=1614065700&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614083603700&bpp=19&bdt=227&idt=86&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6609267462776&frm=20&pv=2&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

016a22a7363ca79a1d5c6064b8583f0da4f19ba826e0cf618963387478ad7579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&adk=1812271804&adf=3025194257&lmt=1614065700&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614083603700&bpp=19&bdt=227&idt=86&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6609267462776&frm=20&pv=2&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.payroll-plaza.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.payroll-plaza.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Feb 2021 12:33:23 GMT
server: cafe
content-length: 637
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Feb-2021 12:48:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Feb 2021 12:33:23 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613997197137185"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28345
x-xss-protection: 0
expires: Tue, 23 Feb 2021 12:33:23 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC91 62 KB
21 KB 439ms
438ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c143612bb5f7e001beb71f7143bbebb2a41ab0e533c3843180805a68a49c733b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.payroll-plaza.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.payroll-plaza.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Feb 2021 12:33:24 GMT
server: cafe
content-length: 21030
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Feb-2021 12:48:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Feb 2021 12:33:24 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F1D5 76 KB
24 KB 328ms
328ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d302df5e44565d5bfa732c37665892cde6f8cc64a1c79406e0975ffa130e027c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.payroll-plaza.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.payroll-plaza.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Feb 2021 12:33:24 GMT
server: cafe
content-length: 24811
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Feb-2021 12:48:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Feb 2021 12:33:24 GMT
cache-control: private

GET
H2 200 036ed6d195d183f62bf6dc091e1ce5d0.js Show response
www.gstatic.com/mysidia/ Frame F1D5 7 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/036ed6d195d183f62bf6dc091e1ce5d0.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0c093ce0e0daa2c82abc8eb385a89539ed30b8dd65f5c15255d342eea8b54ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 02:18:00 GMT
server: sffe
age: 406318
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3002
x-xss-protection: 0
expires: Wed, 19 May 2021 19:41:26 GMT

GET
H2 200 9c6f8fdba92d58c2e55316f9ac422a07.js Show response
www.gstatic.com/mysidia/ Frame F1D5 159 KB
59 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c6f8fdba92d58c2e55316f9ac422a07.js?tag=video_mra/web_raspberry

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18198a1345d070b6fc8cba68e838b1f8f048aaaea2803a8d6aad83ef04ede94d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 03:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 19:50:48 GMT
server: sffe
age: 465690
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60177
x-xss-protection: 0
expires: Wed, 19 May 2021 03:11:54 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame F1D5 3 KB
653 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b1614702e395fef3a85dabdfbed0fa6ba39d52a8244ae2f5916a838ce4beac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 11:11:21 GMT
server: ESF
date: Tue, 23 Feb 2021 12:33:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Feb 2021 12:33:24 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/ Frame F1D5 2 KB
1002 B 23ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 11:37:20 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210217/r20110914/ Frame F1D5 18 KB
8 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210217/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a14ec3d2ddeec740f9f0cc1dc80d0e1a6938d272d1543ce2d9e685e76c21676c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7376
x-xss-protection: 0
server: cafe
etag: 7660940562410829306
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 11:36:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/ Frame F1D5 3 KB
2 KB 23ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 11:35:44 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1D5 107 KB
33 KB 44ms
30ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613997191106504"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Tue, 23 Feb 2021 12:33:24 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/ Frame F1D5 14 KB
6 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 11:35:45 GMT

GET
H3-Q050 200 fa9f376fb382443f5f015f3a0c3dfed2.js Show response
www.gstatic.com/mysidia/ Frame F1D5 25 KB
11 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa9f376fb382443f5f015f3a0c3dfed2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49b02fc1286f940cce0e398d850753f00338dbb321a51e2aadf996223c9c7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 13:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 19:50:48 GMT
server: sffe
age: 84412
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10802
x-xss-protection: 0
expires: Sun, 23 May 2021 13:06:32 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14350564514421105980/ Frame F1D5 2 KB
2 KB 21ms
12ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14350564514421105980/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fe4cce344f8948985441372bfc6fa14755dbd359c55818a6f45aa5c0a0d7867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:42:01 GMT
x-content-type-options: nosniff
age: 406283
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1752
x-xss-protection: 0
last-modified: Mon, 18 Jan 2021 12:39:38 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 19:42:01 GMT

