urlscan.io logo urlscan.io
SecurityTrails logo

newstoolbar.org Open in urlscan Pro
104.152.110.43  Public Scan

Go To Rescan Add Verdict Report
URL: https://newstoolbar.org/paycom-employee-login/
Submission: On February 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 2 countries across 13 domains to perform 147 HTTP transactions. The main IP is 104.152.110.43, located in United States and belongs to INMOTION - InMotion Hosting, Inc., US. The main domain is newstoolbar.org.
TLS certificate: Issued by R13 on January 21st 2026. Valid for: 3 months.
This is the only time newstoolbar.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 104.152.110.43 22611 (INMOTION)
4 172.253.63.97 15169 (GOOGLE)
26 172.253.115.155 15169 (GOOGLE)
2 172.66.169.241 13335 (CLOUDFLAR...)
2 172.253.62.138 15169 (GOOGLE)
10 34.54.226.84 396982 (GOOGLE-CL...)
14 142.250.31.132 15169 (GOOGLE)
13 35.209.233.198 15169 (GOOGLE)
5 34.111.60.239 396982 (GOOGLE-CL...)
23 172.253.115.156 15169 (GOOGLE)
1 23.48.8.28 16625 (AKAMAI-AS)
5 23.222.200.28 16625 (AKAMAI-AS)
11 35.208.249.213 15169 (GOOGLE)
2 2 192.178.155.157 15169 (GOOGLE)
2 35.227.244.76 396982 (GOOGLE-CL...)
2 13.107.246.40 8075 (MICROSOFT...)
1 34.160.55.127 396982 (GOOGLE-CL...)
2 142.251.16.156 15169 (GOOGLE)
1 23.55.176.229 20940 (AKAMAI-AS...)
3 142.251.167.132 15169 (GOOGLE)
1 172.253.115.104 15169 (GOOGLE)
147 21
20    104.152.110.43 (United States)

ASN22611 (INMOTION - InMotion Hosting, Inc., US)
PTR: secure.surveyline.org
newstoolbar.org
4    172.253.63.97 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
26    172.253.115.155 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bg-in-f155.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    172.66.169.241 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
secure.statcounter.com
c.statcounter.com
2    172.253.62.138 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bc-in-f138.1e100.net
www.google-analytics.com
10    34.54.226.84 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 84.226.54.34.bc.googleusercontent.com
static.admaster.cc
14    142.250.31.132 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bj-in-f132.1e100.net
tpc.googlesyndication.com
13    35.209.233.198 (Council Bluffs, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 198.233.209.35.bc.googleusercontent.com
tracenep.admaster.cc
5    34.111.60.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 239.60.111.34.bc.googleusercontent.com
imagesnep.admaster.cc
23    172.253.115.156 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bg-in-f156.1e100.net
pagead2.googlesyndication.com
1    23.48.8.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-48-8-28.deploy.static.akamaitechnologies.com
contextual.media.net
5    23.222.200.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-222-200-28.deploy.static.akamaitechnologies.com
hbx.media.net
lg3.media.net
hblg.media.net
11    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtracenep.admaster.cc
2    192.178.155.157 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: yuiadrs-in-f157.1e100.net
cm.g.doubleclick.net
2    35.227.244.76 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 76.244.227.35.bc.googleusercontent.com
cs.media.net
2    13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
scripts.clarity.ms
msadsscale.microsoft.com
1    34.160.55.127 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 127.55.160.34.bc.googleusercontent.com
akl-navvy.media.net
2    142.251.16.156 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bl-in-f156.1e100.net
ep1.adtrafficquality.google
1    23.55.176.229 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-55-176-229.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
3    142.251.167.132 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ww-in-f132.1e100.net
ep2.adtrafficquality.google
1    172.253.115.104 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bg-in-f104.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 212
468 KB
39 admaster.cc
static.admaster.cc — Cisco Umbrella Rank: 5666
tracenep.admaster.cc — Cisco Umbrella Rank: 6043
imagesnep.admaster.cc — Cisco Umbrella Rank: 5706
gtracenep.admaster.cc — Cisco Umbrella Rank: 3002
29 KB
20 newstoolbar.org
newstoolbar.org
163 KB
15 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
cm.g.doubleclick.net — Cisco Umbrella Rank: 290
122 KB
9 media.net
contextual.media.net — Cisco Umbrella Rank: 1334
hbx.media.net — Cisco Umbrella Rank: 1057
lg3.media.net — Cisco Umbrella Rank: 9164
hblg.media.net — Cisco Umbrella Rank: 1816
cs.media.net — Cisco Umbrella Rank: 768
akl-navvy.media.net — Cisco Umbrella Rank: 14678
51 KB
5 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 355
ep2.adtrafficquality.google — Cisco Umbrella Rank: 367
26 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
516 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
21 KB
2 statcounter.com
secure.statcounter.com — Cisco Umbrella Rank: 37644
c.statcounter.com — Cisco Umbrella Rank: 15191
17 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
568 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2029
1 microsoft.com
msadsscale.microsoft.com — Cisco Umbrella Rank: 13058
23 KB
1 clarity.ms
scripts.clarity.ms — Cisco Umbrella Rank: 777
26 KB
147 13
Domain Requested by
36 pagead2.googlesyndication.com newstoolbar.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
ep2.adtrafficquality.google
20 newstoolbar.org 1 redirects newstoolbar.org
14 tpc.googlesyndication.com googleads.g.doubleclick.net
newstoolbar.org
13 tracenep.admaster.cc googleads.g.doubleclick.net
newstoolbar.org
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
newstoolbar.org
11 gtracenep.admaster.cc static.admaster.cc
googleads.g.doubleclick.net
10 static.admaster.cc googleads.g.doubleclick.net
newstoolbar.org
5 imagesnep.admaster.cc googleads.g.doubleclick.net
newstoolbar.org
4 www.googletagmanager.com newstoolbar.org
www.googletagmanager.com
3 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 ep1.adtrafficquality.google pagead2.googlesyndication.com
2 cs.media.net hbx.media.net
2 cm.g.doubleclick.net 2 redirects
2 hblg.media.net googleads.g.doubleclick.net
newstoolbar.org
2 lg3.media.net googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
1 www.google.com ep2.adtrafficquality.google
1 qsearch-a.akamaihd.net newstoolbar.org
1 akl-navvy.media.net contextual.media.net
1 msadsscale.microsoft.com googleads.g.doubleclick.net
1 scripts.clarity.ms googleads.g.doubleclick.net
1 hbx.media.net newstoolbar.org
1 contextual.media.net newstoolbar.org
1 c.statcounter.com secure.statcounter.com
1 secure.statcounter.com newstoolbar.org
147 25
Subject Issuer Validity Valid
cpcalendars.newstoolbar.org
R13		 2026-01-21 -
2026-04-21		 3 months crt.sh
*.google-analytics.com
WR2		 2026-01-19 -
2026-04-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2026-01-19 -
2026-04-13		 3 months crt.sh
statcounter.com
Cloudflare TLS Issuing ECC CA 3		 2026-01-31 -
2026-05-01		 3 months crt.sh
static.admaster.cc
WR3		 2026-01-30 -
2026-04-30		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2026-01-19 -
2026-04-13		 3 months crt.sh
tracenep.admaster.cc
WR3		 2026-01-01 -
2026-04-01		 3 months crt.sh
imagesnep.admaster.cc
WR3		 2026-01-07 -
2026-04-07		 3 months crt.sh
*.media.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-08-24 -
2026-08-25		 a year crt.sh
scripts.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2025-07-29 -
2026-04-14		 9 months crt.sh
msadsscale.microsoft.com
GeoTrust TLS RSA CA G1		 2025-12-21 -
2026-06-21		 6 months crt.sh
adtrafficquality.google
WR2		 2026-01-19 -
2026-04-13		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2025-03-18 -
2026-03-18		 a year crt.sh
*.google.com
WR2		 2026-01-19 -
2026-04-13		 3 months crt.sh

This page contains 22 frames:

Primary Page: https://newstoolbar.org/paycom-employee-login/
Frame ID: B682C0489E263C93BF980133D73983C6
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Frame ID: 2442C94F66B90B39510816E344E91F20
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&adk=1812271804&adf=3025194257&lmt=1770574336&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32%2C43%3A32&format=0x0&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&pra=5&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336727&bpp=9&bdt=521&idt=131&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4293887534887&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=1&uci=a!1&fsb=1&dtd=175
Frame ID: 837EAE9586E4F2DC435BDAE29D32B3B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Frame ID: 98F389EC5347243003C00B21AB232AA7
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Frame ID: 1A73A7DB248696737E90AACA27B7BEB7
Requests: 16 HTTP requests in this frame

Frame: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Frame ID: 8E423FEFE1758A0218B3441953DEF271
Requests: 2 HTTP requests in this frame

Frame: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Frame ID: 28BC7B982D28C4A68BBDF7A11B0F0A90
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Frame ID: B3D0BE92B434B197530BBDA574A57EE8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Frame ID: DB4CC816F4F73DF4F699AF6E9961CE53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Frame ID: 53D8478CE251D2AED6975E692EBA8AB4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Frame ID: 70F61CB06BA343D5824DCF2C5D7EFE47
Requests: 1 HTTP requests in this frame

Frame: https://static.admaster.cc/js/template/style/style_banner_704028.css
Frame ID: D3E2C7B8AC35856AC38E2D71532DAF84
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3889&%2AJ=M33V43%28ll3M%28%28h%283V4M&7JW=WK43URWKYvMK%28Y%284WWYKe~3YWl%28eKUQhKM~~&7r~v=7BQ&88ked%21%2AQd=%25%25%3Fmq_COCnG1C.g%3AYM%3A4%25%25&88rW=%7B%2288ee%22%3A%226Z%22%2C%2288eHz%22%3A%22eA~dr7HHQ%22%2C%2288JX%22%3A%22MRUPM%28%28PUVPV%22%2C%22888e%22%3A%22gn%22%7D&8HXJW=&8J-Q=M0VI0VV&8KWdCW=MR0&8e=gn&98XQBv=V&9pW=%28&AHHX8=M&BH%2A=V&BkQdd=M&EW=&Eadv=&E~HKJW=YMVU&E~HXdQ=M&E~e7JBH788=Hd9Q&H8eQ=SMMl%28&J8JW=4&KJW=l3%28R4l&KQ=V&KWdCW=%280V&K~Q=M33V43%28ll3sM33V43%28Rl3s0VV&QedJW=M3VVVRVVVMVRMRVVM0VV0VVVVV%28V%28VV&WQekkk=KK%3DM%21M%7CAd%3DV%7CWrp%3DQB%7Cerp%3DQB%7CKe~H%3Di7%2CM0Q%7Ce8A%3DM&XJW=hN.DUMl.M&a8AX=V&ar8HX=V&dQw9dr=AHHX8%3A%2F%2FBQa8H77rK~dP7dp%2FX~ze7kYQkXr7zQQYr7pJB&eABkU=&eABkl=&eHXJW=&eJW=hn6_C31l6&eQIXJW=&eW%2A=.U3l0&edJW=4l0M4U%28lV&ee=6Z&htmlsrc=1&k8X~=V&kkdd=AW%7Cu%7Cn39H%2AA&pWXd=V&pWXdeB8H=&rUHzXQ=aQ~%2AQd&tpid=TQD1S9E&zKB%21ee%21QIX=V&zW8Xd=M&zXrX=M&~W%2A=ZJkJr~d+ZQ~deA&~W7k~JB=AHHX8%3A%2F%2F8JkJr~d8Q~deAPBQH&~WHM=hn6MZFj%28l&~WHU=ll30RM4lh&~Xn9=&~eH=NuCGp~uu9%2FuwldpBQp9g~g%28Q%28wu~-lvpwwp&eobd=4YrCvRaaBNR%2FadaCezBHNr_CzBM9d%20hyCzBP5b%2FhyCz.e_B%20jFPvaSHar%2Fd4YCeqrBhP4Har%2FdMCq.enBYPydMCe.reB4%20YCv%20B%2FDbCz%2Cz%2CieBYPydaCrzBHar%2Fd4YCrzrUzrzseUzzBNR%2FadMCe___.__BR%2Fadjx%20CzB4jYCD4JNkjdeserrWesznByvdMb9dMPP4jCz.qWB%20jFHar%2Fd4YCesUBNhCnJQS5mBkMMCeUBM9dNyCrqB%2FNNhRDCX%2CXB%2F%20CeB%2Fh4d4YCrzrUzrzseXB%2FDYHCz.zzz%2CzBR%2FadMCz.UXBHar%2FdR%2FadMCzBR%2FadaCezB4aHCes.znB5%20DjC_zzne_BMMCeqUBb%2FhyCz.e_BHar%2FdR%2Fadx%20Cz8zB44YH%2FCsnX.nUBh4Nd%20CeW%2Ce_%2Cz%2Cz%2Cz%2Cz%2Cz%2Cz%2CrBh4NdYCqzzB%2FxbCz%2Cz%2CieBDnhdMCX.Ur%2CXr.sUB4YCzB%2FdJ%2FdMC_ze.W%2CzBRNYC%2FWuKWQFWLu%7CnkfNKKNB%20Har%2FdMCr.q_BMjYCenreqnXsXXezns_esqznrUWqsr_zsqrsUWUqzzsU_qn_UWWzWUzqUn_eqUUX_WXrXUr_nqWzWsWUrrUUenqrenq_nX_eqqense_XsesqUe_Xzns_sWsWsXe_qesrren_sX_WeUUeXn_ssqe_sWsUXnUWzqrrXXXsBRNyCzBDhhdvCvPvdDhhBH%2FdR%2FadMC_Wn.qeBP5YrhdMCz.qWBMR5YCXB44CcgB%20%20CVlBRNJCieB%20bCzB%2F%20HCrU.WrBLuCn_WWBxMdR%20CirBvj4CrBDMyCeB%20jC%209D%2FaPjjbBD55d4jP%2Fbd4YCBMD4N4rCeqUB~M%20CeBMYjCeWWz_WXnnWBMD4N4eCeqUBY%20CsBHar%2FdMCX.UUBM9d4YCrzrUzrzszrBjjCsqqBY4YH%2FC_WX.zXBb4jCzBHJdbF%20Cz.sqBHN4d4YCerXWzBM9d%20PCzBadMNYYb%2FdNYCXUzBY%20rCeBHdD4vCqzzqBMY%2FdNvj%2Fh%2FbjdMCiezzzBMdka%2FCz.zeBMY%2FdNvj%2Fh%2Fbjd4YCBY4H%2FC_WX.zXBaD4jCB%20HP5CzBHN4dR%2FadMCz._WBHar%2FdNd4YCrzrUzrzseUzzBHN4dR%2FadaCezBx%20r_CzBbjCesBRayd4YCBHar%2FdNdMCz.zeBNhdMx%2FCederB%2Fbkd%2FCcBHN4dMCWUq.s_BHar%2FdR%2FadHNCe8ieUBR%2FadjHNCzBD55d4jP%2FbdMCeBYD%2FH%2FC_WX.zXBHHCzB%20Har%2Fd4YCer_rzBar%2FdMCezzzBbFd4CrBJ%2FdMCX.UU%2CzB%2FDYhCz.zzz%2CzB4NYC_nUe_rXnzB%20jFHar%2FdMCiezzzBHJRCz.sqBYrhdaCXzB%20HarCr.q_Bnh%20kCezzzBP5dy49Cz.e_BYyyd4j%2F5ChNvvD%20abBYrhdMCz.qWB%2Fh4dMCXr.sUB%2FxJhCz.zzz%2CzBvjShbCeBbFh4%20P%2FbCieB%2FxJYCz.zzz%2CzBhP4Har%2Fd4YCeqsBN47bkCzBN4NkCzB%20jFPvaSHar%2FdMCiezzzBMNYCz.e_B%20MYhCz.zWnBNjShbdNYCeWBNjShbdPHb%2F%2FNYbCgQ%7CB4baab%2FdjD5dNYCD4JNkjdeserrWesznB4RhhaSdjD5dNYCeserrWesznBYbjb%20jbYdjD5dNYCD4JNkjdeserrWesznB%20daDv5CbvBHNbJDMNaNjSCz.sqBhP4CUBD%20djShbCeBDYMaxCeserrWesznBDyhCeB%20D%2F%2FNb%2FuYCzBP5MNYCz.e_zzzzBMka%2FCz.zezB4RNYCBYj%20CbD4jd4%20BN4dP%2FjMCeBYyydb%2FhyCkDa4bBYyyChNvvD%20abBMYh%20DhYCzBYDa5C9SM%2FNYB4PMhCBFNYCgQ%7CihRMiUXqXqsWsW__znXqWB9jyaCeBDYdhP4C%7B%22j%22%3Ae%2C%22h%22%3AX%7DBYyydYrsCzizBh%2FbYN%20jbYdJ%2FCXz.zzBY%20RjC_zBYP5MCzieBYb%2FhCz.e_zzBYDa5C9SM%2FNYBb%20hdR4bYC~qzBb%20hdHb%2FCYvdedHnXBb%20hdhz_Cz.zrBb%20hdhezCz.zrBb%20hdhe_Cz.zrBb%20hdhrzCz.znBb%20hdhr_Cz.zXBb%20hdhnzCz.z_Bb%20hdhn_Cz.zUBb%20hdhXzCz.zWBb%20hdhX_Cz.zsBb%20hdh_zCz.zqBb%20hdh__Cz.ezBb%20hdhUzCz.eeBb%20hdhU_Cz.eeBb%20hdhWzCz.erBb%20hdhW_Cz.erBb%20hdhszCz.enBb%20hdhs_Cz.eXBb%20hdhqzCz.eXBb%20hdhq_Cz.eUBb%20hdhqqCz.eUBYyyd4kyCeWdXUzBHM%2FCDyd%2FPJd4sBBNM%20CeBv4ICrBj54CerzFUzz%3DeUzFUzzBjyFCrqnByFMxjCzByF9y4CXsByF9ybCzBkhR%2Fb~Ce&eoac=n%20kzXXzMqnqUrDYMXzMnqDqDUnUY%20zzD&eoch=hNvvD%20ab&ure=1
Frame ID: 436B3079340425D2A26031ED58F929DA
Requests: 8 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C202%2C20000%2C313%2C655%2C229%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&dn=newstoolbar.org
Frame ID: 4F2867BFF96E77C235F0436D9841990E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/window_focus_fy2021.js
Frame ID: CAC19FCF37F9BB0117B8C45EEB493F64
Requests: 13 HTTP requests in this frame

Frame: https://static.admaster.cc/js/template/style/style_banner_162552.css
Frame ID: B953E8F1A28126547F25DDCD4DB81887
Requests: 16 HTTP requests in this frame

Frame: https://static.admaster.cc/js/template/style/style_banner_6bba5b.css
Frame ID: D5F14DDCA28E5DC500BCA26B7316F1D4
Requests: 16 HTTP requests in this frame

Frame: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Frame ID: E4B7E618BF12FDDAE73156F272E9A4DF
Requests: 2 HTTP requests in this frame

Frame: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Frame ID: 1A46D6F9EF24615B3C070A7165723DC4
Requests: 2 HTTP requests in this frame

Frame: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Frame ID: E98A766C9C76AAE19EF598D3ACF372BB
Requests: 2 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 7BF6E5E418FF055DA60D2866DA307292
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7B3A38DA8811197C3C6B1EDD2D1358A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

paycom.com - Paycom Employee Login

Page URL History Show full URLs

  1. https://newstoolbar.org/paycom-employee-login HTTP 301
    https://newstoolbar.org/paycom-employee-login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([^\s]+) -
Overall confidence: 100%
Detected patterns
  • /wp-content/plugins/cookie-law-info/.+\.js(?:\?ver=(\d+(?:\.\d+)+))?
Overall confidence: 100%
Detected patterns
  • \.doubleclick\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • \.googletagmanager\.com/
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery
Overall confidence: 100%
Detected patterns
  • jquery-migrate(?:\.min)?(?:-)?(?:\.min)?\.js(?:\?v(?:er)?=((?:\d+\.)+\d+))?
  • jquery-migrate(?:\.min)?(?:-?((?:\d+\.)+\d+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.media\.net/

Page Statistics

147
Requests

99 %
HTTPS

0 %
IPv6

13
Domains

25
Subdomains

21
IPs

2
Countries

1461 kB
Transfer

5669 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newstoolbar.org/paycom-employee-login HTTP 301
    https://newstoolbar.org/paycom-employee-login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=NDEzNTc1OTM4Njc3ODU1MjAwMFYxMA%3D%3D&google_sc=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&gdpr=0&gdpr_consent=&google_gid=CAESEFgcfV9XutO6HVbZmMZKK-4&google_cver=1
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=medianet1&google_cm=1&google_hm=NDEzNTc1OTM4Njc3ODU1MjAwMFYxMA%3D%3D&google_sc=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?type=ga&cs=1&cs=6&gdpr=0&gdpr_consent=&google_gid=CAESEJtC4zrN-cNQoYmV5snhjIY&google_cver=1

147 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newstoolbar.org/paycom-employee-login/
Redirect Chain
  • https://newstoolbar.org/paycom-employee-login
  • https://newstoolbar.org/paycom-employee-login/
71 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
47fdcf496cb4d1ba91d355a44076f7729f1e87daaa08500808d486aa364a8542

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 08 Feb 2026 18:12:16 GMT
link
<https://newstoolbar.org/wp-json/>; rel="https://api.w.org/", <https://newstoolbar.org/wp-json/wp/v2/posts/2124>; rel="alternate"; type="application/json", <https://newstoolbar.org/?p=2124>; rel=shortlink
server
nginx/1.29.4
vary
Accept-Encoding
x-pingback
https://newstoolbar.org/xmlrpc.php
x-proxy-cache
MISS
x-ua-compatible
IE=edge

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 08 Feb 2026 18:12:15 GMT
location
https://newstoolbar.org/paycom-employee-login/
server
nginx/1.29.4
x-pingback
https://newstoolbar.org/xmlrpc.php
x-proxy-cache
MISS
x-redirect-by
WordPress
x-ua-compatible
IE=edge
style.min.css
newstoolbar.org/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-includes/css/dist/block-library/style.min.css?ver=6.2.8
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"64aadc1c-17ced"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/css
last-modified
Sun, 09 Jul 2023 16:11:08 GMT
server
nginx/1.29.4
vary
Accept-Encoding
classic-themes.min.css
newstoolbar.org/wp-includes/css/ 		291 B
414 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-includes/css/classic-themes.min.css?ver=6.2.8
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"64aadc1c-123"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/css
last-modified
Sun, 09 Jul 2023 16:11:08 GMT
server
nginx/1.29.4
vary
Accept-Encoding
extendify-utilities.css
newstoolbar.org/wp-content/plugins/redux-framework/redux-core/assets/css/ 		52 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-content/plugins/redux-framework/redux-core/assets/css/extendify-utilities.css?ver=4.4.13
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
c89fbb7c3991d609883de7c21412f6b27f44b0d049c72e49011d9a0311ac2eba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"65f1cc0e-d0bb"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/css
last-modified
Wed, 13 Mar 2024 15:53:50 GMT
server
nginx/1.29.4
vary
Accept-Encoding
cookie-law-info-public.css
newstoolbar.org/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.0
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"65f1cbfd-c22"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/css
last-modified
Wed, 13 Mar 2024 15:53:33 GMT
server
nginx/1.29.4
vary
Accept-Encoding
cookie-law-info-gdpr.css
newstoolbar.org/wp-content/plugins/cookie-law-info/legacy/public/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.0
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"65f1cbfd-6a71"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/css
last-modified
Wed, 13 Mar 2024 15:53:33 GMT
server
nginx/1.29.4
vary
Accept-Encoding
comments.min.css
newstoolbar.org/wp-content/themes/generatepress/assets/css/components/ 		1 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-content/themes/generatepress/assets/css/components/comments.min.css?ver=3.3.0
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
c7308904efc8da3847aab82f9ab35918e8faccef6a04a6c657251759f30a8fb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"64aadc71-5d7"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/css
last-modified
Sun, 09 Jul 2023 16:12:33 GMT
server
nginx/1.29.4
vary
Accept-Encoding
widget-areas.min.css
newstoolbar.org/wp-content/themes/generatepress/assets/css/components/ 		3 KB
940 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.3.0
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"64aadc71-d1e"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/css
last-modified
Sun, 09 Jul 2023 16:12:33 GMT
server
nginx/1.29.4
vary
Accept-Encoding
main.min.css
newstoolbar.org/wp-content/themes/generatepress/assets/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.0
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"64aadc71-4c6e"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/css
last-modified
Sun, 09 Jul 2023 16:12:33 GMT
server
nginx/1.29.4
vary
Accept-Encoding
jquery.min.js
newstoolbar.org/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"64aadc1c-15ed7"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
application/javascript
last-modified
Sun, 09 Jul 2023 16:11:08 GMT
server
nginx/1.29.4
vary
Accept-Encoding
jquery-migrate.min.js
newstoolbar.org/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"64aadc1c-3470"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
application/javascript
last-modified
Sun, 09 Jul 2023 16:11:08 GMT
server
nginx/1.29.4
vary
Accept-Encoding
cookie-law-info-public.js
newstoolbar.org/wp-content/plugins/cookie-law-info/legacy/public/js/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.0
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"65f1cbfd-8583"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
application/javascript
last-modified
Wed, 13 Mar 2024 15:53:33 GMT
server
nginx/1.29.4
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		376 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-NNQN767
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
796e1e2a3ce71bbdb8a60b6d1e086faa85b2ba01e461f983add9c5d870a195c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sun, 08 Feb 2026 18:12:16 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136091
date
Sun, 08 Feb 2026 18:12:16 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6494987875503497
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
e33ad12a5c60e3ed8af09afb5b92a8c25be78f9244f39fc88a1102240832e226
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://newstoolbar.org
Referer
https://newstoolbar.org/

Response headers

content-encoding
br
etag
15123240554794397139
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 18:12:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
56354
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ca3f080df8f40b878e40b7b7f9334bec3e773168e756b5d1c4331ba6bc5d0977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

content-encoding
br
etag
7345224164715246922
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 18:12:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
56373
x-xss-protection
0
server
cafe
paycom-employee.png
newstoolbar.org/wp-content/uploads/2021/07/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstoolbar.org/wp-content/uploads/2021/07/paycom-employee.png
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
c1e59998a7682189607d1dbb96b9b6519cd9eca17d7307791a5aa39a6d275ae5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"60e06b3a-3998"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
accept-ranges
bytes
content-length
14744
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
image/png
last-modified
Sat, 03 Jul 2021 13:50:50 GMT
server
nginx/1.29.4
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		323 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-154892205-1
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
eb97c271d98e894b6ec3bb6b433f1c2c1270327e4848dcb18a69fe382d09d599
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sun, 08 Feb 2026 18:12:16 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117407
date
Sun, 08 Feb 2026 18:12:16 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
counter.js
secure.statcounter.com/counter/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.statcounter.com/counter/counter.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.169.241 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c55dd5d13049dee9113ffd2b385712e6bebf38e2e4bdc0456c98abab2caad2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

cache-control
max-age=43200
content-encoding
gzip
cf-cache-status
HIT
etag
"6985b037-be3a"
age
15288
cf-ray
9cad1822ccc2b31d-ATL
expires
Mon, 09 Feb 2026 01:57:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 06 Feb 2026 09:11:19 GMT
priority
u=3,i=?0
nav-style.css
newstoolbar.org/wp-content/plugins/pagination/css/ 		1 KB
569 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-content/plugins/pagination/css/nav-style.css?ver=1.2.4
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
20c681a1937cbed8275424791df2954a83d20b51f2bc955f8957612f61469b63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"65f1cc01-408"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/css
last-modified
Wed, 13 Mar 2024 15:53:37 GMT
server
nginx/1.29.4
vary
Accept-Encoding
menu.min.js
newstoolbar.org/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.0
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"64aadc71-1b3f"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
application/javascript
last-modified
Sun, 09 Jul 2023 16:12:33 GMT
server
nginx/1.29.4
vary
Accept-Encoding
comment-reply.min.js
newstoolbar.org/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-includes/js/comment-reply.min.js?ver=6.2.8
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"64023293-ba5"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
application/javascript
last-modified
Fri, 03 Mar 2023 17:46:59 GMT
server
nginx/1.29.4
vary
Accept-Encoding
akismet-frontend.js
newstoolbar.org/wp-content/plugins/akismet/_inc/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1710345206
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
content-encoding
br
etag
W/"65f1cbf6-2c7c"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
application/javascript
last-modified
Wed, 13 Mar 2024 15:53:26 GMT
server
nginx/1.29.4
vary
Accept-Encoding
paycom-employee-login.png
newstoolbar.org/wp-content/uploads/2021/07/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstoolbar.org/wp-content/uploads/2021/07/paycom-employee-login.png
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
1968c1a98ff7c24c39cb9d5cebc7be4d3712895c05219f45f0b8079ce7b52deb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"60e06a27-b432"
expires
Sun, 15 Feb 2026 18:12:16 GMT
x-proxy-cache
STATIC/TYPE
accept-ranges
bytes
content-length
46130
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
image/png
last-modified
Sat, 03 Jul 2021 13:46:15 GMT
server
nginx/1.29.4
vary
Accept-Encoding
t.php
c.statcounter.com/ 		192 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=8781098&u1=B7C1781BEE7E4817BE1C7208448FE2E1&java=1&security=57e41073&sc_snum=1&sess=ce99ee&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&sc_ev_author=admin&sc_bot=0&resolution=1600&h=1200&camefrom=&u=https%3A//newstoolbar.org/paycom-employee-login/&t=paycom.com%20-%20Paycom%20Employee%20Login&invisible=1&sc_rum_e_s=1644&sc_rum_e_e=1653&sc_rum_f_s=0&sc_rum_f_e=1617&get_config=true
Requested by
Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.169.241 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
9cad18235cccb31d-ATL
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://newstoolbar.org
alt-svc
h3=":443"; ma=86400
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
server-timing
cfExtPri
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
application/json
server
cloudflare
priority
u=1,i
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/ 		543 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6494987875503497
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
83b39c6725b867b24fe1495c8a502cb78332ebdceea328dbfa636cf0525fff94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

content-encoding
br
etag
17136910202409929184
age
1132
x-content-type-options
nosniff
expires
Sun, 22 Feb 2026 17:53:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 17:53:24 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
180497
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		381 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KMJZTK0496&cx=c&gtm=4e6241
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154892205-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b5de31aca60065e57c56116eb90c10dd15c9bc1289f2321f74e678fb6af50565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sun, 08 Feb 2026 18:12:16 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137743
date
Sun, 08 Feb 2026 18:12:16 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
js
www.googletagmanager.com/gtag/ 		376 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-NNQN767&cx=c&gtm=4e6241
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154892205-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
86606db7d6fa9915b4187ba8932d523c0216f5f4559b9aad3f142431b6a3ca9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sun, 08 Feb 2026 18:12:16 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136094
date
Sun, 08 Feb 2026 18:12:16 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154892205-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.138 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bc-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

content-encoding
gzip
age
3803
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 19:08:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 17:08:53 GMT
last-modified
Tue, 15 Jul 2025 00:44:26 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20737
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-KMJZTK0496&gtm=45Pe6241v9107823532za200&_p=1770574336388&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=2135266722.1770574337&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~115938466~115938469~116185181~116185182~116988316~117231333&sid=1770574336&sct=1&seg=0&dl=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&dt=paycom.com%20-%20Paycom%20Employee%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1995
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NNQN767
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.138 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bc-in-f138.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:113:0
report-to
{"group":"ascnsrsggc:113:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:113:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://newstoolbar.org
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:113:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:16 GMT
content-type
text/plain
server
Golfe2
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/ Frame 2442 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstoolbar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

age
1352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3878
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Feb 2026 17:49:44 GMT
etag
9949080804817620733
expires
Sun, 22 Feb 2026 17:49:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame 837E 		477 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&adk=1812271804&adf=3025194257&lmt=1770574336&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32%2C43%3A32&format=0x0&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&pra=5&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336727&bpp=9&bdt=521&idt=131&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4293887534887&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=1&uci=a!1&fsb=1&dtd=175
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ac2a776bfd84cde0b15ba031f3d0d51bb2b9ded88dfce4fd43bcc804e9f20915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstoolbar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
63642
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Feb 2026 18:12:17 GMT
expires
Sun, 08 Feb 2026 18:12:17 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 98F3 		70 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
d3b1bb9f0f57c3a1f2f379399d145b47bf82f691031e7bb889e238cdec90a8a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstoolbar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
28005
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Feb 2026 18:12:17 GMT
expires
Sun, 08 Feb 2026 18:12:17 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1A73 		70 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
f263ae9679f6d6f7e8c62003c18e9d6e4750728bdcac791ff464873fe7922ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstoolbar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
28011
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Feb 2026 18:12:17 GMT
expires
Sun, 08 Feb 2026 18:12:17 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
style_banner_34a16e.css
static.admaster.cc/js/template/style/ Frame 1A73 		1 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.admaster.cc/js/template/style/style_banner_34a16e.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
84.226.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
94e5a4052c8f4acff783d75d4f41f1f43783ad6d80031044110083f9cbbc0fff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://googleads.g.doubleclick.net
Referer
https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=9PupSg==, md5=5Y/tuloHkXzUS3cwd7atWg==
content-encoding
br
age
246
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1520
date
Sun, 08 Feb 2026 18:08:11 GMT
last-modified
Fri, 26 Dec 2025 02:16:17 GMT
vary
Origin, Accept-Encoding
content-type
text/css
x-guploader-uploadid
AJRbA5V6RXuKr54ng23OiSjpuz3xiAY5OIFgInWhbcQ1Gj7_6mJ580xjXUOueQ5g1fkZLEfdffhG5nI
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1766715377316156
content-length
430
content-language
en
server
UploadServer
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame 1A73 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
6020003950853699975
age
25138
x-content-type-options
nosniff
expires
Sun, 22 Feb 2026 11:13:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 11:13:19 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame 1A73 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
ea4a3bda6fa5f3822ed8d15783364ff22f8cf737a748456564630c92970518ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
13377617181553841340
age
83197
x-content-type-options
nosniff
expires
Sat, 21 Feb 2026 19:05:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Feb 2026 19:05:40 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8668
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1A73 		229 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
04e0142e1ae8bb711021ae2f9ec24aa63e662815b97e9de3d23d98cc2bb92f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
5076425831614719382
age
2217
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 18:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 17:35:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
72076
x-xss-protection
0
server
cafe
style_banner_34a16e.css
static.admaster.cc/js/template/style/ Frame 98F3 		1 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.admaster.cc/js/template/style/style_banner_34a16e.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
84.226.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
94e5a4052c8f4acff783d75d4f41f1f43783ad6d80031044110083f9cbbc0fff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://googleads.g.doubleclick.net
Referer
https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=9PupSg==, md5=5Y/tuloHkXzUS3cwd7atWg==
content-encoding
br
age
246
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1520
date
Sun, 08 Feb 2026 18:08:11 GMT
last-modified
Fri, 26 Dec 2025 02:16:17 GMT
vary
Origin, Accept-Encoding
content-type
text/css
x-guploader-uploadid
AJRbA5V6RXuKr54ng23OiSjpuz3xiAY5OIFgInWhbcQ1Gj7_6mJ580xjXUOueQ5g1fkZLEfdffhG5nI
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1766715377316156
content-length
430
content-language
en
server
UploadServer
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame 98F3 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
6020003950853699975
age
25138
x-content-type-options
nosniff
expires
Sun, 22 Feb 2026 11:13:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 11:13:19 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame 98F3 		21 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
ea4a3bda6fa5f3822ed8d15783364ff22f8cf737a748456564630c92970518ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
13377617181553841340
age
83197
x-content-type-options
nosniff
expires
Sat, 21 Feb 2026 19:05:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Feb 2026 19:05:40 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8668
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 98F3 		229 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
04e0142e1ae8bb711021ae2f9ec24aa63e662815b97e9de3d23d98cc2bb92f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
5076425831614719382
age
2217
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 18:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 17:35:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
72076
x-xss-protection
0
server
cafe
adview
googleads.g.doubleclick.net/pagead/ Frame 1A73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6U7kAdKIaevpA6rUhuMPqJWN2QaltoSEe8z8yrWgE8CNtwEQASDt9M1lYMnOo4qkpJgQyAEJqAMByAMCqgSIAk_Q0nTcXHFA8K-RwlmofxU9Z_-_Jgu_ZAY6eh4Ns0u3n5L3cKjk_ZcP_jPaETJtH1l_gP2FKlyZ3YYOeGhQ9NcrrODZhyCjbeDnZlhhGWfWWWJPs-qbsQS_r_dP8N5rYpDr3JCcO6feqCUrUErt2iCdfcKHDj_6CDOk64bP4-Tj0T3MMjNhF6UcXl0DDUYg4b6HuG6jADZvhpA8QZJ2t27q9tXuyB4btYKbvGrgwxFhyaOjj3_hnJUmojsjj_uRLf4KHo54FuG75D2jDqmTeNpBwa_KUZ-z-V1aOrypAY1xu2CL_r_QkQ684EVnPuUEvt6ofUPC6rnQ_x0cWQeXQI4EgSVRsjr7dIAGld67rOyr1d6WAaAGIagHk9ixAqgHlNixAqgHldixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOljrvJ6zv8qSA4AKAfoLAggBgAwBqg0CVVPqDRMIk_Cis7_KkgMVKqphBh2oSiNriA4J0BUBgBcBshcqChgSFHB1Yi02NDk0OTg3ODc1NTAzNDk3GAAYDCoKMjU3ODU1MjQxOVABqhgXCSlcj8IFcPdAEgoyNTc4NTUyNDE5GAE&sigh=vP7mOztN0h4&uach_m=%5BUACH%5D&sreq=1&cid=CAQSsgEA56J1efsTmkNp-cN4XGPpYtLsp5XZLxF9u44aP_58V0YTkKSDH3C5U8rQDpi38ocsUnRKlWQ-SBjYRGBa0Kuz-hj6o15OLOlouUWxr7gWoS77Ql0pUApd_K6wCwN2YO4mRgejirEy26099NgNF1yynP1FVohGI6RuvnKW6XyiJRY5XtpVYxi39bZrbo6hZ_k0WyBt9XsUT3_pWgz_fTiZrBXY5h74Iex16gNl2Hh7V4gqGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 18:12:17 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sun, 08 Feb 2026 18:12:17 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
win
tracenep.admaster.cc/ju/ Frame 1A73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracenep.admaster.cc/ju/win?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=5addb286102d6a45c1c0cbfee6a2a44e&acid=75&data=uRuUaFtK1Unmf3u2QKxe2V0QU8AWyCNGLav-PPs2dYpGtdTGSigM7Q59H36bBlYkpj_gIN4zfoIJT1aP5XVIFQvZpseMHHXYb4DFzDUQ7mCkPvJ_ZIcq9XAuXHRi4Spgm9LPwPKrzqFCct-KM-3pnvSjme1XCAqMVqfk2-gzqHpuYwrdZegN0E4T6LHh8MsQbboEATtkgipc-Wt3HL8QLBfmalY-rQjYxrrelwJz39JnqoGTxy8iLEDkWyC-nKEme6GEWRcZtA0FfcpKo_KAaaUx5NSYbkSSaziP1vMPAT5kIiA1x224Xj3clE5RS94HqPlZu8JW9kpJvkkZ5oWXAs66t4OZPoOPw9aEuIGTJ2MUQJqDBROg2S8ASCwY_Orp_xy9Q3L77OMuNFifColy7wSA17NskYqzjCRVHZbceM6YE4hpx582fTD1xAFTguLCk5s616aelUTIcENTd7_KaPsEyZoX2fKxPV6rDOu92L59SchlSMPT4ZPYjZBBYjps83218lKLT16Vk3MF8k1U-9TFPktPCvoOfcfkn5estTzW7qCaOBrBEe8JDp21h3q4M5f9HbQmeHvyN55xJoLLy4ZU2Ure7-fXPhW_bhwpKEXr98BR5S6_sK3yD_cCfDZON-lR5r9f253tVCJKmRWgBIcEIDs9KRYe-Hhkv105l5bYmA5KR16ccvHAmuc03lckQ0Pbey3gtP6-Acye1QfUv-rz0gXl8JATstHH22iy9fRpflz9RNzv1xIruZT14PlJv8z_UlLPygrG56MQEE2vdbIC51Dpy8ccdKxgd9Uhaf0&uid=000012d423f49f4e&mguid=&ap=aYjSAQAA9OsGYaoqACNKqPbHhVx8_zfTg2HzNw&tid=102
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:17 GMT
content-type
text/html; charset=utf-8
adview
googleads.g.doubleclick.net/pagead/ Frame 98F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CzMRwAdKIaY2CA57VhuMP_cjF4AOltoSEe8z8yrWgE8CNtwEQASDt9M1lYMnOo4qkpJgQyAEJqAMByAMCqgSJAk_Q_yk7vRsFiAvpsvi052CJrPRqzxNAGnb2nH6NSB0qTyCVWKVWNdY0qo4fJXMl-pqSJ4hHOhujJj6KWc5WY1KiNPQcfZa1bZ9j6pGzXAa79AsnHqjJrsZ9DPGlYtv4oE4W7Dp037gHtWjKlRC9rgX76C2XJPGINRx4oNlz4Jvsz-LofxvsHFKkGxGaYdJmyefz33dkDoMgRLgfQTSCU6hrX83kj6Yuj3CyS2ln11t3YOcfuybnL7NAJWjemoHWoNjfknMWF8gD4wNTlk_jQLMwM_BtQ96Nnm1YgSQ6tCxEtdbgecFSp68bPXPgN8A6NDdhbjHuMUvFiO5aGw7P2Zd5bQZxlBKxzQWABpXeu6zsq9XelgGgBiGoB5PYsQKoB5TYsQKoB5XYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7ECqAetvrEC2AcA0ggsCIBhEAEyCIqCgICAgIAIOg2AQIDAgICAgKiAAqgDSL39wTpYxtWds7_KkgOACgH6CwIIAYAMAaoNAlVT6g0TCOuHorO_ypIDFZ6qYQYdfWQRPIgOCdAVAYAXAbIXKgoYEhRwdWItNjQ5NDk4Nzg3NTUwMzQ5NxgAGAwqCjI1Nzg1NTI0MTlQAaoYFwl1kxgEBWkEQRIKMjU3ODU1MjQxORgB&sigh=UORdX_o9LBA&uach_m=%5BUACH%5D&sreq=1&cid=CAQSswEA56J1eS2egf9CwnOnVmGRiMUIJdtVxrUhFckkW1cYL1ShlsLmO9-guZTpGrUz2GdjltddzV_rkXaVk3mcIfqaCfe_LRWJqapGKuALQs2CKCIZUFuA0O9IttTxmye8PjtwhaiTA074aCtQlHp0i4VMYjSG1yeDppvfKZSPpoAg6D8S7jXcC15L5cposz4dNqwQH9LDG_OksD0aNG0SzaZKApcbYFLtp7CGuYXNozEYiKkEiBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 18:12:17 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sun, 08 Feb 2026 18:12:17 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
win
tracenep.admaster.cc/ju/ Frame 98F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracenep.admaster.cc/ju/win?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=ad26be45334cb59f5268d3584b714eb2&acid=75&data=LYHP0xBzWBdgUHyohRqFj5ZHfDIorCwpwBOpjaWpVrdVKascGfq8WC93-wAzhodbuwxNyY6tSxDk5IKBpICtmlq65hOXsOXRVgTymhAW7vL_oy8P2OIPieN1NKsFYQ4LA_Kalz3zKnQJdVhn03sZ6WfS68xkwQ5SoVBDsbLYvQ0XV7C_-M2YBMkHVusAm_p-YRnbnXlm56EXmvOwkKo388bqJ8QupfGfTgo0Fs9H68ZApVYfJHb9AWp9ObK_wtm15gjNj5RKo9QhFQU7Abi9meQQ_4HRU2WoBY8AxBZIIgePqbq1e2zJszVyZf_WVakC4keKruOXx3OKDb0RW8SqPkzgKX8Y6EijsXjn4o0j0Kgdzx4OJzdFzuDnfMQQ577DBRoGFH2QLc9SnnqBysZ0G28CFH__g-Imta_6MmWLH40WtFVfTvF89lXKBkIrLV9wEdvemfFA5EU7403iDIXsInKEpIJ7B4ftaCHegO2W1gBDQy3xCWSjjoHBOEwN1PDGV-XH5WiEh37s6W_Ct16h8Uz_K07fXcQ7O8pnP31MWrjDOBHSNKeUTaHZiSmQqPfASZQh__175of3GvKVI3cRb7ujGo46QU_wjVbd5o962suo6Pgz4vCo7qQcDJXsCbS1hk2_6ZclI7bfnNV3s1H85YJwwqIjLLKEe3-jOgvydCo9jbuvwR-jcUD7188FpHOpkQufDF-q99dVISBbHxt4PIdwCCECJy7XUj56UrGMdk10RJph3Uh1Mg0Mc_B6PfLOYYeeIxZ0PpUkdfKvo2Z0RyAGwMYsRvKyzsNTvp79zMk&uid=000012d423cc4fff&mguid=&ap=aYjSAQAAwQ0GYaqeABFkfYacVy-4DzJw4dV2HQ&tid=102
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:17 GMT
content-type
text/html; charset=utf-8
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/ 		193 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/reactive_library_fy2021.js?bust=31096614
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
6a05f0d9b1ecc19a4d8e0d5fc785d20f76fc394166f26c90aa0ca0c8193c90cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