GET
DATA 200
OK truncated
/ Frame F1D5 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame F1D5 0
331 B 425ms
171ms Other
image/gif 2607:f8b0:4000:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~klhzpbsw&c=4673982194854&slotId=2336991097427&qqid=COK04v6BgO8CFfbiuwgdtEUItQ&sei=44729911%2C44730425%2C44730426%2C75259407%2C75259408%2C447279544&nsei=44714510%2C75259405&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9c6f8fdba92d58c2e55316f9ac422a07.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:812::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17352004189435309175/ Frame F1D5 47 KB
47 KB 30ms
15ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17352004189435309175/downsize_200k_v1

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce6fe3409c0243e920a85079631bb79ee795fccffaa1d26a09c34d1ac67ea53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 18:39:19 GMT
x-content-type-options: nosniff
age: 582845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48196
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 07:56:59 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Feb 2022 18:39:19 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame F1D5 0
0 50ms
48ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRfA_E_Y0YKLfNPbF7_UPtIuhqAv87cCkYe_s98udDZWfi6LrChABIMP7ygNglQKgAY3Mpv0DyAEJqQJGTs_qSmq0PqgDAcgDywSqBLkBT9AZkFr1CEYWsUdCUItc6S4MquLxigP3zTh9MExBcYk6I0TF4KbeB7RZsqrxFkWk5t8i0h2KIMxpD_n0JnfBVy4N0PcvP5MFvCNQabs1qCkxgW_JC8Oqa3LDnoUbOkhmPFJHTVrcW9B6kekK_ugEKndMoj78BBKvk48j9JHyCAY14pfew0jWSF3_lo5hW-kG3yZhu300VeSLVfqo7UMbRwHYroszqwbInTi2R_wDNnS3Z8MSWf6-F27ABNKZoM-xA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfbs9kCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcDEPQ70ggJCIDhgHAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTE4NTMxMDk0OTA1MDk3MjQ&sigh=NEKHyATI2zY&template_id=3484&tpd=AGWhJmtMlAqYhhB8jOmn_UOFDKJSoFP0N7wLVATq0YCkhn1b5w

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Feb 2021 12:33:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 23 Feb 2021 12:33:24 GMT

GET
H3-Q050

206

videoplayback
r6---sn-4g5e6ney.gvt1.com/ Frame F1D5
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=24f6985fef8ed72e&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1614090804&sparams=ip,ipbits,expire,id,...
https://r6---sn-4g5e6ney.gvt1.com/videoplayback?id=24f6985fef8ed72e&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1614090804&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

29ms
7ms

Media
video/mp4

2a00:1450:4001:4e::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r6---sn-4g5e6ney.gvt1.com/videoplayback?id=24f6985fef8ed72e&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1614090804&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=2B283FD4CD8F48FE9FAE1F2BB0918CF006B77EBC.4D767DCAEE3B451221915BDCE077867D36EE4E83&key=cms1&cms_redirect=yes&mh=t7&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5e6ney&ms=nvh&mt=1614083183&mv=u&mvi=6&pl=41

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4e::c Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

431a4a467feb1638ab8f8368b9157b31d265d1ef3c24ee6f7b1aba0c1e1deb67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Feb 2021 14:00:24 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1137900/1137901
client-protocol: quic
cache-control: private, max-age=6900
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1137901
expires: Tue, 23 Feb 2021 12:33:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:24 GMT
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r6---sn-4g5e6ney.gvt1.com/videoplayback?id=24f6985fef8ed72e&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1614090804&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=2B283FD4CD8F48FE9FAE1F2BB0918CF006B77EBC.4D767DCAEE3B451221915BDCE077867D36EE4E83&key=cms1&cms_redirect=yes&mh=t7&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5e6ney&ms=nvh&mt=1614083183&mv=u&mvi=6&pl=41
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 707
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F1D5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4538eb84e59213e834ceacd4729e8638abe01267cb1edf0f61a2081525468b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLV154tzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame F1D5 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLV154tzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2450051accce49d05e42271d291ab239765c9088b041bb396344bd796e91ecdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 16:19:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:22 GMT
server: sffe
age: 72842
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14552
x-xss-protection: 0
expires: Tue, 22 Feb 2022 16:19:22 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame F1D5 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 15:30:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 162150
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Mon, 21 Feb 2022 15:30:54 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame AC91 3 KB
607 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 11:03:02 GMT
server: ESF
date: Tue, 23 Feb 2021 12:33:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Feb 2021 12:33:24 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/ Frame AC91 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 11:37:20 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210217/r20110914/ Frame AC91 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210217/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a14ec3d2ddeec740f9f0cc1dc80d0e1a6938d272d1543ce2d9e685e76c21676c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7376
x-xss-protection: 0
server: cafe
etag: 7660940562410829306
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 11:36:12 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/ Frame AC91 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 11:30:58 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC91 107 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613997191106504"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Tue, 23 Feb 2021 12:33:24 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/ Frame AC91 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 11:32:27 GMT

GET
H3-Q050 200 fa9f376fb382443f5f015f3a0c3dfed2.js Show response
www.gstatic.com/mysidia/ Frame AC91 25 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa9f376fb382443f5f015f3a0c3dfed2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49b02fc1286f940cce0e398d850753f00338dbb321a51e2aadf996223c9c7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 13:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 19:50:48 GMT
server: sffe
age: 84412
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10802
x-xss-protection: 0
expires: Sun, 23 May 2021 13:06:32 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/504128565416840992/ Frame AC91 17 KB
17 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/504128565416840992/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1956925d5647d9e3cef3c7fdef302fab09b15e7a27531b07a480926d96b2d039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:29 GMT
x-content-type-options: nosniff
age: 406315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17328
x-xss-protection: 0
last-modified: Mon, 10 Aug 2020 15:25:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 19:41:29 GMT

GET
DATA 200
OK truncated
/ Frame AC91 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame AC91 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzX__E_Y0YNH1M6zJ7_UP7PK5oAObsrGLYd2Oj9D7C6m_woSKGxABIMP7ygNglQKgAfTazJkDyAEJqQJGTs_qSmq0PqgDAcgDywSqBMABT9ANbdG4kUIiGykCaf65-DWpwojOaj9H2edmF2-B3lxVktq0JFGxRdJoD6qgmLdc3W3eYkyVq9MDWA5FKORNniMY_VCqJgJi3gw-u4p3lNEA-rqPUPGH6Q-X4nGo18QxWd-V0lIK0LrfuFi5BKLcS9lplc6eIXe5tIqu_THyyAeK5kGccLm3HAAN4bJ0cGDZySjwbtqhco3SOj0MT73tgzGXQR-C4d8tUpaUp4lDO3F7awRADhgcoCrzveazRzfFwAT9_r-IiQOSBQQIBBgBkgUECAUYBKAGLoAH9KSzZqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC9nQHSCAkIgOGAcBABGB-ACgHICwHYEwyIFAKyFxoKGAgAEhRwdWItMTg1MzEwOTQ5MDUwOTcyNA&sigh=IwJkzkU3yXY&template_id=5000&tpd=AGWhJmv6Ii6hVSnerthvFgG3oVRChI_TDVg2zMPBf47eeKbg6g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 23 Feb 2021 12:33:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame F1D5 0
45 B 183ms
172ms Other
image/gif 2607:f8b0:4000:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~klhzpbt5&c=4673982194854&slotId=2336991097427&qqid=COK04v6BgO8CFfbiuwgdtEUItQ&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F036ed6d195d183f62bf6dc091e1ce5d0.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9c6f8fdba92d58c2e55316f9ac422a07.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:812::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F1D5 0
45 B 183ms
172ms Other
image/gif 2607:f8b0:4000:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~klhzpbzx&c=4673982194854&slotId=2336991097427&qqid=COK04v6BgO8CFfbiuwgdtEUItQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F9c6f8fdba92d58c2e55316f9ac422a07.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9c6f8fdba92d58c2e55316f9ac422a07.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:812::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F1D5 0
54 B 182ms
172ms Other
image/gif 2607:f8b0:4000:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~klhzpbzx&c=4673982194854&slotId=2336991097427&qqid=COK04v6BgO8CFfbiuwgdtEUItQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffa9f376fb382443f5f015f3a0c3dfed2.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9c6f8fdba92d58c2e55316f9ac422a07.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4000:812::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame AC91 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 017f9d567d327b5d20f4a2e10c5c4f064910ca6c8bc097bb43301660ce031db2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AC91 14 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 16:26:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 72409
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Tue, 22 Feb 2022 16:26:35 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AC91 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 15:30:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 162150
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Mon, 21 Feb 2022 15:30:54 GMT