content-encoding
br
etag
8483269754610868537
age
65335
x-content-type-options
nosniff
expires
Sun, 22 Feb 2026 00:03:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 00:03:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65691
x-xss-protection
0
server
cafe
8b81cf765d3dc16556b3f8da6f2ad62e__scv1__622x368.webp
imagesnep.admaster.cc/ML/ Frame 1A73 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesnep.admaster.cc/ML/8b81cf765d3dc16556b3f8da6f2ad62e__scv1__622x368.webp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
239.60.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ce1abbf92a71cb024f8acdd4ca835255a19cc03bfc9f6ad6486e7942882a5278

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type,Access-Control-Allow-Origin
x-goog-hash
crc32c=/Vf5UQ==, md5=aITUMEFCjEyz53cwBIevrg==
etag
"6884d43041428c4cb3e777300487afae"
age
310
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
9600
date
Sun, 08 Feb 2026 18:07:08 GMT
last-modified
Thu, 05 Feb 2026 14:14:15 GMT
content-type
image/webp
x-guploader-uploadid
AJRbA5W-QXR8j2NBt0NY-w9BPovFaS-6SxpG0g9xrvz15lYa3I50xTL8cFKd7IZ7xeFAo4Vg2dyjH2w
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1770300855871232
content-length
9600
server
UploadServer
cookieSync.html
static.admaster.cc/js/ Frame 8E42 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
84.226.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e24a83f6d80be3ef18b72b5d8045e6be5316f8073a36998f136e1625c3755d02

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-encoding
br
content-language
en
content-length
3371
content-type
text/html
date
Sun, 08 Feb 2026 17:17:25 GMT
last-modified
Fri, 02 Aug 2024 07:32:17 GMT
server
UploadServer
vary
Origin, Accept-Encoding
via
1.1 google
x-goog-generation
1722583937076126
x-goog-hash
crc32c=gjgw1Q== md5=SO8vtU0BbZFyVEylosiXmw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
8007
x-guploader-uploadid
AJRbA5XrmdGfh4p4Ux3tz7BWgP_C2BSrC5w157lHScNvdZOoPlQNcTf49kSOtuhB1b1vWVV3
ic
tracenep.admaster.cc/ju/ Frame 1A73 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=5addb286102d6a45c1c0cbfee6a2a44e&acid=75&data=gKBDRvK0oOjn5U5BkfLjMwAlSN2TsmQ7xHpXW_nzcG7ByY5HcGOPhUaJKmaTIdbQaRhP9xCqgWyGuLeH_7SpX9Q9eSKTDdXDxOz9EaWlHPCTElaxHIYRoMHXW8y_U7R1TqIjZufegjhuzsNP5CAfKuqbdMjzaColv7wp4jEdK2icuf6FvIfUpq7zgeiLolVsF1tljVlwfGfesb1nUCffDKcV3ujHdoNWyF8tN8hgckHNzJv4zHOVvskkFqnGgWv_nNlpQ-HnKkS4KqK5Dm-g3E_iYLj61DYtzjL6AJGRA__b1tMtFbREbVwefc_yFk3NvlniQAM48n65Smdefp55uI_z7vMhGiyRbFz8Elf2lIHrt80HKkbS6Vpigtb5qoVUdB2YvMsG3-D8tBhtBoK8zxZsRfCZdT0EaW64o7mAmpeBy8G2esecfCGlRYpXIHTlYx7EOv1sHljNMvrVtQJWJIi8BdxnckXcN4rkzdHBX0cbdaa6Yg5gTahS9Ztf-SweLWbUN7Il85dInLc67IEOsLGeYYXw1YrR8XJCZRS8_EHB1-hTu0SrBVIqqDg5ULsAHe-N2JtCTLnCkc3eVrO2T7pYk2QdK5mFlZfPSkeOimhK5NQV9OFpPQFfceXbbr0leqZ5kATw3XSlSBPQGv2_up3a3C2Ws6f1qSKjD_5uDCr89AsSBfWqu9AYCWlWxrjRZo4b5wgW_ZKR37DOTHaIQrwkuiAILJUgDvoEsvIFJLghE1HcIQbrzx_0WnnlsjKmjsuygpoNyttjPqvYfjjv0NvNERFgM3SXdu7hQ8Hn56fk5pb5vvJO8GSVvS2YOFRq6svgzMuH464clCySc11o2TdFiejfjvKFgCstmh-enXh3eQmIcza70gkPe2-2xWeMzSBvEDSoGQeeVmLNlPmwuq7UaU06v73nfVrIauX8UD2WemvZn2MtFxhBqH8lZlF-Qkm-HQ1vQiJapo87KG1syiHdlWL0bVeEjteaSYU_QX9Hr14Y5hXWjrAQXUuKmNplUJcssn4QHBXTL1H00d_FLobdf9hNlRIEm3NsKByR4ySDomf_40d9VyhPzVRC14Fa-tByfVMJZ02W4L3lDzdXosFujg6Hq9kjvhLFAf-MthIt60mxNQ0d_906dn5c_SBVN9G9oykBlQOeRh5jTNTPQEK1oO3ainEMhOxjNAnSrzG0Em1uGfzAJOjE5qNEJ-NBOyJuG8RiiGru5e2cm-ogARryPHGjlXl9PY1QPyC_OHtLHuhEBPiJ1JiBdeicB7wqY8hgIZYfibNLtoXds7pqI-krT5r5OwCbLkvvKHvLVBoMg7K6bVyrcDDvFFWI1oDmGmy6-XvSmCSBI5-dPw9k36i7_Eeb0ENFnLDjFTz1oa3lBp2h_jXGg-uwGpdJqVYuKQHjreUJe5Q8v6gO56orGuspDvS6n26rjxUeAAkpKwzgZ5EqDxKVnB-0SjrzzJ4g4w5nCKap4hBniHrfvOOCTBeuERFvDHgRkalgqBG03fiDiXQXVEoiwe0C9jlj1KNrM2i-LHY6aaRsxLVrElbZgAYNbZaYLpp26nsyjNNgNlMT9Et5rk6u7xeVBmf9BYY7ItOPslBpcZ0sfzsoIlBRwbZQ38PiMzPreGhgEORfemmHe6ZAStm3BbxpoPzjkN0k&uid=000012d423f49f4e&mguid=&ap=0.12077&tid=102&c_sync=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:17 GMT
content-type
text/html; charset=utf-8
8b81cf765d3dc16556b3f8da6f2ad62e__scv1__622x368.webp
imagesnep.admaster.cc/ML/ Frame 98F3 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesnep.admaster.cc/ML/8b81cf765d3dc16556b3f8da6f2ad62e__scv1__622x368.webp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
239.60.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ce1abbf92a71cb024f8acdd4ca835255a19cc03bfc9f6ad6486e7942882a5278

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type,Access-Control-Allow-Origin
x-goog-hash
crc32c=/Vf5UQ==, md5=aITUMEFCjEyz53cwBIevrg==
etag
"6884d43041428c4cb3e777300487afae"
age
310
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
9600
date
Sun, 08 Feb 2026 18:07:08 GMT
last-modified
Thu, 05 Feb 2026 14:14:15 GMT
content-type
image/webp
x-guploader-uploadid
AJRbA5W-QXR8j2NBt0NY-w9BPovFaS-6SxpG0g9xrvz15lYa3I50xTL8cFKd7IZ7xeFAo4Vg2dyjH2w
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1770300855871232
content-length
9600
server
UploadServer
cookieSync.html
static.admaster.cc/js/ Frame 28BC 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
84.226.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e24a83f6d80be3ef18b72b5d8045e6be5316f8073a36998f136e1625c3755d02

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-encoding
br
content-language
en
content-length
3371
content-type
text/html
date
Sun, 08 Feb 2026 17:17:25 GMT
last-modified
Fri, 02 Aug 2024 07:32:17 GMT
server
UploadServer
vary
Origin, Accept-Encoding
via
1.1 google
x-goog-generation
1722583937076126
x-goog-hash
crc32c=gjgw1Q== md5=SO8vtU0BbZFyVEylosiXmw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
8007
x-guploader-uploadid
AJRbA5XrmdGfh4p4Ux3tz7BWgP_C2BSrC5w157lHScNvdZOoPlQNcTf49kSOtuhB1b1vWVV3
ic
tracenep.admaster.cc/ju/ Frame 98F3 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=ad26be45334cb59f5268d3584b714eb2&acid=75&data=SVo7sRZiN_cyF-3Mv6ntrNGQgAlLvsvkN3K-7huMNg3BWt1JVfGyW-8RuiBnFG_YY95z3XxJMOXf41exBouzF3BCm7gOFS9dDCYQAbwrziWV2HHqnGu2yXPFHuydf0r1nBYhRDMOAKacSpObdXuYAVxa4BJQfQNJ_KMNVHcq2qPRsUyi1DZ02e7vcNLXtSMFsFP3Cajqo3JMYChPIL9xsDb2v_P_y22DO_1ucRD1qLh65s2XIYyGhDyXKq3sWMZ9n3AToPmjX4KAAAlIVqLlPm0Uk2uQ34_9T_xx54-3Ht42-MuTujKC0PYZsMxZclYFz7NmL_olwEpiQoevsq_wQx6gYvbMlJkA2RBcD50UMwPzTbi8hdW_IFxRz079Mwf8cXbYm5eSaeaOfUNVPsckpHHpBRaqTs8_h0lpRSbikZXSi1alPnrOiotY5CmT7aBieNAWf1jVwudugwvjDtnbY2x3mbjpsYZE1zbHaYiexK1Aff8InwRGYdmlAaON-hAJrrEmE1yXsMrGSl0_x38QdIoXprfpRLO1zLF4vKhVFKRyekAIFftO4t1FCocw28Uw2jzwXJdlR8kVhkMRoJfJmMNYc1hp1vxLKYDllA-u_QOlNVeLtxf0d8MXRfAy4d76Ni71zcv2qBjtv8bNqQgR-8dLUICgUbV0IM_ICpSdFlm-Gym7g-5FhnvgBeV-7z6j0sxZ4Ovid4OTj1xsRkKgGLb3i7fB0VCTKQUCaC69vWTCyVjlbqvA1_dlG4BhkHORMO8ia3V_Z72z6CrETiLyVkpSiL8KDxnyqfRZvWxVKDqOnpVt_drdwEpI6yplPT28Rh87AhX-SPABXo9mx4OZHruY0EsluUC3FIr0zzk4pfNO67pwnBqvOAh4L2U8mKSWfEDsdwf_chsHLEjctwrvSn3lxVnZShpiBw8WRiNFt8Pq1lHGa87GV_Z1Es71tAmiLbULXF43P4reUfPOjhm-D9v6kYDwoYSjzn4mDgMs6rxxk-LbANVQF0EQ0pqSESbjKi1KAgSmcwxe4842ETlHcV5xyvPnUxEJvIo-C3l3rEPL4CAGqgr_sqQ4CJBZmA-xU9W12bbmOsjl7QPv-Ca1BJTB_Vwv7W6mTGhr0RvgV2MFS-irsxCocn9UAi-x3B_KgSwcdBhaioyyUucEzZKLQ8XEsYq4WZIVVboJIvJMcmNTShMVauHBxB3sdtvB7sgnmWz4ZMZ6h1e0URV8yN-H89LCni6HL7BptooSUKVMYMeZxsp7VzhlJigmyiKaD_mnkkwpEROoSv-3FU9xiU7RTER6FhBV2Wt_CTDYiQ3uSDNW34nWoeC9d8HZBWkUTv1tDfH58DWxJl5cUcwqgKhUMjeqm0d4wl7vnQuCupt-lkZHRtDFGq3c2afoFOT19CPfuJkci-6B4pkZuHjnburYk0gp5lzdOcYJMiLrIXgXE_PugBlhoQYFaiyP1BUQTjMgdboMhWoJFvcfXWFrk2wPQNAF_X9FbMjGNvLNwSUm8BkSQnqQWYmBL_Chq2i3_vY3uGu-kM2Fe1wz5s9IiwdvzGKJ_oNJePCjTFIL-TzaCeoxWY9RZkm-_wqIKTpoOLnI3kIlA59mlPmDS3-ai9_YH9QL_lCtp79FrZh8klLgIdpIFgws9mk3NOFFRWGO-a8sw3JVvjnenpHTbifzL6y7Rg&uid=000012d423cc4fff&mguid=&ap=0.20988&tid=102&c_sync=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:17 GMT
content-type
text/html; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 1A73 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
012e32c3db8eab0778166b5af4367cdf98dcfb6b6dd530f8506f90708130eabf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 98F3 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02c5c410a2854826210ad49e2c91cbce598b656b5229f3f6401359f4bc57e4df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/ Frame B3D0 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstoolbar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

age
1352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3878
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Feb 2026 17:49:44 GMT
etag
9949080804817620733
expires
Sun, 22 Feb 2026 17:49:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/ Frame DB4C 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstoolbar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

age
1352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3878
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Feb 2026 17:49:44 GMT
etag
9949080804817620733
expires
Sun, 22 Feb 2026 17:49:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/ Frame 53D8 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstoolbar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

age
1352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3878
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Feb 2026 17:49:44 GMT
etag
9949080804817620733
expires
Sun, 22 Feb 2026 17:49:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/ Frame 70F6 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstoolbar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

age
1352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3878
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Feb 2026 17:49:44 GMT
etag
9949080804817620733
expires
Sun, 22 Feb 2026 17:49:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
style_banner_704028.css
static.admaster.cc/js/template/style/ Frame D3E2 		2 KB
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.admaster.cc/js/template/style/style_banner_704028.css
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
84.226.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fbdfb2e035339a51583cd06a45d4899eab57cdeebd76431453226eea369f628d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://googleads.g.doubleclick.net
Referer
https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=lKtZdw==, md5=WhD7SHHEX8vQwT5CiSdNog==
content-encoding
br
age
18
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1770
date
Sun, 08 Feb 2026 18:12:00 GMT
last-modified
Fri, 26 Dec 2025 02:16:22 GMT
vary
Origin, Accept-Encoding
content-type
text/css
x-guploader-uploadid
AJRbA5Xq3xO_-2iwPEsPxxNL-8U7C-tnF01Sy3cu_ggEKjjjII4l725rUIAlzoS4IjHO9gbJ
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1766715382827224
content-length
517
content-language
en
server
UploadServer
8b81cf765d3dc16556b3f8da6f2ad62e__scv1__622x368.webp
imagesnep.admaster.cc/ML/ Frame D3E2 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesnep.admaster.cc/ML/8b81cf765d3dc16556b3f8da6f2ad62e__scv1__622x368.webp
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
239.60.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ce1abbf92a71cb024f8acdd4ca835255a19cc03bfc9f6ad6486e7942882a5278