GET
H3-Q050 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F1D5 42 B
98 B 31ms
31ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrcaIE_Y0YKLfNPbF7_UPtIuhqAv87cCkYe_s98udDZWfi6LrChABIMP7ygNglQKgAY3Mpv0DyAEJqQJGTs_qSmq0PqgDAcgDywSqBLwBT9AZkFr1CEYWsUdCUItc6S4MquLxigP3zTh9MExBcYk6I0TF4KbeB7RZsqrxFkWk5t8i0h2KIMxpD_n0JnfBVy4N0PcvP5MFvCNQabs1qCkxgW_JC8Oqa3LDnoUbOkhmPFJHTVrcW9B6kekK_ugEKndMoj78BBKvk48j9JHyCAY14pfew0jWSF3_lo5hW-kG3yZhu300VeSLVfqo7UMbRwHYroszqwaKnzUk2jqmCa4SL37CFUlGHnU50pzABNKZoM-xA6AGLoAH27PZAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHANIICQiA4YBwEAEYH7EJzMuCvakLwe6ACgGYCwHICwGADAG4DAHYEw0&sigh=_AOKHK6_H2g&cid=CAQSGwCNIrLMmo2ELlgOeHo6w6w2ToLuUabr8YUbRw&label=adresume

Requested by

Host: www.payroll-plaza.com
URL: https://www.payroll-plaza.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 64ms
51ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210217&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb0a561c5649c8caba623d66373e2a43be93148d4f7c71d4b71c9e669be4081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Feb 2021 12:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6423
x-xss-protection: 0

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 45F5 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 4609
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Wed, 23 Feb 2022 11:16:35 GMT

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7753 14 KB
6 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 4609
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Wed, 23 Feb 2022 11:16:35 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 23 Feb 2021 12:33:24 GMT

GET
H3-Q050 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F1D5 42 B
211 B 31ms
31ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame DA5D 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.payroll-plaza.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.payroll-plaza.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 23 Feb 2021 10:44:30 GMT
expires: Wed, 23 Feb 2022 10:44:30 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6534
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame DA5D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 4609
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Wed, 23 Feb 2022 11:16:35 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
82 B 47ms
47ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210217&jk=2254617939208596&bg=!ammlaSrNAAXB_3NtwTsAKQB2-Dxa9w_xSL7jC4PcxbxN3Ty7qFKxZWR7Nta9k6T9DceP96j9fcUdAgAAAMNSAAAAFWgBBwoBklTUEzv7vs2LRCui2PqzMdzg53Vamh1tPhMjqCUCsBYusQgrC61M59BjJsDpCHKXwaXqfiApofjrlZdZOUWGjBkaQch9mZ0FU6trPoSGaM09Jaz8PGi1p1bMNA2gOAfscLZGR-HOGrUIKuKPKNh_0smyP0DkyiCaeKzn3TXGLlTEAEca1iTOeH0Qtfw1e659piJT1lphNVMXn4QnPGOYJUORwswxQTeswcJYJbzDgfHZUPRK1rJr5BaB4wZ96IM73dgOFoX0jxSQISiFGTektrsMZwPzHfYbiGEIZWObvYnI72Ppad_izF1xVJZ1x8JCkgWJXXWL0FL4omiiEoOZ4_rpcQPvRCbdOPx215sro2S47g48xcFXc3F8gl9JG3gQrY1Vsm1DmkRjrIC04t6-oW5Ktuv9AEzd6ObEEo2-PujG3A8Z8UoWF0dTjIGVlkX-w1d7v0YfEzzVSM3B2VvKTCeOWkQD1jUWUsg6pSlu14OvHPDjYfSNBIVwIQ90Nn4bsR9zmOPe5_X1za1XonVeg1uOd5kB6sYb0CTNcTArMt_ZVLjwZsiaOh5wKsWZBoLpEyauQQ2pq2KS-rl5PdRNu4tfLjeR-5XvNE0ZIWdWdHZMeeQqtBYKRN_QHla37Nj3sCd1fiDlZ-dVBHhQoAoB-Hn43JkXCCF7kjtlT3pB79x0sd6oWl-giDzelxG9dMsWxC6wMusjv-iYdveH-7c1xIdj9R6FRu8FQpA9L5hhhOsPIyUj01NJyjvMNOoYgPHBmjHQ29Lzyq-xs3NiyxB4208W_Y1qqFHbxODbirZh48yIfIWkre7jIDTmV5swj0uAANbkOz0ATBqSA5PrTBjaBT-5JA7xLQsO_Wih5dJH1W5nMibw4UlsXyq9ehp8AgvICpi5L2z70waBxyrgrDY2QE5eMaZmwXPskemSPHDE8PEwuxSfi6ScK9WublteWhiSiZ11gV1zPeIZdBcYrvAM7LRrvt1jF1cwLDD7DdVPURAx69j1Fe_ts_VNGHLRsZtQBgoingMz-AtVlLk9k340MuNG0H_d8ZcP91oP9_q-pxtleCSqPUoIRM4MR60PaSpwTQKRCdcAPAJKItJgxLEeMTYqXWE4IgAxlQxhzYmaZY3C3Hpnlj8ynBZmtKtIa3dND6hT9Uhw515RALqVyng_5fnSDm5CT2yd88G2aux2T1k