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type,Access-Control-Allow-Origin
x-goog-hash
crc32c=/Vf5UQ==, md5=aITUMEFCjEyz53cwBIevrg==
etag
"6884d43041428c4cb3e777300487afae"
age
310
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
9600
date
Sun, 08 Feb 2026 18:07:08 GMT
last-modified
Thu, 05 Feb 2026 14:14:15 GMT
content-type
image/webp
x-guploader-uploadid
AJRbA5W-QXR8j2NBt0NY-w9BPovFaS-6SxpG0g9xrvz15lYa3I50xTL8cFKd7IZ7xeFAo4Vg2dyjH2w
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1770300855871232
content-length
9600
server
UploadServer
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame D3E2 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/window_focus_fy2021.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
6020003950853699975
age
25138
x-content-type-options
nosniff
expires
Sun, 22 Feb 2026 11:13:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 11:13:19 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame D3E2 		21 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
ea4a3bda6fa5f3822ed8d15783364ff22f8cf737a748456564630c92970518ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
13377617181553841340
age
83197
x-content-type-options
nosniff
expires
Sat, 21 Feb 2026 19:05:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Feb 2026 19:05:40 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8668
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D3E2 		229 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
04e0142e1ae8bb711021ae2f9ec24aa63e662815b97e9de3d23d98cc2bb92f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
5076425831614719382
age
2217
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 18:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 17:35:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
72076
x-xss-protection
0
server
cafe
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/elements/html/ Frame B3D0 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
594486b781485bb2bbc46e47f91e36affd91ea2605d50430410385fb1ecc7c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
12125139606160210519
age
58595
x-content-type-options
nosniff
expires
Sun, 22 Feb 2026 01:55:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 01:55:43 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
6754
x-xss-protection
0
server
cafe
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/elements/html/ Frame B3D0 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
b5a22ea5e348f9412c7daf140bbe2380b1014a94e95cd33429f6321afad108b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
6409147439907330241
age
49678
x-content-type-options
nosniff
expires
Sun, 22 Feb 2026 04:24:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 04:24:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9655
x-xss-protection
0
server
cafe
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 436B 		113 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3889&%2AJ=M33V43%28ll3M%28%28h%283V4M&7JW=WK43URWKYvMK%28Y%284WWYKe~3YWl%28eKUQhKM~~&7r~v=7BQ&88ked%21%2AQd=%25%25%3Fmq_COCnG1C.g%3AYM%3A4%25%25&88rW=%7B%2288ee%22%3A%226Z%22%2C%2288eHz%22%3A%22eA~dr7HHQ%22%2C%2288JX%22%3A%22MRUPM%28%28PUVPV%22%2C%22888e%22%3A%22gn%22%7D&8HXJW=&8J-Q=M0VI0VV&8KWdCW=MR0&8e=gn&98XQBv=V&9pW=%28&AHHX8=M&BH%2A=V&BkQdd=M&EW=&Eadv=&E~HKJW=YMVU&E~HXdQ=M&E~e7JBH788=Hd9Q&H8eQ=SMMl%28&J8JW=4&KJW=l3%28R4l&KQ=V&KWdCW=%280V&K~Q=M33V43%28ll3sM33V43%28Rl3s0VV&QedJW=M3VVVRVVVMVRMRVVM0VV0VVVVV%28V%28VV&WQekkk=KK%3DM%21M%7CAd%3DV%7CWrp%3DQB%7Cerp%3DQB%7CKe~H%3Di7%2CM0Q%7Ce8A%3DM&XJW=hN.DUMl.M&a8AX=V&ar8HX=V&dQw9dr=AHHX8%3A%2F%2FBQa8H77rK~dP7dp%2FX~ze7kYQkXr7zQQYr7pJB&eABkU=&eABkl=&eHXJW=&eJW=hn6_C31l6&eQIXJW=&eW%2A=.U3l0&edJW=4l0M4U%28lV&ee=6Z&htmlsrc=1&k8X~=V&kkdd=AW%7Cu%7Cn39H%2AA&pWXd=V&pWXdeB8H=&rUHzXQ=aQ~%2AQd&tpid=TQD1S9E&zKB%21ee%21QIX=V&zW8Xd=M&zXrX=M&~W%2A=ZJkJr~d+ZQ~deA&~W7k~JB=AHHX8%3A%2F%2F8JkJr~d8Q~deAPBQH&~WHM=hn6MZFj%28l&~WHU=ll30RM4lh&~Xn9=&~eH=NuCGp~uu9%2FuwldpBQp9g~g%28Q%28wu~-lvpwwp&eobd=4YrCvRaaBNR%2FadaCezBHNr_CzBM9d%20hyCzBP5b%2FhyCz.e_B%20jFPvaSHar%2Fd4YCeqrBhP4Har%2FdMCq.enBYPydMCe.reB4%20YCv%20B%2FDbCz%2Cz%2CieBYPydaCrzBHar%2Fd4YCrzrUzrzseUzzBNR%2FadMCe___.__BR%2Fadjx%20CzB4jYCD4JNkjdeserrWesznByvdMb9dMPP4jCz.qWB%20jFHar%2Fd4YCesUBNhCnJQS5mBkMMCeUBM9dNyCrqB%2FNNhRDCX%2CXB%2F%20CeB%2Fh4d4YCrzrUzrzseXB%2FDYHCz.zzz%2CzBR%2FadMCz.UXBHar%2FdR%2FadMCzBR%2FadaCezB4aHCes.znB5%20DjC_zzne_BMMCeqUBb%2FhyCz.e_BHar%2FdR%2Fadx%20Cz8zB44YH%2FCsnX.nUBh4Nd%20CeW%2Ce_%2Cz%2Cz%2Cz%2Cz%2Cz%2Cz%2CrBh4NdYCqzzB%2FxbCz%2Cz%2CieBDnhdMCX.Ur%2CXr.sUB4YCzB%2FdJ%2FdMC_ze.W%2CzBRNYC%2FWuKWQFWLu%7CnkfNKKNB%20Har%2FdMCr.q_BMjYCenreqnXsXXezns_esqznrUWqsr_zsqrsUWUqzzsU_qn_UWWzWUzqUn_eqUUX_WXrXUr_nqWzWsWUrrUUenqrenq_nX_eqqense_XsesqUe_Xzns_sWsWsXe_qesrren_sX_WeUUeXn_ssqe_sWsUXnUWzqrrXXXsBRNyCzBDhhdvCvPvdDhhBH%2FdR%2FadMC_Wn.qeBP5YrhdMCz.qWBMR5YCXB44CcgB%20%20CVlBRNJCieB%20bCzB%2F%20HCrU.WrBLuCn_WWBxMdR%20CirBvj4CrBDMyCeB%20jC%209D%2FaPjjbBD55d4jP%2Fbd4YCBMD4N4rCeqUB~M%20CeBMYjCeWWz_WXnnWBMD4N4eCeqUBY%20CsBHar%2FdMCX.UUBM9d4YCrzrUzrzszrBjjCsqqBY4YH%2FC_WX.zXBb4jCzBHJdbF%20Cz.sqBHN4d4YCerXWzBM9d%20PCzBadMNYYb%2FdNYCXUzBY%20rCeBHdD4vCqzzqBMY%2FdNvj%2Fh%2FbjdMCiezzzBMdka%2FCz.zeBMY%2FdNvj%2Fh%2Fbjd4YCBY4H%2FC_WX.zXBaD4jCB%20HP5CzBHN4dR%2FadMCz._WBHar%2FdNd4YCrzrUzrzseUzzBHN4dR%2FadaCezBx%20r_CzBbjCesBRayd4YCBHar%2FdNdMCz.zeBNhdMx%2FCederB%2Fbkd%2FCcBHN4dMCWUq.s_BHar%2FdR%2FadHNCe8ieUBR%2FadjHNCzBD55d4jP%2FbdMCeBYD%2FH%2FC_WX.zXBHHCzB%20Har%2Fd4YCer_rzBar%2FdMCezzzBbFd4CrBJ%2FdMCX.UU%2CzB%2FDYhCz.zzz%2CzB4NYC_nUe_rXnzB%20jFHar%2FdMCiezzzBHJRCz.sqBYrhdaCXzB%20HarCr.q_Bnh%20kCezzzBP5dy49Cz.e_BYyyd4j%2F5ChNvvD%20abBYrhdMCz.qWB%2Fh4dMCXr.sUB%2FxJhCz.zzz%2CzBvjShbCeBbFh4%20P%2FbCieB%2FxJYCz.zzz%2CzBhP4Har%2Fd4YCeqsBN47bkCzBN4NkCzB%20jFPvaSHar%2FdMCiezzzBMNYCz.e_B%20MYhCz.zWnBNjShbdNYCeWBNjShbdPHb%2F%2FNYbCgQ%7CB4baab%2FdjD5dNYCD4JNkjdeserrWesznB4RhhaSdjD5dNYCeserrWesznBYbjb%20jbYdjD5dNYCD4JNkjdeserrWesznB%20daDv5CbvBHNbJDMNaNjSCz.sqBhP4CUBD%20djShbCeBDYMaxCeserrWesznBDyhCeB%20D%2F%2FNb%2FuYCzBP5MNYCz.e_zzzzBMka%2FCz.zezB4RNYCBYj%20CbD4jd4%20BN4dP%2FjMCeBYyydb%2FhyCkDa4bBYyyChNvvD%20abBMYh%20DhYCzBYDa5C9SM%2FNYB4PMhCBFNYCgQ%7CihRMiUXqXqsWsW__znXqWB9jyaCeBDYdhP4C%7B%22j%22%3Ae%2C%22h%22%3AX%7DBYyydYrsCzizBh%2FbYN%20jbYdJ%2FCXz.zzBY%20RjC_zBYP5MCzieBYb%2FhCz.e_zzBYDa5C9SM%2FNYBb%20hdR4bYC~qzBb%20hdHb%2FCYvdedHnXBb%20hdhz_Cz.zrBb%20hdhezCz.zrBb%20hdhe_Cz.zrBb%20hdhrzCz.znBb%20hdhr_Cz.zXBb%20hdhnzCz.z_Bb%20hdhn_Cz.zUBb%20hdhXzCz.zWBb%20hdhX_Cz.zsBb%20hdh_zCz.zqBb%20hdh__Cz.ezBb%20hdhUzCz.eeBb%20hdhU_Cz.eeBb%20hdhWzCz.erBb%20hdhW_Cz.erBb%20hdhszCz.enBb%20hdhs_Cz.eXBb%20hdhqzCz.eXBb%20hdhq_Cz.eUBb%20hdhqqCz.eUBYyyd4kyCeWdXUzBHM%2FCDyd%2FPJd4sBBNM%20CeBv4ICrBj54CerzFUzz%3DeUzFUzzBjyFCrqnByFMxjCzByF9y4CXsByF9ybCzBkhR%2Fb~Ce&eoac=n%20kzXXzMqnqUrDYMXzMnqDqDUnUY%20zzD&eoch=hNvvD%20ab&ure=1
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.8.28 Ashburn, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-48-8-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
52cf34248c5f7365d432868647f654aae2daedbce623ce35a5f86dbf864225dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2629800
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
39523
content-type
text/html
date
Sun, 08 Feb 2026 18:12:18 GMT
expires
Sun, 08 Feb 2026 18:12:18 GMT
link
<https://scripts.clarity.ms/0.8.53/clarity.js>; rel=prefetch, <https://msadsscale.microsoft.com/bingads/telemetryJS.js>; rel=prefetch, <https://www.clarity.ms>; rel=dns-prefetch
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-t8jn
checksync.php
hbx.media.net/ Frame 4F28 		29 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C202%2C20000%2C313%2C655%2C229%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&dn=newstoolbar.org
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.200.28 Ashburn, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-222-200-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a78cfb375e495f619f3c139f31cc8fd94d5eba312d79b221337b1d69badd092
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
10298
content-type
text/html; charset=UTF-8
date
Sun, 08 Feb 2026 18:12:18 GMT
expires
Tue, 10 Feb 2026 18:12:18 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
timing-allow-origin
*
vary
Accept-Encoding
x-mnet-hl2
E
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame CAC1 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/window_focus_fy2021.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
6020003950853699975
age
25138
x-content-type-options
nosniff
expires
Sun, 22 Feb 2026 11:13:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 11:13:19 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame CAC1 		21 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
ea4a3bda6fa5f3822ed8d15783364ff22f8cf737a748456564630c92970518ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
13377617181553841340
age
83197
x-content-type-options
nosniff
expires
Sat, 21 Feb 2026 19:05:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Feb 2026 19:05:40 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8668
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CAC1 		229 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
04e0142e1ae8bb711021ae2f9ec24aa63e662815b97e9de3d23d98cc2bb92f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
5076425831614719382
age
2217
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 18:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 17:35:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
72076
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame CAC1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame CAC1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
bping.php
lg3.media.net/ Frame CAC1 		35 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_ydspr=1&vgd_asn=9009&cid=8CURI7T3U&hvsid=00001770574337333032306677762559&cc=US&vgd_oresf=one&sc=NC&vgd_bid=374953&vgd_rpth=%2Fv3%2Fadcode&gdpr=0&mspa=0&vgd_setup=c22&wshp=0&r=1770574337334&vgd_cage=4&vgd_oreqf=one&prid=8PRVCXX19&ugd=4&vgde_bdata=QOfvzxjj~8xLjMjvu9~e8fXv9~GwMNEYv9~myJLEYv9.uX~N7-mzj5ejfLMQOvuif~EmQejfLMGvi.uA~OmYMGvu.fu~QNOvzN~L1Jv9%2C9%2Cou~OmYMjvf9~ejfLMQOvf9fF9f9WuF99~8xLjMGvuXXX.XX~xLjM7UNv9~Q7Ov1QB8k7MuWuffhuW9A~YzMGJwMGmmQ7v9.ih~N7-ejfLMQOvuWF~8EvABr5yc~kGGvuF~GwM8Yvfi~L88Ex1vH%2CH~LNvu~LEQMQOvf9fF9f9WuH~L1Oev9.999%2C9~xLjMGv9.FH~ejfLMxLjMGv9~xLjMjvu9~QjevuW.9A~yN17vX99AuX~GGvuiF~JLEYv9.uX~ejfLMxLjMUNv949~QQOeLvWAH.AF~EQ8MNvuh%2CuX%2C9%2C9%2C9%2C9%2C9%2C9%2Cf~EQ8MOvi99~LUJv9%2C9%2Cou~1AEMGvH.Ff%2CHf.WF~QOv9~LMBLMGvX9u.h%2C9~x8OvLhV0hr-h%3DVtAk%2F8008~NejfLMGvf.iX~G7OvuAfuiAHWHHu9AWXuWi9AfFhiWfX9WifWFhFi99WFXiAXFhh9hF9iFAXuiFFHXhHfHFfXAih9hWhFffFFuAifuAiXAHXuiiuAWuXHWuWiFuXH9AWXWhWhWHuXiuWffuAXWHXhuFFuHAXWWiuXWhWFHAFh9iffHHHW~x8Yv9~1EEMzvzmzM1EE~eLMxLjMGvXhA.iu~myOfEMGv9.ih~GxyOvH~QQvIK~NNvPb~x8Bvou~NJv9~LNevfF.hf~%3DVvAXhh~UGMxNvof~z7Qvf~1GYvu~N7vNw1Ljm77J~1yyMQ7mLJMQOv~G1Q8QfvuiF~+GNvu~GO7vuhh9XhHAAh~G1Q8QuvuiF~ONvW~ejfLMGvH.FF~GwMQOvf9fF9f9W9f~77vWii~OQOeLvXhH.9H~JQ7v9~eBMJ-Nv9.Wi~e8QMQOvufHh9~GwMNmv9~jMG8OOJLM8OvHF9~ONfvu~eM1Qzvi99i~GOLM8z7LELJ7MGvou999~GMkjLv9.9u~GOLM8z7LELJ7MQOv~OQeLvXhH.9H~j1Q7v%24%7Bj1Q7Mkj1y%7D~Nemyv9~e8QMxLjMGv9.Xh~ejfLM8MQOvf9fF9f9WuF99~e8QMxLjMjvu9~UNfXv9~J7vuW~xjYMQOv~ejfLM8MGv9.9u~8EMGULvuMuf~LJkMLvI~e8QMGvhFi.WX~ejfLMxLjMe8vu4ouF~xLjM7e8v9~1yyMQ7mLJMGvu~O1LeLvXhH.9H~eev9~NejfLMQOvufXf9~jfLMGvu999~J-MQvf~BLMGvH.FF%2C9~L1OEv9.999%2C9~Q8OvXAFuXfHA9~N7-ejfLMGvou999~eBxv9.Wi~OfEMjvH9~Nejfvf.iX~AENkvu999~myMYQwv9.uX~OYYMQ7LyvE8zz1NjJ~OfEMGv9.ih~LEQMGvHf.WF~LUBEv9.999%2C9~z75EJvu~J-EQNmLJvou~LUBOv9.999%2C9~EmQejfLMQOvuiW~8QDJkv%24%7BLJkLJQwMNmxz7JL%7D~8Q8kv9~N7-mzj5ejfLMGvou999~G8Ov9.uX~%24%7B%3Dj8Jz73Tmy%7D~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~7Y-vfiA~Y-GU7v9~Y-wYQvHW~Y-wYJv9~kExLJ+vu&vgde_ydsp=%7B%225ON%22%3A%22Nff%22%2C%22GxNUJ7I1YJ4z7875%22%3A%22pJ1eJL%22%2C%22GxNUJ7VO4z7875%22%3A%22iiii%22%2C%22QEx%22%3A%22XuWX~%22%2C%22yE8O%22%3A%22%22%7D&vgd_hb_audit_1=8CU1SGZ43&vgd_l2type=weaver&crid=536152430&lf=6&requrl=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Nw1Ljm77J%22%2C%22QQ8E%22%3A%22uif.uHH.f9.9%22%2C%22QQQN%22%3A%22I%3D%22%7D&vgd_hb_audit_2=337691538&ybn_cc_exp=0&vgd_cdv=O2736&vgd_wlstp=0&vi=1770574337144847051&wsip=170776163&vgd_tsce=L1134&lper=100&vgd_len=2555&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.200.28 Ashburn, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-222-200-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

Strict-Transport-Security
max-age=21600
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Sun, 08 Feb 2026 18:12:18 GMT
Access-Control-Allow-Origin
*
Alt-Svc
h3=":443"; ma=2629800
Content-Length
35
Date
Sun, 08 Feb 2026 18:12:18 GMT
Content-Type
image/gif
clog
hblg.media.net/ Frame CAC1 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awelog&pixel_len_bucket=6187&__q=AZ4S_wOPvAyccAi5CTRBwSEIw7EIZKFAEAv8lCDI44EEAXgu-JwYsAEgAQgURIAgmF1ASCIAcCO1wGQQsmrACAYAhBIGmAHDAl8CAKACAAAAAAAAOOIAgQKAAdugDpGBIBxwAsAkFQMMqkYGWiEPaEOnDsJIAkkMDgCSpQwuEPYlwOePIJ68AaYNIAwAQACACQB0GQVQMjIwMTE1MDM5Mjc1NTZfMTQ5ODA1ODMxXzMzNzY5MTUzODQ2MDFfMEAzY2YwNDQwYjkzOTYyYWRiNDBiMzlhOWE2MzZkYzAwYSxXUDROWlRBTGRaSHJ3LTc1aXJMLXZRAKSOhsICmAczMzMzMzPDPwAAAAAAAAAAAAAAAAAAAAAzMzMzMzPDP-xRuB6F67E_jgFaaHR0cHM6Ly9uZXdzdG9vbGJhci5vcmcvcGF5Y29tLWVtcGxveWVlLWxvZ2luAARVUx5uZXdzdG9vbGJhci5vcmcSOENVMVNHWjQzEmhlYWRlckJpZAgiYXN3aWZ0XzE4MTIyNzE4MDMOMTYweDYwMBI1MzYxNTI0MzASOENVUkk3VDNVAhJoZWFkZXJCaWQQMC4wNzMxMjACTxI1MzYxNTI0MzAGMTk2InNpbWlsYXJzZWFyY2gubmV0CDcwLjAAAAAAAAAAAD1ADmVhc3Rfc2MKSUFCLTMAAAAAAAAAAAIQcGlubmFjbGUaMHwwfHh0bWF4PTMzMDhtb3d4LWxpdGUtYS01NjdiY2RmNjg3LW1tbTl3MDhDVVJJN1QzVS01MzYxNTI0MzAtNy0xMQIwBjIxOAQyMwZBRFgmMjAyNi0wMi0wOCAxODoxMjoxNwAETkMSY2hhcmxvdHRlGjE3NzA1NzQ5Mzc1OTd7FK5H4XqEP3sUrkfheoQ_exSuR-F6hD8AIhI4UFIxMTNKR0MUMTgxMjI3MTgwMwgBBjEwMwIxBmFkbQIAAAAAAAAAQFZAAgIwAjACMAIwAAICMQAA-NSi54dnCDAuMTUCMQAAAAAAAPC_EDAuMTUwMDAwImFzd2lmdF8xODEyMjcxODAzCDkwMDkWY2lkX2Fia19kaXYCMAIwAjBEcnRiLWFwcG5leHVzLWEtN2ZmOGRiNGQ1Yi1tbDR3ei5TQwQGAAYAAAAQcGlubmFjbGU-MTcwMDA5MDAwMTA5MTkwMDE2MDA2MDAwMDA0MDQwMEQzY2YwNDQwYjkzOTYyYWRiNDBiMzlhOWE2MzZkYzAwYV8xAAxJQUIzLTkENTUGNzI0AjICMAIxAAR2NAAAPjE3MDAwOTAwMDEwOTE5MDAxNjAwNjAwMDAwNDA0MDACMAIxAAIGB_6wB6y0B_qzBwAebmV3c3Rvb2xiYXIub3JnAAAAKHB1Yi1BRFgtMTE4OTAzMjM0NDg4ygQAMEFEWC1wdWItNjQ5NDk4Nzg3NTUwMzQ5NyhwdWItQURYLTExODkwMzIzNDQ4OAQeMTIweDYwMHwxNjB4NjAwDAABAAABAKwBvAWUBR4xNjB4NjAwfDEyMHg2MDAAAgEGc2NvAQZVU0QAAAAAAADwPwEITm9uZQIAAAAAAADwvwZBUEkQM2Y3ZDU3YTkmMjAyNi0wMi0wNiAwMDowMDowMAIsV1A0TlpUQUxkWkhydy03NWlyTC12URQxODEyMjcxODAzDkRFRkFVTFQAFDE4MTIyNzE4MDMSOENVMVNHWjQzABI4Q1VSSTdUM1UCAQAAABBFWENIQU5HRQECFDE4MTIyNzE4MDMCMhRhcHBuZXh1cy1hnpwBDFdlYXZlcgAwV1A0TlpUQUxkWkhydy03NWlyTC12UV8xAAAAAAAAAAAABlgxMQ4wMTExMDEwAmQAFGU4YWYyYjMzZmQOQklEX0FQSRQxODEyMjcxODAzBFVTBFVTAgEYd2x4VE5yTExvZHlmBjI3OAACAAIAAAAAAAAAAAAABGVuAAAAAAECAQhiYWR2MGctdXNlMWQtZW52b3ktYXBwbmV4dXMtMwABAAQtMgpbNDYwXTMzMzMzM8M_K_uuCP63sj8AACb__wcOaXAtYmw6MDBBc3NldFVybFRpbWVvdXRUZXN0OnRlc3QWZ21wOkRFRkFVTFQKRFJMOjEQVWlkSWR4OjEQcnRkYXRhOjEedmlkZW9UaDpERUZBVUxUJm1uZXRTZWdtZW50SWRzOnRlc3QycHB2c2lkX3VpZF9jb250cm9sOnBwdnNpZApPVlM6MRhjbGlja2hvdXNlOjEUdGhydGxvcHQ6MRBzZXJfY2g6MQxhZXJvOjEQdHVyX2NoOjEccmVkaXNfd3JpdGVzOjAgZ3JhbnVsYXJGaWx0ZXI6MRJzZXJfdHVyOjEUc2h1dF9ic3M6MUAxYzVmNzE3NTdlNjUwN2VlYzBjOGEwODA1OWE0NDE4ZAIwHm5ld3N0b29sYmFyLm9yZxZncnBjLXN0cmVhbQAAAQAELTECOR5CU1NfVU5SRUFDSEFCTEUAAjACMAQCAWAGQURYBHsUrkfheoQ_AAACAAICAgACBE5BBE5BAAAAAAAAAAAAAAAAAAAAALAJAAACBC0xvDEEGHVua25vd25fc2FmZQAAAQoyODI2OQEAAjACAQZVU0QAQGVmYjUyOWE1MThjMzRhMGJmNDExMzQ4NzNjNGY1Yzk3FGdvb2dsZS5jb22UBQoAAAAEAw5kZWZsYXRlCGd6aXAOZWFzdF9zYwAAAAIwAgAAAjAocHViLTY0OTQ5ODc4NzU1MDM0OTcAAAAGNTE3AgEWbW93eC1saXRlLWEAAQEEZW4GMy4zAgASMTQ0LjAuMC4wBAgEAAQAAAAAAAAAADMzMzMzM8M_MzMzMzMzwz8zMzMzMzPDPwAAAAAAAAAAMzMzMzMzwz8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmRlZmF1bHQCNAABAA4xNjB4NjAwQDlkODllMDliYmQzMDA3MzNjZjJhODM1YzdlZDU1YTZlAjACMAw_DFRNQVg6MRBDT09LSUU6MQpFSUQ6MRJQUk9GSUxFOjEOREVBTFM6MQxJTVBTOjEEZW4AAjACMAAAAPaIPQAAAAJ5AAAAAAhOb25lAMoEMzMzMzMzwz8CAAACAAMCAQYxMjMAAQEBAQROQwIIMV8xMhQxODEyMjcxODAz&bdata=sd2%3Dnull~iurl_l%3D10~vi25%3D0~bh_cpm%3D0~ogerpm%3D0.15~ctxonlyvl2r_sd%3D192~posvl2r_b%3D9.13~dom_b%3D1.21~scd%3Dnc~rae%3D0%2C0%2C-1~dom_l%3D20~vl2r_sd%3D202602081600~iurl_b%3D1555.55~url_tkc%3D0~std%3Daswift_1812271803~mn_beh_boost%3D0.97~ctxvl2r_sd%3D186~ip%3D3wDygM~fbb%3D16~bh_im%3D29~riipua%3D4%2C4~rc%3D1~rps_sd%3D2026020814~radv%3D0.000%2C0~url_b%3D0.64~vl2r_url_b%3D0~url_l%3D10~slv%3D18.03~gcat%3D500315~bb%3D196~erpm%3D0.15~vl2r_url_kc%3D0E0~ssdvr%3D834.36~psi_c%3D17%2C15%2C0%2C0%2C0%2C0%2C0%2C0%2C2~psi_d%3D900~rke%3D0%2C0%2C-1~a3p_b%3D4.62%2C42.86~sd%3D0~r_wr_b%3D501.7%2C0~uid%3Dr7IP7Dx7CIX3fViPPi~cvl2r_b%3D2.95~btd%3D1321934844103851890326798250892867690086593567707609635196645742462539707876226613921395345199138154818961540385878784159182213584571661435889158786436709224448~uim%3D0~app_n%3Dnon_app~vr_url_b%3D573.91~ogd2p_b%3D0.97~bugd%3D4~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rcv%3D26.72~CI%3D3577~kb_uc%3D-2~nts%3D2~abm%3D1~ct%3Dcharlotte~agg_store_sd%3D~basis2%3D196~qbc%3D1~bdt%3D1770574337~basis1%3D196~dc%3D8~vl2r_b%3D4.66~bh_sd%3D2026020802~tt%3D899~dsdvr%3D574.04~est%3D0~vw_exc%3D0.89~vis_sd%3D12470~bh_co%3D0~l_bidder_id%3D460~dc2%3D1~v_asn%3D9009~bdr_intrpret_b%3D-1000~b_flr%3D0.01~bdr_intrpret_sd%3D~dsvr%3D574.04~last%3D~cvog%3D0~vis_url_b%3D0.57~vl2r_i_sd%3D202602081600~vis_url_l%3D10~kc25%3D0~et%3D18~ulm_sd%3D~vl2r_i_b%3D0.01~ip_bkr%3D1_12~ref_r%3DN~vis_b%3D769.85~vl2r_url_vi%3D1E-16~url_tvi%3D0~agg_store_b%3D1~darvr%3D574.04~vv%3D0~cvl2r_sd%3D12520~l2r_b%3D1000~ex_s%3D2~wr_b%3D4.66%2C0~radp%3D0.000%2C0~sid%3D536152430~ctxvl2r_b%3D-1000~vwu%3D0.89~d2p_l%3D40~cvl2%3D2.95~3pcf%3D1000~og_msh%3D0.15~dmm_strg%3Dpinnacle~d2p_b%3D0.97~rps_b%3D42.86~rkwp%3D0.000%2C0~ntype%3D1~expscore%3D-1~rkwd%3D0.000%2C0~posvl2r_sd%3D198~isRef%3D0~isif%3D0~ctxonlyvl2r_b%3D-1000~bid%3D0.15~cbdp%3D0.073%7Eitype_id%3D17%7Eitype_override%3DADX%7Eseller_tag_id%3Daswift_1812271803%7Esupply_tag_id%3D1812271803%7Edetected_tag_id%3Daswift_1812271803%7Ec_lang%3Den%7Eviewability%3D0.89%7Epos%3D6%7Eac_type%3D1%7Eadblk%3D1812271803%7Eamp%3D1%7EcarrierId%3D0%7Eogbid%3D0.150000%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Deast_sc%7Eis_ortb%3D1%7Edmm_erpm%3Dfalse%7Edmm%3Dpinnacle%7Ebdpcapd%3D0%7Edalg%3Dhybrid%7Esobp%3D%7Exid%3DADX-pub-6494987875503497%7Ehtml%3D1%7Ead_pos%3D%7B%22t%22%3A1%2C%22p%22%3A4%7D%7Edmm_d28%3D0-0%7Epredicted_wr%3D40.00%7Edcut%3D50%7Edogb%3D0-1%7Ederp%3D0.1500%7Edalg%3Dhybrid%7Eecp_used%3Dq90%7Eecp_ver%3Ddn_1_v34%7Eecp_p05%3D0.02%7Eecp_p10%3D0.02%7Eecp_p15%3D0.02%7Eecp_p20%3D0.03%7Eecp_p25%3D0.04%7Eecp_p30%3D0.05%7Eecp_p35%3D0.06%7Eecp_p40%3D0.07%7Eecp_p45%3D0.08%7Eecp_p50%3D0.09%7Eecp_p55%3D0.10%7Eecp_p60%3D0.11%7Eecp_p65%3D0.11%7Eecp_p70%3D0.12%7Eecp_p75%3D0.12%7Eecp_p80%3D0.13%7Eecp_p85%3D0.14%7Eecp_p90%3D0.14%7Eecp_p95%3D0.16%7Eecp_p99%3D0.16%7Edmm_sfm%3D17_460%7Evbr%3Dam_row_s8%7E~ibc%3D1~nsz%3D2~tgs%3D120x600%7C160x600~tmx%3D293~mxbkt%3D0~mxhms%3D48~mxhme%3D0~fpureq%3D1&utime=858&sf=1&cpr=0.5900824751820613&audit_scanning=aYjSAQAAwGgGuTy-ABcefAkpeTYXUW1I8lfqjg&audit_cur=&bmode=l
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.200.28 Ashburn, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-222-200-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Sun, 08 Feb 2026 18:12:18 GMT
access-control-allow-origin
*
content-length
35
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
image/gif
truncated
/ Frame CAC1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6c59e9a811d25b82a01a096c658b1458d4166dfa6b6438e84572226bf2a7331

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
style_banner_162552.css
static.admaster.cc/js/template/style/ Frame B953 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.admaster.cc/js/template/style/style_banner_162552.css
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
84.226.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
497761940337bae1c5e2837df4418316b2c315eb69e395229b2adffd4cf07cdd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://googleads.g.doubleclick.net
Referer
https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=D3ohqw==, md5=UaEsJN4VBoSpWCNZmMHlZg==
content-encoding
br
age
41
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1863
date
Sun, 08 Feb 2026 18:11:37 GMT
last-modified
Fri, 26 Dec 2025 02:16:15 GMT
vary
Origin, Accept-Encoding
content-type
text/css
x-guploader-uploadid
AJRbA5VP5t1XyRcFlN02C1_jbFMAnHOdGwSBRcViTDFyMRZdr9ZtCTraFaCVh2rfVhwlsf_2
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1766715375384777
content-length
477
content-language
en
server
UploadServer
8b81cf765d3dc16556b3f8da6f2ad62e__scv1__622x368.webp
imagesnep.admaster.cc/ML/ Frame B953 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesnep.admaster.cc/ML/8b81cf765d3dc16556b3f8da6f2ad62e__scv1__622x368.webp
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
239.60.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ce1abbf92a71cb024f8acdd4ca835255a19cc03bfc9f6ad6486e7942882a5278

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type,Access-Control-Allow-Origin
x-goog-hash
crc32c=/Vf5UQ==, md5=aITUMEFCjEyz53cwBIevrg==
etag
"6884d43041428c4cb3e777300487afae"
age
310
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
9600
date
Sun, 08 Feb 2026 18:07:08 GMT
last-modified
Thu, 05 Feb 2026 14:14:15 GMT
content-type
image/webp
x-guploader-uploadid
AJRbA5W-QXR8j2NBt0NY-w9BPovFaS-6SxpG0g9xrvz15lYa3I50xTL8cFKd7IZ7xeFAo4Vg2dyjH2w
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1770300855871232
content-length
9600
server
UploadServer
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame B953 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/window_focus_fy2021.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
6020003950853699975
age
25138
x-content-type-options
nosniff
expires
Sun, 22 Feb 2026 11:13:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 11:13:19 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame B953 		21 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
ea4a3bda6fa5f3822ed8d15783364ff22f8cf737a748456564630c92970518ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
13377617181553841340
age
83197
x-content-type-options
nosniff
expires
Sat, 21 Feb 2026 19:05:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Feb 2026 19:05:40 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8668
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B953 		229 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
04e0142e1ae8bb711021ae2f9ec24aa63e662815b97e9de3d23d98cc2bb92f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
5076425831614719382
age
2217
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 18:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 17:35:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
72076
x-xss-protection
0
server
cafe
style_banner_6bba5b.css
static.admaster.cc/js/template/style/ Frame D5F1 		3 KB
741 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.admaster.cc/js/template/style/style_banner_6bba5b.css
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
84.226.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5af41b68909ceac0cb162606a520585d92847d53483eb285cded5cd4fe49f92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://googleads.g.doubleclick.net
Referer
https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=nX0fmA==, md5=NThb60H1+cbDjgk5psZEdw==
content-encoding
br
age
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3027
date
Sun, 08 Feb 2026 18:12:15 GMT
last-modified
Fri, 26 Dec 2025 02:16:22 GMT
vary
Origin, Accept-Encoding
content-type
text/css
x-guploader-uploadid
AJRbA5VO1uem_64t9j1I2jJUcNRfcTk1u9VOQsvnVHbtkMkQXcjtCP0l4dg1kvBQVyBnCard
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1766715382366846
content-length
711
content-language
en
server
UploadServer
2992c636bda05fae9a3bd8ca8757d3a9__scv1__622x368.webp
imagesnep.admaster.cc/ML/ Frame D5F1 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesnep.admaster.cc/ML/2992c636bda05fae9a3bd8ca8757d3a9__scv1__622x368.webp
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
239.60.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
62f9d36de90ed44c84af33e5b998d6451f30829770fbe0dc572bd7358e645f3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type,Access-Control-Allow-Origin
x-goog-hash
crc32c=X0isVg==, md5=khcdEs2ZJ7e+oJQ85gqvmQ==
etag
"92171d12cd9927b7bea0943ce60aaf99"
age
717
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
10970
date
Sun, 08 Feb 2026 18:00:21 GMT
last-modified
Sat, 07 Feb 2026 08:02:21 GMT
content-type
image/webp
x-guploader-uploadid
AJRbA5VrAI7AbxKsXTkUDZbp9KiW5d2SSFw1nMxQvQGwh4P5qcr-KKgI8W7k4xVTC2fMObX0FqIGLvM
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1770451341692435
content-length
10970
server
UploadServer
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame D5F1 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/window_focus_fy2021.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
6020003950853699975
age
25138
x-content-type-options
nosniff
expires
Sun, 22 Feb 2026 11:13:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 11:13:19 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/ Frame D5F1 		21 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20260205/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
ea4a3bda6fa5f3822ed8d15783364ff22f8cf737a748456564630c92970518ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
13377617181553841340
age
83197
x-content-type-options
nosniff
expires
Sat, 21 Feb 2026 19:05:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Feb 2026 19:05:40 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8668
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D5F1 		229 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
04e0142e1ae8bb711021ae2f9ec24aa63e662815b97e9de3d23d98cc2bb92f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
5076425831614719382
age
2217
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 18:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Feb 2026 17:35:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
72076
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame CAC1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
cookieSync.html
static.admaster.cc/js/ Frame E4B7 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
84.226.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e24a83f6d80be3ef18b72b5d8045e6be5316f8073a36998f136e1625c3755d02

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-encoding
br
content-language
en
content-length
3371
content-type
text/html
date
Sun, 08 Feb 2026 17:17:25 GMT
last-modified
Fri, 02 Aug 2024 07:32:17 GMT
server
UploadServer
vary
Origin, Accept-Encoding
via
1.1 google
x-goog-generation
1722583937076126
x-goog-hash
crc32c=gjgw1Q== md5=SO8vtU0BbZFyVEylosiXmw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
8007
x-guploader-uploadid
AJRbA5XrmdGfh4p4Ux3tz7BWgP_C2BSrC5w157lHScNvdZOoPlQNcTf49kSOtuhB1b1vWVV3
ic
tracenep.admaster.cc/ju/ Frame D3E2 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=376555faf9dee1c01aecad3eae96cc04&acid=75&data=8aaPcsEai0MlPz_q9HhBtDYkkw-Jn_FYHLjSvKBZ_X8R_JQo0Oo6yuBDKZL3lVrbsneiCzmcmlLaqXomNQS8MOp6CRmKPoHW9nNFjzLhfdctlSFTOz16iUV3mDbFtfFbMkJyzPSP1nSGsLsv8o-YTN1YUO8kT6aUeMZjWnUWlBtfOYEKSIgeU2mDXvZLpajnWWezVw3KSegYUO3WUm49I2Q8kNe7KTM61Gluu8jy1OLsxcOrhWRX6koolWnZeM-f8iG7L-0CcAzjCIsYd3F5RFg-D1hOUmbc0-7OuQ0IF7RMyI3LXzwYHmZ7IkdnDjWpovueXpKV27TUvY_fwzk6F6KEfy_YIiJGDVcCUt4cBWGnv1yDiDKDRGCCZiAvXCxHCtQmoEItBvnIR4jS13WSzY0Ro-XlozrrKvuWiPPSZr39G7JO7ejiPoSacipYSPpA3sYoA8rChi_KXUPNzn0s5pnOpTvpJNSA87MZDqEZ-MmAUrEyidvwwV1EBO3gz9dc4lFcqjx-frC5woNbuXe8tNeJn41CtNHIQGSuJW7VeLBFXokQfDyzig37XMT2qA38i36wCVIQSrPXD0sv-sPmAV79GrwEnngz2AUPUmZfQLJAE9hLNjGsc7PS1nHIunvKpq_NwhCDG6LePrRhacfVC13-9XlsxkQa9xFwppUxZnqSVjVbvUzphi5LmH6UoH5G1L8lupuxa1118ryZuRpcG9NyDxj6QiVu7KFgM-4o7oCcOpoluM9aT8-8PPUGxd7VC4JdheNAzjoNdMh_5YWVkdfnYtI2vJMzpGijz_WxKXPvZwzqtWl6z6Bsrbe2O47HRkH0PiMYwI4coSNJtaU8ci_qCzaCw4tlel4WFCkL_IvttfZXrLR1pa6H0d09Jm1uaUkr7K06gsdSl7bn_Z4iCSdmQIFxCWvotDV7JuB5QAUR4CJXJuNHhfELqk8V9KsIoRupvfNOoqPS9ERsZQJKWWvqT-hWSK17byk9KreXbjeHdXywGfasWO7Yy4XPAge9kFpSPj5WMoT6JGC2WCemhUSdf_QwA7bq7-Gj6gABA1Nvu2Os7sO6lMg9L5j9W7wQBvmpa1A74XlGm1qakbF4eRpF_88fS2rnEUP_QehYHFNEC72YQC0WPPB9sXPfLLGZsmraPdg9afgS9XsJ3QoGMc_nlf0cV8ReLiGruGJrsVJN-xidsmzrvgAH4pARHvXzp8Op2Nyhe_mJ8NoD7Ka0sx2WnaLydfa1A9deYeUMv89jbEgs4nFUPA1OqcCg8leQzOFZomhTFdMG8FuMHcZNZkrrk6a0J_s08A5LBWYg6X8JrTcR7tWlf7IPB3d_-WD0Hb1Sv-eOsaRBEGLTXIVwg0yMMJZPICSqxodd-fN8z9346ChhE8kGqswfmMSA7ScGmmu_7L0p5Awsl15pp-eDh0mySI2aSkvEfCgYIsXa1joeRlCNtJlg7_Au0ICghdKoC4sq4RbyD6OEmgQJaquY9K_2qwTGBLBai_mCWu97vBC0-DNvzURYENxpTcn32KXdaXnnqj5UtAT3_lkvKM-Xme59mPu2nqwVKgD6v86V-kwAHbHhy6QMReUaazzp0LRxUvE_FosDRpL8HHFtG7cTizt8mG3q9_mmxi6NFJvpobsbBJoN2cWfTTHcdBU7acVM&uid=000012d4241b3b7d&mguid=&ap=1.416557&tid=4&c_sync=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/html; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame D3E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame D3E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame D3E2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69aaedaacf76ce25a17067506396f6e380ac82645cc80915a1250dbb52e668b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
cookieSync.html
static.admaster.cc/js/ Frame 1A46 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
84.226.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e24a83f6d80be3ef18b72b5d8045e6be5316f8073a36998f136e1625c3755d02

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-encoding
br
content-language
en
content-length
3371
content-type
text/html
date
Sun, 08 Feb 2026 17:17:25 GMT
last-modified
Fri, 02 Aug 2024 07:32:17 GMT
server
UploadServer
vary
Origin, Accept-Encoding
via
1.1 google
x-goog-generation
1722583937076126
x-goog-hash
crc32c=gjgw1Q== md5=SO8vtU0BbZFyVEylosiXmw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
8007
x-guploader-uploadid
AJRbA5XrmdGfh4p4Ux3tz7BWgP_C2BSrC5w157lHScNvdZOoPlQNcTf49kSOtuhB1b1vWVV3
ic
tracenep.admaster.cc/ju/ Frame B953 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=00e6c3e81a58b983494a5913f43958b5&acid=75&data=A5DLWT1LmdFq4_tBkOIDh720sJj0xgLJAxtLkTguyZzoE3Z669HZ6LGVBV37JD31XqiGRWg7oc9OTjlAZjG7QiBNKlIicK0ZCN4AI7DdzdRlQ5DqHkYM_O-ogHXCW37TRKkXLqSdyEz3dXC1klby8TrXDY4_vW0N2QyX2vMXpI20CUOCIz_sxl_zfMHknTsAPP_pwGEHGJM4j3XzoB31FDJvlr0s5-5iJSZIeV1oL-1Utr6A4R704QNspyELC9emFndXrwIVJrgChmwnhTVlcWmVJO9IdoucIk9Icer4lkV0n1qh7P2-MM1rq9aGG0MwED3HjLabgJZ4xIjMINfQ8jxJQ9HL4m0Tud4uFX5HZmR6PWNEQd6_l4GB_UfefX6cK6PDskGXdcjdvG7xMoB6YqzBndLgh5pvNTTDf8LqFUBG8kRLHt6dtH0S5WaeCrhT9jWEZDQuUkZ4522XIvxPkB_RwUVVz6hCBD7qfcqQwVje9CKct4LT7wz4Wui08rfHYUAtGoD9RgC_zr8QSC782MDY0RvJwQ8m6i2XrOUZ09otPspTwhKPkqB_8yYzKiyK_-FjpBie9aYAEi4v-oquRKSLDIRmNnw5DuK8mW1XKpQDB8WSoc_GYwzg8jzTBkI64g821vmgag3-CQb6tmJOl_wn8SK57M500KUA_6sIdbEj6pKYxYZbYhH_W2HpNAxf1uGXgJXzbHSBb5XdrRs3bAscasqdIQOWbjKyI3skcar8OV36uaH71YAVxyRq_7DY9TyTEaVC69f3vBi-97NGOwSRbnByukxxSiZbX4LUz6VeQQOLhZ77wpeauIagL6TdIpIvFmQK2XTMP2hEkCsZ4CfxhZjyLdBR86VsU23MOVWii62lIonJEjdflkStjHoO3zLoGnETxor3yAvcwcI1khSpOh4ffjL0nQmPpuB8OLV9rUQKZ7YEnmgct68sXImJirUNS63I0cnM6-CjAz8Iu82wIPOlSp_A7q0nTf409jzP3HOzkpVDTqYbkH9y3RzzyZcYz1buzFi60B6bvBGR1HSM6iBNN8EBaCnMdoIcsG1YfreBiMlHA9oYo4f5azr5EZzctEQ077fHQk-B6G2rZOyRkeaIs8YCG-bor3-XVkxeIllwR5E1_8mrjze8lLYtFOYPqy_fEthc8m485Ro1YiapIM5XGK1d_QX_8XaZ3kt-jdEmYO5qzsujSGq1D2VtPjhfD1W9ezCkFVNYZVnx_UBYG_cGQ7k4VogqjES1Vy5VCeihwOjH3997hzPhsD9OzJp9dqLTqGJTWCYxFxzhQyGbM9sk8eoWxlQWMdCy3bfXNblvByCQc5h0YA1DYOMEV0iUJvrkBu7BVE33dRlWyEdPKOGeHW9nhag24rhA5FAd5WO_T0Y8V-00Xa0Zpb7AXuRE5vGrXy4w01WGyX0ORkQObDdw2TVV4l5W-LAg8CC_6SRYJOSVQw8ObAFSbNi9W-GnReJFzhmgLp09-z8r-7h9k_HbD_2ZsIssc-O-l2885V6SNkEVmiPh-as7RPWfMV7fkEfmjntKNWH9JgVChtBLlHiAuj6Em2QZru0dzKUfQnT94BfDcKS86pDSWIEidCvBffw2pogEhC_svfcZ7jh7IJLlP5sBAFuQJw6o1yTcP6d4sMcCUDxjl1ET9yL-&uid=000012d4241b3b7d&mguid=&ap=0.077945&tid=71&c_sync=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/html; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame B953 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame B953 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
eplist
gtracenep.admaster.cc/ju/cs/ Frame 8E42 		44 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gtracenep.admaster.cc/ju/cs/eplist?tn=2ce2e6e33746b4224011d22068a89c02&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fstatic.admaster.cc&mcb=mmgg_1770574338527_430
Requested by
Host: static.admaster.cc
URL: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
32a20bdf0dc30e762be2f0b74e1a53e4947556424499bcfaeffc7a46bec83891