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payroll-plaza.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F1D5 42 B
155 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuV0UmbPzaVz-W1S77dEBiID4qdYjcWfHAPfH2uz8UA6jX57MYTnpuMTHSnadMVd7zQW812kJqPEE7IRznXI_PbsLyTossMG5KWoqB5fnJUxRvQZKbdMzAM3HNBZA&sai=AMfl-YRwEFehuBx1-qNLZ8ypSdYqu0p4TBiFiuF4GaKMrDkdakjLu1w4_GqSWBDTqMFqYmu4_qDR_q4k2MBY&sig=Cg0ArKJSzEuYGZQZUe1-EAE&id=osdim&mcvt=1001&p=176,978,426,1278&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210222&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=922206161&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614083603835&dlt=331&rpt=61&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AC91 42 B
66 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi0OEOWuyfiZRe55yY2rrd6L2osojLJFlQrv-dfdPL7HIfUQELMEwyjFrAGl0qkSRzaCuwFI96ozV7wR8hkUW5hpsJ6ZDzKOzgJf1Ptyb0G7o1rHv-cnV0jgaB7Q&sai=AMfl-YSzIN2Gt_7j8byTUdv98bhlpWt7bOKza7FAJ4zCFVY7DQtcwhK-4GreUzZATWh75u1ImlvDnFBCpwfJ&sig=Cg0ArKJSzLfS1_teaxxIEAE&id=osdim&mcvt=1006&p=858,346,1138,944&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210222&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3054380609&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614083603823&dlt=447&rpt=65&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=280&slotname=8836401023&adk=3054380609&adf=2392892090&pi=t.ma~as.8836401023&w=598&fwrn=4&fwrnh=100&lmt=1614065700&rafmt=1&psa=0&format=598x280&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614083603719&bpp=6&bdt=246&idt=92&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6Ze95HMwaV&p=https%3A//www.payroll-plaza.com&dtd=99
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 csi
csi.gstatic.com/ Frame F1D5 0
318 B 395ms
137ms Other
image/gif 2607:f8b0:4000:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~klhzpbzx&c=4673982194854&slotId=2336991097427&qqid=COK04v6BgO8CFfbiuwgdtEUItQ&dm=25000&event_name=first_play&asset_bytes=97328&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=12&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9c6f8fdba92d58c2e55316f9ac422a07.js?tag=video_mra/web_raspberry
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4000:812::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F1D5 42 B
234 B 30ms
30ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F1D5 42 B
248 B 31ms
30ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1853109490509724&output=html&h=250&slotname=0606576913&adk=922206161&adf=3396040613&pi=t.ma~as.0606576913&w=300&lmt=1614065700&psa=0&format=300x250&url=https%3A%2F%2Fwww.payroll-plaza.com%2F&flash=0&wgl=1&dt=1614083603725&bpp=2&bdt=252&idt=101&shv=r20210217&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C598x280&nras=1&correlator=6609267462776&frm=20&pv=1&ga_vid=1397042670.1614083604&ga_sid=1614083604&ga_hid=1225241945&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44736377%2C44736524%2C182982200%2C21068769%2C21068893%2C31060108&oid=3&pvsid=2254617939208596&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IkvhVsWrCA&p=https%3A//www.payroll-plaza.com&dtd=108
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 12:33:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Droid+Sans

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Oswald

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.payroll-plaza.com/	1970-01-20 01:42:59	Name: __gads Value: ID=06ebdb7ae5220bbf-229064b88fba003a:T=1614083603:RT=1614083603:S=ALNI_MYEG6c3xPX2X15IDHIGb7vD_vSXxA
.payroll-plaza.com/	1970-01-19 16:21:23	Name: _gat_gtag_UA_3446495_52 Value: 1
.payroll-plaza.com/	1970-01-19 16:22:50	Name: _gid Value: GA1.2.915455042.1614083604
.doubleclick.net/	1970-01-20 01:42:59	Name: IDE Value: AHWqTUmOGaO_4Ka9NX3tt0YTpjNQl625PsdQpI8Q89im3Xi_SC3B3IJrwybMti0L
.payroll-plaza.com/	1970-01-20 09:52:35	Name: _ga Value: GA1.2.1397042670.1614083604