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://static.admaster.cc/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
access-control-allow-origin
https%3A%2F%2Fstatic.admaster.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
Content-Type
eplist
gtracenep.admaster.cc/ju/cs/ Frame 28BC 		44 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gtracenep.admaster.cc/ju/cs/eplist?tn=2ce2e6e33746b4224011d22068a89c02&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fstatic.admaster.cc&mcb=mmgg_1770574338531_764
Requested by
Host: static.admaster.cc
URL: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
860290342d29044bba2265646324ace17d94f74a8877400a3f5c4d5661199579

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://static.admaster.cc/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
access-control-allow-origin
https%3A%2F%2Fstatic.admaster.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
Content-Type
c
gtracenep.admaster.cc/ju/log/ Frame D5F1 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gtracenep.admaster.cc/ju/log/c?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=9ce06f7ea47c52a97693518792e65701&mguid=&c_sync=1&app=MEDIA_INFO&ext={%22templateName%22:%22728x90_standard_abtest_03%22,%22inIframe%22:true,%22getParentDoc%22:true,%22screenHeight%22:1200,%22screenWidth%22:1600,%22self_s_w%22:728,%22self_s_h%22:90,%22self_c_w%22:728,%22self_c_h%22:90,%22title%22:%22Severe%20Tinnitus%20is%20Being%20Linked%20To%20a%20Common%20Food.%20Cut%20It%20Out%20Now%22,%22language%22:%22en%22}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/html; charset=utf-8
cookieSync.html
static.admaster.cc/js/ Frame E98A 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.226.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
84.226.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e24a83f6d80be3ef18b72b5d8045e6be5316f8073a36998f136e1625c3755d02

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-encoding
br
content-language
en
content-length
3371
content-type
text/html
date
Sun, 08 Feb 2026 17:17:25 GMT
last-modified
Fri, 02 Aug 2024 07:32:17 GMT
server
UploadServer
vary
Origin, Accept-Encoding
via
1.1 google
x-goog-generation
1722583937076126
x-goog-hash
crc32c=gjgw1Q== md5=SO8vtU0BbZFyVEylosiXmw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
8007
x-guploader-uploadid
AJRbA5XrmdGfh4p4Ux3tz7BWgP_C2BSrC5w157lHScNvdZOoPlQNcTf49kSOtuhB1b1vWVV3
ic
tracenep.admaster.cc/ju/ Frame D5F1 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=9ce06f7ea47c52a97693518792e65701&acid=34781&data=0bNxs5tGbnzyXegFql66NDTVEu1heRItXBno7h4_yCx1jCD12MPHNbE5wWdz6ySP-V0eo1vW3PX4CQruDWSXvCNxMbhN-PXalKhWF_Q9FL0UImT-VBiK1dpSvO_uvuKZC98rZYElRdzJjpDno-1hvn8dr92qxXxtzmnB4VX_LBCXHwTRtvEJrXZFSQlxS99NMz-84FSUAzeVZYQlQot1N5NNCggxhhzy0MYzg1TduT3kYyJ4rJ6VLnZz6UNDaeEsoqhJqENNwADtwnu9mIS1TslxFd5efiXQlSsjIu1yYpDuMouQUoFgqpFiRQ2ZqwfvelSNhPmtd94vh7lOsczC_iOZAvYEgtIIEZJ7nP6AQqk-fHNAct4HmfKkHi55TLFTlp728sFYiAFXiPODKzMNwPdF-41KizZZpzyP8wybhvAPgDmYhNbeDoI1FGsCpZwrb6sa1ukJFUMmTOIR97Oz6RoFzKNQ7gFgMxQn2iG0K8H30-XhlYgNYWevZEw0Et4OXhy97DmvympCXRvP8wYo3o9ghDXR_niwEuglKz_AshgwnXlxzWOBOsDEwcp4AzACu0ID5Hyq0GgqhXf-D6nYC6eZrMJCbYvBEW0RansLCmsFCbeT3LRdeFwtsBq0c4sGTnANmdXjdAQKbCxtAN72nfI3eVnjJ4GDcQzguHnYu4FdiID45ZIaGb9PL1fn9Va-gg6cJl7Bb_1wTQgfTQzMEK6hOW-pXDKq_qCP0zdOA8MFe-PeQQCXZR5AdtOKSGLGRaSzdPjhYyQy45ycUp_f4v7dUeXIwfGKTef2FFStZtbXM5JJ4fuv4PamVpdVpcYdAgXjJu0APUNphX2xslOVVOrDG4cVP-oXhu0Axgme37wFj4jcaFqkvpzc8QKgr60O7GvW39nzMz529clz29eW-gxY4kpAHtPp19W1k2h8LS6RdVY5HBtTgH_Zx7HeHD3izRSiYAk0oyPGz2T5hb70Pwt9EMIFmtEJt7IIq6Q4KdOSNFirIq_1gBk-iTGseznvu3ikVucfHwU4PcMHDrk4Ac4LSVAoj3Yr-3qxec_HrL0lgVAE0skPP85p6Igsf3HhqjLMjzT1ghO6TXfuJLz138mMc8wmBLY9el-A7nbM1hbzIcpv7Z2qyAATdJk8y7gZfEdpab_Bgxt2XIZym_8CLe5daqs7JKK78pTpXFPvCcAQDS_6vSUBKwmS7wh6z8YOq-cFnS0pnWJlFqCfRQ0N0sJV3wrnTbmGnvGWw65mKBmkLzhnSy7oQDju291WJRX5JjNXffYzEvhQbVgJHwvbm7mkmJ2eOB12H-gUxQgf6rbJQS4bsAMOAEp-ivm1dAZM6XAsTE8jviJPhd6cixboEB6M0RvnHmVT6ctGBYv8282gNp9NznxDmAWElqP_o-1CHVkLiVOXsxgc10B5UFx8dv6btp4IqTRqVfDpUcx2zfpvh5k7GoqT18o06eUTnnkImicxza49CBMMq8kVULBLAf_QdFmJTxQcmdjrBa00PKuVnglQgJUU392DjQuOOro8Vt4RcV6wgZZVhAgJwjm2FGj08lGY9MiN3PAqhlXp9WLtNU0s8S_E1Sfgm3wNHzgKNobdGR3WhdK46YuGK7RjgdPu3Ize1pBM-IVCcJTw2tFYLiJ4u0Fd53eLfs6NV3VE&uid=000012d4241b3b7d&mguid=&ap=0.093339&tid=106&c_sync=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/html; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame D5F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame D5F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame B953 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7880acdf45e13cb2be9b670db70c11c019ebb369be2032ec65d8e67d630ad00e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame D5F1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d8ad01dab921e43e165fc02a3f0c8c2f93b3775f78bcef3152db8817c7f3f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame D3E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
c
gtracenep.admaster.cc/ju/log/ Frame B953 		0
39 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gtracenep.admaster.cc/ju/log/c?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=00e6c3e81a58b983494a5913f43958b5&mguid=&c_sync=1&app=renderElapsedTime&ext={%22imgLoadTime%22:359,%22imgW%22:622,%22imgH%22:368,%22type%22:%22webp%22}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/html; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame B953 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame D5F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
eplist
gtracenep.admaster.cc/ju/cs/ Frame E4B7 		44 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gtracenep.admaster.cc/ju/cs/eplist?tn=2ce2e6e33746b4224011d22068a89c02&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fstatic.admaster.cc&mcb=mmgg_1770574338666_352
Requested by
Host: static.admaster.cc
URL: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
eb2358ba4f992d35e944e9eca63157152839bfee8e6b5817a6a6eb6e261ebd36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://static.admaster.cc/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
access-control-allow-origin
https%3A%2F%2Fstatic.admaster.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
Content-Type
eplist
gtracenep.admaster.cc/ju/cs/ Frame 1A46 		44 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gtracenep.admaster.cc/ju/cs/eplist?tn=2ce2e6e33746b4224011d22068a89c02&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fstatic.admaster.cc&mcb=mmgg_1770574338671_840
Requested by
Host: static.admaster.cc
URL: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
f825058a7d145cf7f9072309ff5fa4f1f555bfae4094eae5026c4ed3949455ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://static.admaster.cc/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
access-control-allow-origin
https%3A%2F%2Fstatic.admaster.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
Content-Type
cksync
cs.media.net/ Frame 4F28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=NDEzNTc1OTM4Njc3ODU1MjAwMFYxMA%3D%3D&google_sc=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?type=g&cs=6&gdpr=0&gdpr_consent=&google_gid=CAESEFgcfV9XutO6HVbZmMZKK-4&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&gdpr=0&gdpr_consent=&google_gid=CAESEFgcfV9XutO6HVbZmMZKK-4&google_cver=1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C202%2C20000%2C313%2C655%2C229%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&dn=newstoolbar.org
Protocol
H2
Server
35.227.244.76 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
76.244.227.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://hbx.media.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-length
43
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
image/gif
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, must-revalidate
location
https://cs.media.net/cksync?type=g&cs=6&gdpr=0&gdpr_consent=&google_gid=CAESEFgcfV9XutO6HVbZmMZKK-4&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
330
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
cksync
cs.media.net/ Frame 4F28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=medianet1&google_cm=1&google_hm=NDEzNTc1OTM4Njc3ODU1MjAwMFYxMA%3D%3D&google_sc=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?type=ga&cs=1&cs=6&gdpr=0&gdpr_consent=&google_gid=CAESEJtC4zrN-cNQoYmV5snhjIY&google_cver=1
43 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=ga&cs=1&cs=6&gdpr=0&gdpr_consent=&google_gid=CAESEJtC4zrN-cNQoYmV5snhjIY&google_cver=1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C202%2C20000%2C313%2C655%2C229%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&dn=newstoolbar.org
Protocol
H2
Server
35.227.244.76 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
76.244.227.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://hbx.media.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-length
43
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
image/gif
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, must-revalidate
location
https://cs.media.net/cksync?type=ga&cs=1&cs=6&gdpr=0&gdpr_consent=&google_gid=CAESEJtC4zrN-cNQoYmV5snhjIY&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
340
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
eplist
gtracenep.admaster.cc/ju/cs/ Frame E98A 		44 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gtracenep.admaster.cc/ju/cs/eplist?tn=2ce2e6e33746b4224011d22068a89c02&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fstatic.admaster.cc&mcb=mmgg_1770574338687_100
Requested by
Host: static.admaster.cc
URL: https://static.admaster.cc/js/cookieSync.html?tn=2ce2e6e33746b4224011d22068a89c02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
1ff7400a8bdf1b5f830fd10864973e41eaefe7826e592ee24ed1acb45093f2eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://static.admaster.cc/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
access-control-allow-origin
https%3A%2F%2Fstatic.admaster.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
Content-Type
clarity.js
scripts.clarity.ms/0.8.53/ Frame 436B 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://scripts.clarity.ms/0.8.53/clarity.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Sec-Purpose
prefetch
Referer
https://contextual.media.net/

Response headers

x-azure-ref
20260208T181218Z-1788cd67658x87smhC1ATL6k640000000eq0000000009xrq
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DE660B1CBADBA5"
x-fd-int-roxy-purgeid
0
x-ms-request-id
a9f3e236-a01e-003d-2548-9858c0000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Sat, 07 Feb 2026 05:38:24 GMT
telemetryJS.js
msadsscale.microsoft.com/bingads/ Frame 436B 		0
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://msadsscale.microsoft.com/bingads/telemetryJS.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Sec-Purpose
prefetch
Referer
https://contextual.media.net/

Response headers

x-azure-ref
20260208T181218Z-1788cd67658sjqx2hC1ATLns4s0000000dq0000000004cc8
access-control-expose-headers
content-length
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD613CD8BAF720"
x-fd-int-roxy-purgeid
0
x-ms-request-id
76acabd7-201e-0020-5feb-97b98b000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Wed, 12 Mar 2025 08:06:51 GMT
truncated
/ Frame 436B 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 436B 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 436B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
bql.php
akl-navvy.media.net/ Frame 436B 		15 B
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://akl-navvy.media.net/bql.php?vgd_len=14169&&vgd_l2type=weaver&fp=bOykoNr_4TvGQFII4IwMIYrl9K2h-FtiUn_uAFqr15l02JManPJYDsFEpCFGmrXaXRXVNqN_xQ1g_c3dvw-vwREawNKEFYWIkpoK0lp-CpSaJbaNPM9zRIVLRkOw5uqGFeltgoZttsr0ZTfaEQ1jAA%3D%3D&cme=wrZ2qQ75piBnmdZgE0lHpPIzAMQqzLVg4AId84IIwifFTn3wrgC1GU2jDZ-Vuzb02VnftpiUV2yyXHFnaqImBzl6AsB_FWoMJsJvFTSHOP5azBWScGz2lF7MFvA5F5jaEFnmeO-4efdt7HAzI5VjB3JbjaWfEN6JRlEK0dGjArG-3Bq88eBO3AqM2eFsAoc665bO9dGP8e60vQCLLg0GBjo5fWaLGKKoz84y8AEwiRB8BRqXeA-9_hHv-0vI3ZGFal-27y1KLHX2dKIebh0HqAn1kW6kLYb2HZ1y89OzBN0csWsVincsxDrUhjusT0xArPKgfYhqww01RDgg0Lnx2EjO8D1AhG9idAWJrZeBeR_DHQGLFAJRRg%3D%3D%7C%7Cd9vPLM1tRn-WLhCjY8-_mw%3D%3D%7Ct70VQkp5hFEq_Mpo4GcvlZl40KzsRjnW%7Ca0AmFUYXmD5KNBClN9IRWfPUyXi1ClRHgMZ_hwLIRrUhKdqftQUNss2AigYEaj4kydA3QLzgjmk%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CmOSIDZX3QvZCIArdI4MaOcMQRf3QPveNCbqLRn5yeq-KIve_vE8LWc0SR513LogWCUrAQpISMIkHkweVp2zPf9gl0VrplfyzaykNltPm69-OtJ_mHTpuhDiKKEsJ-hWGio5j6aNX3zmOVxBa5pIDoeLUZ4S6SXNoa5AKECphz5UL-JoEOcgW_8P-sNb6OTesZnnfkq0l5g0m4kL26IJ0jUZJOx1piZtAY611_7rBXGo1H_02AXbN3ffTi3TT8QAxFmw1w-jMPqLTJStKgzUNTFe_4HJgKSJsxspyyts_3A4RBOdFc6WTXzGxV_8Tw48073UIENG7mL_vIn8tHIGgWINhQ8kIlhZ8CSvRjeptuVj65GVcWAQ9gxTp98Kz12dt-ARImFHOQy9m1YYH9IVgT3XoegY9gMtmC3OURyHssZC2zV-ALuqnE0ZWzh0-netf9JYNcsPiJmB6opG7wn-p8CvNSl1C5qElJCO8cWDFjzNhpanL6eT8dWMEWagNCe9GHbs6HY6aYw-IGqzEtYbahUJS7Wh-kuL_re4cQpNJSXwtpQgd941QfCq6UvSqBLSoU8A20lazn6LcHk0RRlZQjkw42V5imWVHoLVpaodlsiJ0X2ctjxAFFkeVoXbkoAhpA_vBtXlc5C7DOFyTRtBYTBxw8N7-svs-Su0jmoKHhKLwMVgzIYVJ3_T2jwLMxq6IaxlG_C10VmVnrd2555SK0M1apPfqt082jYQAmzuuJ_Q1iAC1eYKbxsg1d7qVX9Fv_Ko-N5AW3TTCETfkryzIa7tc2Yw6Mti8gObAG5dm-rfE3ZnIaW5XvsATSv3Ls5HM8U5BJJJVqfprT_flRZ7dfFkyg8_JzhYFoYtb9nUuqH2J-9khm3UZ4-BKXewUrKzMtBr7GGu0jJMr99SpY-r2OG9WPSjb85XJcMNUFT2UE1mQHrewtz_Mx5gv6ML_2cLgSN7Ax4EoCw2aJcqG0iAbh5OEL33CP1e8%7Cu8A6SM53vAeV5r4ww6ldE8TMDOtCsF6e%7Cqk5jDP-Bqht8AUEIoCxyGGxeRRMQBwSB%7C&subBdr=196&bdrid=460&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuOUBO&kwd[]=Treatments+for+Large+B+Cell+Lymphoma&kwt[]=391&kbc[]=1301055749&kwp[]=1&kid[]=1086035812&kbc2[]=pmb%3D1%7Cakp%3D20%7Cfs%3D0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D18720%7Cclid_serp%3D7271%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C23%3D0.0971%7Cfl_mul_800000000%3D1.0000%7Cfl_mul_12%3D1.0000%7Cfl_mul_53%3D1.0000%7Cfl_mul_96%3D1.0000%7Cfl_mul_61%3D1.0000%7C7%3D0.0001%7C8%3D020811%7C13%3D0.0973%7C14%3D020815%7Ckus%3D5.0000%7Ckucs%3D0.3046%7Ckcucs%3D0.5422%7Ckcucs2%3D0.5422%7Ckssks%3D5.0000%7Crcid%3D14882%7Cclpr%3D0.851100%7Ccllvl%3D5%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.386%7Cps_id%3D0%7Cadv_agg_rps_800000000%3DNaN%7Cadv_agg_clicks_800000000%3D0.000%7Cadv_agg_rps_800000000_av%3D1%7Cadv_agg_rps_800000000_lvl%3D0.000%7Cadv_agg_rps_v2_12%3D1.868007%7Cadv_agg_clicks_v2_12%3D104.000%7Cadv_agg_rps_v2_12_av%3D1%7Cadv_agg_rps_v2_12_lvl%3D7.000%7Cadv_agg_rps_v2_53%3D0.192053%7Cadv_agg_clicks_v2_53%3D101.000%7Cadv_agg_rps_v2_53_av%3D1%7Cadv_agg_rps_v2_53_lvl%3D6.990%7Cpv_order%3D12%2C96%2C53%2C800000000%2C61%7Cpv_f%3D12%7Cpv_nm_f%3D96%7Cctf%3D0&ktd[]=20364249062464589554613879898368&klg[]=en&kwd[]=8+Best+Car+Insurance+for+Seniors&kwt[]=391&kbc[]=1301055749&kwp[]=2&kid[]=832331767&kbc2[]=pmb%3D1%7Cakp%3D26%7Cfs%3D0%7Cclid_fz%3D22106%7Cclid_serp%3D5595%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C23%3D0.0665%7Cfl_mul_61%3D1.0000%7Cfl_mul_96%3D1.0000%7Cfl_mul_800000000%3D1.0000%7Cfl_mul_12%3D1.0000%7Cfl_mul_53%3D1.0000%7C7%3D0.0001%7C8%3D020811%7C13%3D0.0451%7C14%3D020815%7Clbt%3D3%7Ckus%3D5.0000%7Ckucs%3D0.2777%7Ckcucs%3D0.6319%7Ckcucs2%3D0.6319%7Ckssks%3D5.0000%7Crcid%3D178940%7Cclpr%3D0.734000%7Ccllvl%3D2%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.386%7Cps_id%3D0%7Cadv_agg_rps_12%3D0.241717%7Cadv_agg_clicks_12%3D3.000%7Cadv_agg_rps_12_av%3D1%7Cadv_agg_rps_12_lvl%3D9.000%7Cadv_agg_rps_53%3D0.123162%7Cadv_agg_clicks_53%3D1.000%7Cadv_agg_rps_53_av%3D1%7Cadv_agg_rps_53_lvl%3D8.000%7Cadv_agg_rps_v2_12%3D0.424703%7Cadv_agg_clicks_v2_12%3D103.000%7Cadv_agg_rps_v2_12_av%3D1%7Cadv_agg_rps_v2_12_lvl%3D8.825%7Cadv_agg_rps_v2_53%3D0.240910%7Cadv_agg_clicks_v2_53%3D101.000%7Cadv_agg_rps_v2_53_av%3D1%7Cadv_agg_rps_v2_53_lvl%3D7.446%7Cpv_order%3D12%2C53%2C96%2C800000000%2C61%7Cpv_f%3D12%7Cpv_nm_f%3D53%7Cctf%3D0&ktd[]=20403727744029920381343457411072&klg[]=en&kwd[]=How+to+Clean+Glass+Shower+Door&kwt[]=391&kbc[]=1301055749&kwp[]=3&kid[]=98327572&kbc2[]=pmb%3D1%7Cakp%3D3%7Cfs%3D0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D17565%7Cclid_serp%3D17565%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C23%3D0.1062%7Cfl_mul_53%3D1.0000%7Cfl_mul_12%3D1.0000%7Cfl_mul_800000000%3D1.0000%7Cfl_mul_96%3D1.0000%7Cfl_mul_61%3D1.0000%7C7%3D0.0002%7C8%3D020811%7C13%3D0.0032%7C14%3D020815%7Ckus%3D5.0000%7Ckucs%3D0.2595%7Ckcucs%3D0.6514%7Ckcucs2%3D0.6514%7Ckssks%3D5.0000%7Crcid%3D72296%7Cclpr%3D1.000000%7Ccllvl%3D1%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.386%7Cps_id%3D0%7Cadv_agg_rps_800000000%3DNaN%7Cadv_agg_clicks_800000000%3D0.000%7Cadv_agg_rps_800000000_av%3D1%7Cadv_agg_rps_800000000_lvl%3D0.000%7Cadv_agg_rps_v2_12%3D0.916928%7Cadv_agg_clicks_v2_12%3D1.000%7Cadv_agg_rps_v2_12_av%3D1%7Cadv_agg_rps_v2_12_lvl%3D7.000%7Cadv_agg_rps_v2_53%3D0.156436%7Cadv_agg_clicks_v2_53%3D29.000%7Cadv_agg_rps_v2_53_av%3D1%7Cadv_agg_rps_v2_53_lvl%3D7.241%7Cpv_order%3D12%2C53%2C96%2C800000000%2C61%7Cpv_f%3D12%7Cpv_nm_f%3D53%7Cctf%3D0&ktd[]=81839458812914626929562288384&klg[]=en&kwd[]=4-Ingredient+Chicken+Recipes&kwt[]=391&kbc[]=1301055749&kwp[]=4&kid[]=351337937&kbc2[]=pmb%3D1%7Cakp%3D13%7Cfs%3D0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D6454%7Cclid_serp%3D6454%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C23%3D0.1956%7Cfl_mul_12%3D1.0000%7Cfl_mul_61%3D1.0000%7Cfl_mul_53%3D1.0000%7Cfl_mul_800000000%3D1.0000%7Cfl_mul_96%3D1.0000%7C7%3D0.0001%7C8%3D020811%7C13%3D0.0031%7C14%3D020815%7Ckus%3D5.0000%7Ckucs%3D0.3276%7Ckcucs%3D0.5861%7Ckcucs2%3D0.5861%7Ckssks%3D5.0000%7Crcid%3D54753%7Cclpr%3D1.000000%7Ccllvl%3D1%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.386%7Cps_id%3D0%7Cadv_agg_rps_53%3D0.068432%7Cadv_agg_clicks_53%3D1.000%7Cadv_agg_rps_53_av%3D1%7Cadv_agg_rps_53_lvl%3D7.000%7Cadv_agg_rps_v2_12%3D0.367220%7Cadv_agg_clicks_v2_12%3D11.000%7Cadv_agg_rps_v2_12_av%3D1%7Cadv_agg_rps_v2_12_lvl%3D7.000%7Cadv_agg_rps_v2_53%3D0.069619%7Cadv_agg_clicks_v2_53%3D101.000%7Cadv_agg_rps_v2_53_av%3D1%7Cadv_agg_rps_v2_53_lvl%3D6.990%7Cpv_order%3D12%2C96%2C53%2C800000000%2C61%7Cpv_f%3D12%7Cpv_nm_f%3D96%7Cctf%3D1&ktd[]=81704042592839602017864319232&klg[]=en&kwd[]=Free+Online+Car+Insurance+Quotes&kwt[]=391&kbc[]=1301055749&kwp[]=5&kid[]=11617962&kbc2[]=pmb%3D1%7Cakp%3D7%7Cfs%3D0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D6031%7Cclid_serp%3D5602%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C23%3D0.3067%7Cfl_mul_61%3D1.0000%7Cfl_mul_12%3D1.0000%7Cfl_mul_800000000%3D1.0000%7Cfl_mul_96%3D1.0000%7Cfl_mul_53%3D1.0000%7C7%3D0.0001%7C8%3D020811%7C13%3D0.0035%7C14%3D020815%7Ckus%3D5.0000%7Ckucs%3D0.3531%7Ckcucs%3D0.6319%7Ckcucs2%3D0.6319%7Ckssks%3D5.0000%7Crcid%3D150109%7Cclpr%3D0.950700%7Ccllvl%3D2%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.386%7Cps_id%3D0%7Cadv_agg_rps_53%3D0.349464%7Cadv_agg_clicks_53%3D2.000%7Cadv_agg_rps_53_av%3D1%7Cadv_agg_rps_53_lvl%3D7.000%7Cadv_agg_rps_v2_12%3D0.435216%7Cadv_agg_clicks_v2_12%3D103.000%7Cadv_agg_rps_v2_12_av%3D1%7Cadv_agg_rps_v2_12_lvl%3D7.835%7Cadv_agg_rps_v2_53%3D0.240143%7Cadv_agg_clicks_v2_53%3D101.000%7Cadv_agg_rps_v2_53_av%3D1%7Cadv_agg_rps_v2_53_lvl%3D7.267%7Cpv_order%3D12%2C53%2C96%2C800000000%2C61%7Cpv_f%3D12%7Cpv_nm_f%3D53%7Cctf%3D0&ktd[]=20364113646244505522502927188224&klg[]=en&kwd[]=10+Best+Foods+to+Eat+for+Breakfast&kwt[]=391&kbc[]=1301055749&kwp[]=6&kid[]=352422366&kbc2[]=pmb%3D1%7Cakp%3D22%7Cfs%3D0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D8113%7Cclid_serp%3D8113%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C23%3D0.2043%7Cfl_mul_53%3D1.0000%7Cfl_mul_96%3D1.0000%7Cfl_mul_12%3D1.0000%7Cfl_mul_800000000%3D1.0000%7Cfl_mul_61%3D1.0000%7C7%3D0.0002%7C8%3D020811%7C13%3D0.0026%7C14%3D020815%7Ckus%3D5.0000%7Ckucs%3D0.2918%7Ckcucs%3D0.6160%7Ckcucs2%3D0.6160%7Ckssks%3D5.0000%7Crcid%3D66772%7Cclpr%3D1.000000%7Ccllvl%3D1%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.386%7Cps_id%3D0%7Cadv_agg_rps_800000000%3DNaN%7Cadv_agg_clicks_800000000%3D0.000%7Cadv_agg_rps_800000000_av%3D1%7Cadv_agg_rps_800000000_lvl%3D0.000%7Cadv_agg_rps_v2_12%3D0.266040%7Cadv_agg_clicks_v2_12%3D35.000%7Cadv_agg_rps_v2_12_av%3D1%7Cadv_agg_rps_v2_12_lvl%3D7.000%7Cadv_agg_rps_v2_53%3D0.135254%7Cadv_agg_clicks_v2_53%3D87.000%7Cadv_agg_rps_v2_53_av%3D1%7Cadv_agg_rps_v2_53_lvl%3D6.989%7Cpv_order%3D12%2C96%2C53%2C800000000%2C61%7Cpv_f%3D12%7Cpv_nm_f%3D96%7Cctf%3D0&ktd[]=20364113646244510026102554558720&klg[]=en&kwd[]=15+Best+Toilet+Cleaning+Hacks&kwt[]=391&kbc[]=1301055749&kwp[]=7&kid[]=350499042&kbc2[]=pmb%3D1%7Cakp%3D9%7Cfs%3D0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7Cclid_fz%3D13731%7Cclid_serp%3D7950%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C23%3D0.2712%7Cfl_mul_12%3D1.0000%7Cfl_mul_800000000%3D1.0000%7Cfl_mul_53%3D1.0000%7Cfl_mul_61%3D1.0000%7Cfl_mul_96%3D1.0000%7C7%3D0.0002%7C8%3D020811%7C13%3D0.0026%7C14%3D020815%7Ckus%3D5.0000%7Ckucs%3D0.2734%7Ckcucs%3D0.6514%7Ckcucs2%3D0.6514%7Ckssks%3D5.0000%7Crcid%3D233569%7Cclpr%3D1.000000%7Ccllvl%3D3%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.386%7Cps_id%3D0%7Cadv_agg_rps_800000000%3DNaN%7Cadv_agg_clicks_800000000%3D0.000%7Cadv_agg_rps_800000000_av%3D1%7Cadv_agg_rps_800000000_lvl%3D0.000%7Cadv_agg_rps_v2_12%3D0.916928%7Cadv_agg_clicks_v2_12%3D1.000%7Cadv_agg_rps_v2_12_av%3D1%7Cadv_agg_rps_v2_12_lvl%3D7.000%7Cadv_agg_rps_v2_53%3D0.158627%7Cadv_agg_clicks_v2_53%3D29.000%7Cadv_agg_rps_v2_53_av%3D1%7Cadv_agg_rps_v2_53_lvl%3D6.966%7Cpv_order%3D12%2C53%2C96%2C800000000%2C61%7Cpv_f%3D12%7Cpv_nm_f%3D53%7Cctf%3D0&ktd[]=81704042592835098418236948736&klg[]=en&v=1&geo=35.31%7C-80.81&dlper=20&lper=100&ybn_cc_exp=0&lpid=&tsid=2&hint=&cc=US&wsip=170774818&bca=0&ugd=4&vgde_setid=Nff&vgde_chost=Nmz7J-7x1j.YJO81.zJ7&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Nw1Ljm77J%22%2C%22QQ8E%22%3A%22uif.uHH.f9.9%22%2C%22QQQN%22%3A%22I%3D%22%7D&cid=8CURI7T3U&vi=1770574337144847051&vsid=4135759386778586&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_act_status=1&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=2&vgd_tsce=L1134-S1134&vgd_l3_sc=NC&vgd_sslb=1111&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_bwr=5000&vgd_kacointoss=true&vgd_katbid=-102&vgd_pdtid=1&vgd_oscar=1&vgd_ctrlid=O_SERP&vgd_nrrv=18550&vgd_nrrmf=1008303000c82a&vgd_nrrsf=scrr&vgd_cty=charlotte&vgd_csovr=0&kwof%5B%5D=0&kwof%5B%5D=0&kwof%5B%5D=0&kwof%5B%5D=0&kwof%5B%5D=0&kwof%5B%5D=0&kwof%5B%5D=0&vgd_ifrmode=14&vgd_ecrid=1700090001091900160060000040400&kafm_ull_cache=00&sbdrId=196&tsrc=en_adtag&verid=3111299&mprpslog=undefined&kbbq=%26asn%3D9009&vgde_ydsp=%7B%22GxNUJ7VO4z7875%22%3A%22iiii%22%2C%22GxNUJ7I1YJ4z7875%22%3A%22pJ1eJL%22%2C%22QEx%22%3A%22XuWX~%22%2C%22yE8O%22%3A%22%22%2C%225ON%22%3A%22Nff%22%7D&vgd_wlstp=0&vgd_vstrid=4135759386778586&vgde_bdata=QOfvzxjj~8xLjMjvu9~e8fXv9~GwMNEYv9~myJLEYv9.uX~N7-mzj5ejfLMQOvuif~EmQejfLMGvi.uA~OmYMGvu.fu~QNOvzN~L1Jv9%2C9%2Cou~OmYMjvf9~ejfLMQOvf9fF9f9WuF99~8xLjMGvuXXX.XX~xLjM7UNv9~Q7Ov1QB8k7MuWuffhuW9A~YzMGJwMGmmQ7v9.ih~N7-ejfLMQOvuWF~8EvABr5yc~kGGvuF~GwM8Yvfi~L88Ex1vH%2CH~LNvu~LEQMQOvf9fF9f9WuH~L1Oev9.999%2C9~xLjMGv9.FH~ejfLMxLjMGv9~xLjMjvu9~QjevuW.9A~yN17vX99AuX~GGvuiF~JLEYv9.uX~ejfLMxLjMUNv949~QQOeLvWAH.AF~EQ8MNvuh%2CuX%2C9%2C9%2C9%2C9%2C9%2C9%2Cf~EQ8MOvi99~LUJv9%2C9%2Cou~1AEMGvH.Ff%2CHf.WF~QOv9~LMBLMGvX9u.h%2C9~x8OvLhV0hr-h%3DVtAk%2F8008~NejfLMGvf.iX~G7OvuAfuiAHWHHu9AWXuWi9AfFhiWfX9WifWFhFi99WFXiAXFhh9hF9iFAXuiFFHXhHfHFfXAih9hWhFffFFuAifuAiXAHXuiiuAWuXHWuWiFuXH9AWXWhWhWHuXiuWffuAXWHXhuFFuHAXWWiuXWhWFHAFh9iffHHHW~x8Yv9~1EEMzvzmzM1EE~eLMxLjMGvXhA.iu~myOfEMGv9.ih~GxyOvH~QQvIK~NNvPb~x8Bvou~NJv9~LNevfF.hf~%3DVvAXhh~UGMxNvof~z7Qvf~1GYvu~N7vNw1Ljm77J~1yyMQ7mLJMQOv~G1Q8QfvuiF~%20GNvu~GO7vuhh9XhHAAh~G1Q8QuvuiF~ONvW~ejfLMGvH.FF~GwMQOvf9fF9f9W9f~77vWii~OQOeLvXhH.9H~JQ7v9~eBMJ-Nv9.Wi~e8QMQOvufHh9~GwMNmv9~jMG8OOJLM8OvHF9~ONfvu~eM1Qzvi99i~GOLM8z7LELJ7MGvou999~GMkjLv9.9u~GOLM8z7LELJ7MQOv~OQeLvXhH.9H~j1Q7v~Nemyv9~e8QMxLjMGv9.Xh~ejfLM8MQOvf9fF9f9WuF99~e8QMxLjMjvu9~UNfXv9~J7vuW~xjYMQOv~ejfLM8MGv9.9u~8EMGULvuMuf~LJkMLvI~e8QMGvhFi.WX~ejfLMxLjMe8vu4ouF~xLjM7e8v9~1yyMQ7mLJMGvu~O1LeLvXhH.9H~eev9~NejfLMQOvufXf9~jfLMGvu999~J-MQvf~BLMGvH.FF%2C9~L1OEv9.999%2C9~Q8OvXAFuXfHA9~N7-ejfLMGvou999~eBxv9.Wi~OfEMjvH9~Nejfvf.iX~AENkvu999~myMYQwv9.uX~OYYMQ7LyvE8zz1NjJ~OfEMGv9.ih~LEQMGvHf.WF~LUBEv9.999%2C9~z75EJvu~J-EQNmLJvou~LUBOv9.999%2C9~EmQejfLMQOvuiW~8QDJkv9~8Q8kv9~N7-mzj5ejfLMGvou999~G8Ov9.uX~NGOEv9.9hA~875EJM8Ovuh~875EJMmeJLL8OJvKrt~QJjjJLM71yM8Ov1QB8k7MuWuffhuW9A~QxEEj5M71yM8OvuWuffhuW9A~OJ7JN7JOM71yM8Ov1QB8k7MuWuffhuW9A~NMj1zyvJz~e8JB1G8j875v9.Wi~EmQvF~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~N1LL8JLVOv9~myG8Ov9.uX9999~GkjLv9.9u9~Qx8Ov~O7NvJ1Q7MQN~8QMmL7Gvu~OYYMJLEYvk1jQJ~OYYvE8zz1NjJ~GOEN1EOv9~O1jyvw5GL8O~QmGEv~-8OvKrtoExGoFHiHiWhWhXX9AHih~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~OYYMOfWv9o9~ELJO8N7JOMBLvH9.99~ONx7vX9~OmyGv9ou~OJLEv9.uX99~O1jyvw5GL8O~JNEMxQJOv%20i9~JNEMeJLvOzMuMeAH~JNEME9Xv9.9f~JNEMEu9v9.9f~JNEMEuXv9.9f~JNEMEf9v9.9A~JNEMEfXv9.9H~JNEMEA9v9.9X~JNEMEAXv9.9F~JNEMEH9v9.9h~JNEMEHXv9.9W~JNEMEX9v9.9i~JNEMEXXv9.u9~JNEMEF9v9.uu~JNEMEFXv9.uu~JNEMEh9v9.uf~JNEMEhXv9.uf~JNEMEW9v9.uA~JNEMEWXv9.uH~JNEMEi9v9.uH~JNEMEiXv9.uF~JNEMEiiv9.uF~OYYMQkYvuhMHF9~eGLv1YMLmBMQW~~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~7Y-vfiA~Y-GU7v9~Y-wYQvHW~Y-wYJv9~kExLJ%20vu&vgd_scsver=2751&vgd_himglg=K0P0-O0K0-S0&vgd_cache_metadata=%7B%22kbb%22%3Afalse%7D&vgd_cfud=251107&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_akcip=192.144.20.9&vgd_oreqf=one&vgd_oresf=one&vgd_och=0&vgd_rensize=160_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_resdnv2=15&vgd_col_sch=l&vgd_ect=4g&vgd_be=0&vgd_ssmcr_lar=2&vgd_nmerr=1&tdAdd[]=uiparams%3D%3Brend_w%3A160%3Brend_h%3A600&vgd_sc=NC&hvsid=00001770574337333032306677762559&rc=0&rand=1770574338811&acid=3cf0440b93962adb40b39a9a636dc00a&matm=1770574338811&vgde_ltimesrc=u&vgde_ltime=FHi&vgde_rtime=FAF&vgde_etm=fA&vgde_timeObj=%7B%22juJ-JN%22%3Azxjj%2C%22jfjm1O%22%3AXiW%2C%22QNLLQ71L7%22%3Auf%2C%22QNLLLJzOJL%22%3AfF%2C%22QNLLJ-JN%22%3AAi%7D&vgd_lhl=6663&vgd_csip=rtb-appnexus-a-7ff8db4d5b-ml4wz.SC&vgd_sbSup=1&vgd_nrrs=18550&vgde_cdeplbl=1E8Mzm7M1e18j1GjJ&vgd_y_d2r=similarsearch.net&vgd_matchstr=bb%3D1_1%7Chr%3D0%7Cdlg%3Den%7Cclg%3Den%7Cbcat%3Djo%2C16e%7Ccsh%3D1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3889&%2AJ=M33V43%28ll3M%28%28h%283V4M&7JW=WK43URWKYvMK%28Y%284WWYKe~3YWl%28eKUQhKM~~&7r~v=7BQ&88ked%21%2AQd=%25%25%3Fmq_COCnG1C.g%3AYM%3A4%25%25&88rW=%7B%2288ee%22%3A%226Z%22%2C%2288eHz%22%3A%22eA~dr7HHQ%22%2C%2288JX%22%3A%22MRUPM%28%28PUVPV%22%2C%22888e%22%3A%22gn%22%7D&8HXJW=&8J-Q=M0VI0VV&8KWdCW=MR0&8e=gn&98XQBv=V&9pW=%28&AHHX8=M&BH%2A=V&BkQdd=M&EW=&Eadv=&E~HKJW=YMVU&E~HXdQ=M&E~e7JBH788=Hd9Q&H8eQ=SMMl%28&J8JW=4&KJW=l3%28R4l&KQ=V&KWdCW=%280V&K~Q=M33V43%28ll3sM33V43%28Rl3s0VV&QedJW=M3VVVRVVVMVRMRVVM0VV0VVVVV%28V%28VV&WQekkk=KK%3DM%21M%7CAd%3DV%7CWrp%3DQB%7Cerp%3DQB%7CKe~H%3Di7%2CM0Q%7Ce8A%3DM&XJW=hN.DUMl.M&a8AX=V&ar8HX=V&dQw9dr=AHHX8%3A%2F%2FBQa8H77rK~dP7dp%2FX~ze7kYQkXr7zQQYr7pJB&eABkU=&eABkl=&eHXJW=&eJW=hn6_C31l6&eQIXJW=&eW%2A=.U3l0&edJW=4l0M4U%28lV&ee=6Z&htmlsrc=1&k8X~=V&kkdd=AW%7Cu%7Cn39H%2AA&pWXd=V&pWXdeB8H=&rUHzXQ=aQ~%2AQd&tpid=TQD1S9E&zKB%21ee%21QIX=V&zW8Xd=M&zXrX=M&~W%2A=ZJkJr~d+ZQ~deA&~W7k~JB=AHHX8%3A%2F%2F8JkJr~d8Q~deAPBQH&~WHM=hn6MZFj%28l&~WHU=ll30RM4lh&~Xn9=&~eH=NuCGp~uu9%2FuwldpBQp9g~g%28Q%28wu~-lvpwwp&eobd=4YrCvRaaBNR%2FadaCezBHNr_CzBM9d%20hyCzBP5b%2FhyCz.e_B%20jFPvaSHar%2Fd4YCeqrBhP4Har%2FdMCq.enBYPydMCe.reB4%20YCv%20B%2FDbCz%2Cz%2CieBYPydaCrzBHar%2Fd4YCrzrUzrzseUzzBNR%2FadMCe___.__BR%2Fadjx%20CzB4jYCD4JNkjdeserrWesznByvdMb9dMPP4jCz.qWB%20jFHar%2Fd4YCesUBNhCnJQS5mBkMMCeUBM9dNyCrqB%2FNNhRDCX%2CXB%2F%20CeB%2Fh4d4YCrzrUzrzseXB%2FDYHCz.zzz%2CzBR%2FadMCz.UXBHar%2FdR%2FadMCzBR%2FadaCezB4aHCes.znB5%20DjC_zzne_BMMCeqUBb%2FhyCz.e_BHar%2FdR%2Fadx%20Cz8zB44YH%2FCsnX.nUBh4Nd%20CeW%2Ce_%2Cz%2Cz%2Cz%2Cz%2Cz%2Cz%2CrBh4NdYCqzzB%2FxbCz%2Cz%2CieBDnhdMCX.Ur%2CXr.sUB4YCzB%2FdJ%2FdMC_ze.W%2CzBRNYC%2FWuKWQFWLu%7CnkfNKKNB%20Har%2FdMCr.q_BMjYCenreqnXsXXezns_esqznrUWqsr_zsqrsUWUqzzsU_qn_UWWzWUzqUn_eqUUX_WXrXUr_nqWzWsWUrrUUenqrenq_nX_eqqense_XsesqUe_Xzns_sWsWsXe_qesrren_sX_WeUUeXn_ssqe_sWsUXnUWzqrrXXXsBRNyCzBDhhdvCvPvdDhhBH%2FdR%2FadMC_Wn.qeBP5YrhdMCz.qWBMR5YCXB44CcgB%20%20CVlBRNJCieB%20bCzB%2F%20HCrU.WrBLuCn_WWBxMdR%20CirBvj4CrBDMyCeB%20jC%209D%2FaPjjbBD55d4jP%2Fbd4YCBMD4N4rCeqUB~M%20CeBMYjCeWWz_WXnnWBMD4N4eCeqUBY%20CsBHar%2FdMCX.UUBM9d4YCrzrUzrzszrBjjCsqqBY4YH%2FC_WX.zXBb4jCzBHJdbF%20Cz.sqBHN4d4YCerXWzBM9d%20PCzBadMNYYb%2FdNYCXUzBY%20rCeBHdD4vCqzzqBMY%2FdNvj%2Fh%2FbjdMCiezzzBMdka%2FCz.zeBMY%2FdNvj%2Fh%2Fbjd4YCBY4H%2FC_WX.zXBaD4jCB%20HP5CzBHN4dR%2FadMCz._WBHar%2FdNd4YCrzrUzrzseUzzBHN4dR%2FadaCezBx%20r_CzBbjCesBRayd4YCBHar%2FdNdMCz.zeBNhdMx%2FCederB%2Fbkd%2FCcBHN4dMCWUq.s_BHar%2FdR%2FadHNCe8ieUBR%2FadjHNCzBD55d4jP%2FbdMCeBYD%2FH%2FC_WX.zXBHHCzB%20Har%2Fd4YCer_rzBar%2FdMCezzzBbFd4CrBJ%2FdMCX.UU%2CzB%2FDYhCz.zzz%2CzB4NYC_nUe_rXnzB%20jFHar%2FdMCiezzzBHJRCz.sqBYrhdaCXzB%20HarCr.q_Bnh%20kCezzzBP5dy49Cz.e_BYyyd4j%2F5ChNvvD%20abBYrhdMCz.qWB%2Fh4dMCXr.sUB%2FxJhCz.zzz%2CzBvjShbCeBbFh4%20P%2FbCieB%2FxJYCz.zzz%2CzBhP4Har%2Fd4YCeqsBN47bkCzBN4NkCzB%20jFPvaSHar%2FdMCiezzzBMNYCz.e_B%20MYhCz.zWnBNjShbdNYCeWBNjShbdPHb%2F%2FNYbCgQ%7CB4baab%2FdjD5dNYCD4JNkjdeserrWesznB4RhhaSdjD5dNYCeserrWesznBYbjb%20jbYdjD5dNYCD4JNkjdeserrWesznB%20daDv5CbvBHNbJDMNaNjSCz.sqBhP4CUBD%20djShbCeBDYMaxCeserrWesznBDyhCeB%20D%2F%2FNb%2FuYCzBP5MNYCz.e_zzzzBMka%2FCz.zezB4RNYCBYj%20CbD4jd4%20BN4dP%2FjMCeBYyydb%2FhyCkDa4bBYyyChNvvD%20abBMYh%20DhYCzBYDa5C9SM%2FNYB4PMhCBFNYCgQ%7CihRMiUXqXqsWsW__znXqWB9jyaCeBDYdhP4C%7B%22j%22%3Ae%2C%22h%22%3AX%7DBYyydYrsCzizBh%2FbYN%20jbYdJ%2FCXz.zzBY%20RjC_zBYP5MCzieBYb%2FhCz.e_zzBYDa5C9SM%2FNYBb%20hdR4bYC~qzBb%20hdHb%2FCYvdedHnXBb%20hdhz_Cz.zrBb%20hdhezCz.zrBb%20hdhe_Cz.zrBb%20hdhrzCz.znBb%20hdhr_Cz.zXBb%20hdhnzCz.z_Bb%20hdhn_Cz.zUBb%20hdhXzCz.zWBb%20hdhX_Cz.zsBb%20hdh_zCz.zqBb%20hdh__Cz.ezBb%20hdhUzCz.eeBb%20hdhU_Cz.eeBb%20hdhWzCz.erBb%20hdhW_Cz.erBb%20hdhszCz.enBb%20hdhs_Cz.eXBb%20hdhqzCz.eXBb%20hdhq_Cz.eUBb%20hdhqqCz.eUBYyyd4kyCeWdXUzBHM%2FCDyd%2FPJd4sBBNM%20CeBv4ICrBj54CerzFUzz%3DeUzFUzzBjyFCrqnByFMxjCzByF9y4CXsByF9ybCzBkhR%2Fb~Ce&eoac=n%20kzXXzMqnqUrDYMXzMnqDqDUnUY%20zzD&eoch=hNvvD%20ab&ure=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.55.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
127.55.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://contextual.media.net/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
pragma
no-cache
via
1.1 google
expires
Sat, 07 Feb 2026 18:12:18 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/javascript
adview
googleads.g.doubleclick.net/pagead/ Frame B953 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C06IZAdKIaemAA7755OUP_LzcuAqltoSEe8z8yrWgE8CNtwEQASDt9M1lYMnOo4qkpJgQyAEJqAMByAMCqgSIAk_QlY9mkQhpKTj6cq1eXoN9dqthzp9QrbmfoNXxCHEafCN_gPlGiKiYwgNpE6C8NQC77p8z0RU8fC6D5ikr7Nygfi7MF8otN_ca8boCRVCqhx5OZhYosZx5iJ5a3hmC_af4YtwIBJoPbzG6VByVPAcnl8NS4Lui-yYnLziRADeEmw1Pgkfr94sQ-DoyzsvV6eWV9Ha8SAwOC1Lqf2IPOzDJwpQ1oEvwkvJAEPIFcPNc2ynGF_t9vPqte-G4wpDz3Jdg-4sHEC8AbmWmPnEKasr7kqM5PzKDMtR05_ZhgyYAl0Ndky-vbEUxxuKIvdhbr0od8zKkOe5BFVMbo8I3neRnw1Jj8SJqzoAGpqjcldyVpe23AaAGIagHk9ixAqgHlNixAqgHldixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOlibzZ2zv8qSA4AKAfoLAggBgAwBqg0CVVPqDRMI4oais7_KkgMVvjy5Bh18HheniA4J0BUBgBcBshceChgSFHB1Yi02NDk0OTg3ODc1NTAzNDk3GAAYDFAB&sigh=_aqVnx_J-zA&uach_m=%5BUACH%5D&sreq=1&cid=CAQSswEA56J1efHWRIVort7Lxx7gkgT7t0GfjNAAATcuLabbH6cy0nG9KSxQIw55nIP-alMOxyJjpAlhoxDnaBgkfbnEqc4zQ0WKZwhmnqzVWq2_zmRN_mbWExxYKakl3JAIdUQOvi0tqXc8XBZOexXkIxHDAl4iCGv3Oc3YqBejnSrl5qlfNkhJ0qLSZULBfy6kYx__czq-KD1s1DrvUfILtlVqD-ZfiALjI3Zo6LeQuQG1qPNLlxgB&vis=1
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html