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.payroll-plaza.com/wp-content/cache/autoptimize/js/autoptimize_d5ea41cb1fb091d3d30e54941f509cb5.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.shortpixel.ai
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
r6---sn-4g5e6ney.gvt1.com
redirector.gvt1.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.payroll-plaza.com
fonts.googleapis.com
142.250.185.162
151.139.128.11
2607:f8b0:4000:812::2003
2a00:1450:4001:4e::c
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a06:2ec0:1::106
016a22a7363ca79a1d5c6064b8583f0da4f19ba826e0cf618963387478ad7579
017f9d567d327b5d20f4a2e10c5c4f064910ca6c8bc097bb43301660ce031db2
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
085781910c8cfe8a8ff724f58d3ca9536c049a802cf4d4f2931b19a190dbc429
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
18198a1345d070b6fc8cba68e838b1f8f048aaaea2803a8d6aad83ef04ede94d
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88
1956925d5647d9e3cef3c7fdef302fab09b15e7a27531b07a480926d96b2d039
1ce6fe3409c0243e920a85079631bb79ee795fccffaa1d26a09c34d1ac67ea53
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
2450051accce49d05e42271d291ab239765c9088b041bb396344bd796e91ecdf
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
3b18b8fa01f70fed0c7769af9e4da06371e76eb5c39c74b8ff94b32631f8a6ec
3fe4cce344f8948985441372bfc6fa14755dbd359c55818a6f45aa5c0a0d7867
4088af1ec49a323f1255eb1bc4aa87f29b6a6e3f1b688d228c69e854e035173c
431a4a467feb1638ab8f8368b9157b31d265d1ef3c24ee6f7b1aba0c1e1deb67
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
516cedc1ce9a14eb2e6a968bf58ce3afb282bac969bdb9a9f752cf49e1f48261
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6b1614702e395fef3a85dabdfbed0fa6ba39d52a8244ae2f5916a838ce4beac1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70ae869f88c74a6b3dfd4a4d020814b4add4c100758e04b95d2a0fb2c6f575aa
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
790bc91f5efb42aee84edd0db4261064c9e94c69baf54ed70c19df7effde84ba
7f09a507a90edd7d0e73c40f24ce47217ac75739206d45abfddfbb5a01cdd169
81497920787d2a5e5e02651973203c363db7191674d48c20726273214a90caab
82a219e4ddad1b8698877926842a4719da4449e8cb39e352398f77c8fc16ee3f
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd
91f4f1aa2437cf886a484ac410eab84dfe059d24ec6249c52f50509e756b730c
972c4c354ee564f99aca251b52ed094ca20573f86380edb115eaba11c5c59fe5
9e73a193497676b5feb4eacf9fb67966f6aa593abd9d3c1bcd60f0c8a3a45292
a14ec3d2ddeec740f9f0cc1dc80d0e1a6938d272d1543ce2d9e685e76c21676c
a7a4b2aa81c43b7b98b688669a3286d035872cfd670c0c03f1a2e51ce8a0a5d0
b49b02fc1286f940cce0e398d850753f00338dbb321a51e2aadf996223c9c7e9
bb096f5b4bf02bec131c5f779100e6e9236a0fb7220e3b74dbb46bbcbfd1dd05
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
be24c5f0222eeb62eb18109b5aa43054340e74a610725bbaf64c3d29b68ce71c
c0c093ce0e0daa2c82abc8eb385a89539ed30b8dd65f5c15255d342eea8b54ea
c143612bb5f7e001beb71f7143bbebb2a41ab0e533c3843180805a68a49c733b
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
d302df5e44565d5bfa732c37665892cde6f8cc64a1c79406e0975ffa130e027c
d4538eb84e59213e834ceacd4729e8638abe01267cb1edf0f61a2081525468b0
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9a02d07bf1aee343d9a1f3506c781f8843ab34adc7ac842e1bcd971f35909b1
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dbb0a561c5649c8caba623d66373e2a43be93148d4f7c71d4b71c9e669be4081
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
ea7176639a3862e1a0f849c798199f5ccd37ad4ee963edaea635bc91a619c6ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd
f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8
f403921a9e60c89ed86108fe780536e6ea12e4423ab3882b30c81172fb5ef7e6
f793dfd46dbb2e9ccbadda56781c3be33f9524c6a1e494ad944604402eac77fe

www.payroll-plaza.com Open in urlscan Pro 2a06:2ec0:1::106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

85 Requests

98 %HTTPS

88 %IPv6

13 Domains

17 Subdomains

17 IPs

3 Countries

1904 kBTransfer

2951 kBSize

5 Cookies

2 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.payroll-plaza.com Open in urlscan Pro
2a06:2ec0:1::106 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

98 %
HTTPS

88 %
IPv6

13
Domains

17
Subdomains

17
IPs

3
Countries

1904 kB
Transfer

2951 kB
Size

5
Cookies

85 HTTP transactions
4 data transactions