Response headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
win
tracenep.admaster.cc/ju/ Frame B953 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracenep.admaster.cc/ju/win?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=00e6c3e81a58b983494a5913f43958b5&acid=75&data=v3U2jv6Spvdxb20VOD8bhfowRgJq-nHOu5RSbpYQDQXVyQnS0sBaK9N3jqO3ESuUuHqT9QnI3MCpLdRHv9-bcZidpfJ5ixSsoAHy3C3fiLhOUnBcN0ggZR6y61q5cnP6LpzXggzShS-8-RERt4FtB1yFFHqH4gcO_PdYtHlXYfOzR_sIbkS6a7fAIlaUZ8KfIqbtptiAHO4nJWjqmj_23nmGbpJV2vq1HwUSjujZkyJ17Ts8mtZHjqg4Iw5IMq2MqLNro_ZRkZFyl6FbHwd2u4NhCWerCFu-YB8N9qSuRPiBGv0xtL8AIMH_xcx8N6RXiN2SUXeG0kqdm7nC-Df1YAQPUcOFsF76sZDKmfBwL-x_3IRlk5Fi7uq1kN_O0qnJJX_oRpWeyBbFjsZAkGw4NTVXNefaMTdkBuF4OMUiSIaCb_9uYEYCI5dB2k86xdUSAY9z9D7gwIf2gdxDbgZO-t-1FuS0VP2zG_4QEhH9btHfrCI0T8XAZCjSOLb0OijAar2R0KCc99su-dSHAUkTZOa5Haflh27fl-QUOQcCryUvdUNYsjijR3jXNXfwZIfJiWwAmxn_DUmN0Tm1ma5oJFEEZl0DqYsBefBIbm1HTkXROMComBgOENJLXl3Y1Ey6dfmemHGN8syIWwzNtjq6DBJuLB2NYH5lu6IKSlt_m1llHqAG_5g1AkU7-umIl041tfCqtvTJV6n9osK1KkJlyvhWRcdSchrEMTE-jDqo4yfMWJ446F0nRkyBOCbPcPkBMY5xkxh-l4fnluCQsQL1vBpSoLVkU7Ua0X7OoZpEOLw&uid=000012d4241b3b7d&mguid=&ap=aYjSAQAAwGkGuTy-ABcefKrzDOG9aoYJ2Iutuw&tid=71
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/html; charset=utf-8
c
gtracenep.admaster.cc/ju/log/ Frame 98F3 		0
39 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gtracenep.admaster.cc/ju/log/c?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=ad26be45334cb59f5268d3584b714eb2&mguid=&c_sync=1&app=vimpLog&ext={%22name%22:%22REAL_VIMP%22,%22vimp_elapsed_time%22:1997,%22time%22:1770574338925,%22intersectCount%22:1,%22intersectErrCount%22:0}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=351594745&adf=1850635622&pi=t.ma~as.2578552419&w=820&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=820x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336736&bpp=3&bdt=530&idt=177&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=2&uci=a!2&fsb=1&dtd=190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/html; charset=utf-8
ic
tracenep.admaster.cc/ju/ Frame 98F3 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=ad26be45334cb59f5268d3584b714eb2&acid=75&data=gCbKOL4nQj1SOQ5yTnvSVn_Y0yOj0qD2w8NxoqlQsbCKoPAxElLmu_yPrFsUyeepYkiVLrA9S3tyzA4uoOGEyFs1OaAYxwjdusuC1Q5tsm6JzlzI8OXkRIlanBq3pFqAWhg74l6XzWfxDUh6A1grZFpJoE6SsLdLc9pZAdA7-gfFCoknDe3QtZ6ZJFMv2UEGaoXZ-TfuWlxYcSVtn3nTHxmgpfsUCu6zpkXtp_v-P-SJr5TQwZ31CcQckrMszaY2qZSFvtbjISmXDvXBY_apQMAOBgV6-UymW_GLVvhs3cmrxdY8MtP0_7WyK77NX9EOX3eRqkgZJ6-yMvJhVGyE75Cw5rBCEmyv5DTapIc2iSxw0MmWRmOZV2gtiwEuOsBgFfEieHdKDauPIVrqtra9pd1qbschQ8mNgg9jKSUUz-G4LSuk3aaP8pdr4LVXs4p_okbUiEGzEG-XbZf5hERL8rl4rTh1sFJAlaL_mOZ71XD9K-1_WwgMmlb-Kg-3BqAb-vnZo1YCqg4oCdUgnddDey7oCQCjOC5SPF4B745XMPMJc3A2-GKcPyapgFsQKzT_d2M8soAOe_rGZn9a-mreS-d--t3eY_7dFcB4zx6TeibufvMW57hAlBIdax9o30vRaTW76RPQ2BTKRT41GfzGudYfGwC4tHGghD3c32QqSMbsoDQlgfRoIGu3wSC4t3SS0nUsWSlqzKMwmyafSNtOAc3Pr-ra0UeNWA0ebpVRXlemOo58m9qvJ0qvreP66xjNq7yPLsZXrfQEBw2fzmbPzWM_Ng3X-rq6nwwHvs87hAPMXuh4mWcRLA7S6b2jdjSQzL7MQSLY9ZOwcQ2ji-yZdrva7-qq22Ot6MiBgGiOdCHlGLIimfSia-J6fF96Y0y-oxL8g-g85cXME3Mc41fNVqLtNJwwQu77lSDb_iXMdaCjvVsXu9n7H4rpGpteux_QKm5QcqJCw77dcF3Z2UylpOZzsd92_AdmZRU5a36f1K5IIaH2LehI_8c63TxVbDSkr09vc7YkH1k74LYAUqrGxfmUsNJzKpwMpR1mlzhc0e9PoK177bhnONgdLHh73_XCIMRQWQoM-75uulN7ky_i0btr0akP6Uo193yMvdUM9-dpsE3_UVpXFWiaBqJOr09bnRY7PhlWJS7G4W9capPe2eBqFjNG8Ku5nGMEGiBwCme7h6wXNAUj4ZKV4VHO_MfiFGfZEsgchiMR8Bmt87RI3gsFAKTq4IvaYkYmVICcfjrPVZcZqzfKRMlByHrQOT2VZKc6_KX99kjwKUoKBoBCqhemIsyStqu7mkwx_dq4iTNNdKh6f4vmAe_1nEzjZIQIIyvAS1v_gVM3VFvSX45nzrsjj5SUwtJDF00fia_ue-YATa3XbTtLdWRiGx944HRxk3XCJ6LVsP01Xe9N24vX411aNihhG8DgugXFOf-9UJKNAiIplKyyFkKMpvCppFL6ARjFLo93Rm1RcDvxx9HtygjRfIR8RxofmBGo0iIDpvwdLcNRYhvHD2--9I_SqMfICmQ7fNpx7O4bMokduU4gIJNvQKEGsqWutJd9SM80YFOzQI2vCqIdCQk8ZN_CyzIoaeOs6amVhexY1b1-H997OvK87LbKvx3j9jYzMV5QzIVu236QpBqZflMti8G38ZdMjpLcwenSK-hJ1bq5TdLoIQ&uid=000012d423cc4fff&mguid=&ap=0.20988&tid=102&c_sync=1
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/html; charset=utf-8
c
gtracenep.admaster.cc/ju/log/ Frame 1A73 		0
39 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gtracenep.admaster.cc/ju/log/c?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=5addb286102d6a45c1c0cbfee6a2a44e&mguid=&c_sync=1&app=vimpLog&ext={%22name%22:%22REAL_VIMP%22,%22vimp_elapsed_time%22:1976,%22time%22:1770574338927,%22intersectCount%22:1,%22intersectErrCount%22:0}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6494987875503497&output=html&h=280&slotname=2578552419&adk=3804845819&adf=3463280321&pi=t.ma~as.2578552419&w=740&fwrn=4&fwrnh=100&lmt=1770574336&rafmt=1&format=740x280&url=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1770574336739&bpp=1&bdt=533&idt=205&shv=r20260204&mjsv=m202602040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C820x280&nras=1&correlator=4293887534887&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096622%2C42532523%2C95378425%2C95381033%2C95381248%2C95381489%2C95382066%2C95382732%2C31096614%2C95379059&oid=2&pvsid=1486781764275822&tmod=1670847469&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&plas=188x810_l%7C188x810_r&bz=1&pgls=CAEaBTYuMi44~CAA.~CAEQBBoHMS4xNzEuMA..&ifi=3&uci=a!3&fsb=1&dtd=211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/html; charset=utf-8
ic
tracenep.admaster.cc/ju/ Frame 1A73 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=5addb286102d6a45c1c0cbfee6a2a44e&acid=75&data=MP-X6ubhXDh0z3SnaLcM3lGQBjAstD26Mc-whSf-A_M1jQ3inqonS1REvBoDiSlfcQoshqEGnppBseoa2PKcC5ZaTuWml48y29eg0vsdusBeasKJ66vfYYe2LdFqbDLhxtHaPT6zGwonI1jRVt_aEX_Q4LiobUGraU8s7eYUKysJpt7sOptHYqkdJ6M4S1aliZePcsTvNLyKiU07tRhADgmVpvRshrlvRw1UbTFFVEbzcg31aq0AIMhQn-dimPXrIhF8dc8sCZqNetfrfEPVBrfAT0HiUOvISaLlT6DqOiJ_Upuri0gk1Ag2kPrYRCSrHdlfTzsj75RMnmwxzTCLWOYXYEKa0ew3KES5Jt_yvAlfIpPrWHQQMvbgNK3xpbZu1UY0kX2TLi2M9dv5ORNNBSS1mv8QauxE78oA8inKINQtLUJYeRs1EMXgWvmeS0bN9uXc-OJ2WbWGH2QNLyPTzLPvJM4y_dwqfX2JvVoJNkHOG4rms-19RcD4eupLh6IrW5W6ocR8g2e9dagABdY5xoBZICrBk2WatH0KBVtr-rB8xc5PpSgCRZx5Y6pLlEdGoYRb9jSuYWgCi_HX5Habq4u8REbJMHWnfKOk6ZXLvGxTMhOZLgyE-oOVae7dqNmTCyC3q5_zV6dgLGYboMvP12kAqUYS2L5XaZ7cEFhVuszpHT4R6ra8D9yTJuR1tVrlUj7dPGdUikCyNkpn6pqfZXXti5ciXnACwHEh3fROxQ3Uu_OyKnQmQY3dgB5p6U6N1hXbHC6kPsPrtBseJ0TS-HtU-DLQdvD2HGsjR-tZYp4H1yJksZZhqZnM0HGJDA8MG-xqa49-7zU9NkDSA8T-1wU-AIkpXAFj3-th97t9uLoFfmrYX3nLTXQhj_mfpcAT7_aBmNwtDLJRww662-nKFR05ZTSNEYSkm7wU3evZM25oNlERxLSkGxf6dC0xSJBkdIZjCfwDM_brjhXUsGXDk0DDqggOR8H44q6b8Wc3f1CkXXegYZO4AHdhoctkM9jyp5uz2rzJDySlmou_LOkxOGbAkB21ERotuzRZVrgqB-PFGTMLFrzXUc1bRFL8YAZGrvgjytgiiAQz1VfIU2oUOoNltghIMOZdaY3nPJtevawb38y2ctjy0A0norIDcsk7MkKaD4WCLnhHQwzO-m2M1f8TbO9JRxv6o5iwI7IbLk_K5jp5y8eKiFbVTZrFvKbGyd77WPDoijrlOer9rXOUGV2EaA-Ex1Xy75dznBcsOfGLNOUTq9XenOAD0CtFy5bt24PtevhiRhBD2PttmvthrqGELN43lzJwo9LAQzX3Sp6jlhTG2SRjWLkc12ZNz4i6yeKkdByvp6ne1fBmtzkUQwQGIIMEyBuqHxgE7VlrWF7ZcOnc2TaksgHOwGDP_OV_t29jjmq178n-lnz0A1tbGXCsrKnjPqKqSz4bBv1W0hsN2PzHTWooRb68lZB_ucBUzCYz6v673X7r3rL_FQ3We9u0mFtuxwqgicYVSX8Im-OY7TawQBisUrRgovy1oshWI58mpSHbyobu-XMjhgCgx41HIeKtM09YMocIVzEvs8w7HFDSVlPlwqVC8t-a1c5ELWV73pw_7GSm7QJMIz-RpLxmZ4kcKNZG7hKUM9lzhA445ojESPAtDV_0QAzgF_i9&uid=000012d423f49f4e&mguid=&ap=0.12077&tid=102&c_sync=1
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:18 GMT
content-type
text/html; charset=utf-8
sodar
ep1.adtrafficquality.google/getconfig/ 		18 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20260204&st=env&sjk=1486781764275822
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
a7cedd7a7b1410d49bc7b90a7cc222f67dc435bcebc65a563c59124f976195b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13677
date
Sun, 08 Feb 2026 18:12:19 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
adview
googleads.g.doubleclick.net/pagead/ Frame CAC1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClmGXAdKIaeiAA7755OUP_LzcuAr_o-yvft2Oo_nKDMCNtwEQASDt9M1lYMnOo4qkpJgQyAEJqAMByAMCqgSFAk_QqZU0bfeJ1VNwpFmhFBNJ5wuXD2mGj6AL2qGiAuJlqpjGJfyTkao1sDN_Mkx45Xl1mDieMXCATh6P8G0Snl8-gjptEF1-5bnxXp0bJAcYl8DbjlUaLrFOPyOlbTzu-LNsk5iTZcerl0GIk7ow7f51jrC_ZBqM_5-bKZYJTFS80MXy6wIyOkzfjTINutIwu7LwG6fmMJlMYWXLUHvhUZdYfRtNN8BfnemYfG8QhmK9mza3OMSXKEYV0PQ9NlcHrHGHqOHD2pWZ5yiAXzWFmy3z6gSFIkadar2VLeVnW8HkI-zSClSj5ZBO595Wm8jMNacsuNzg-ZYKWEsfH3OlcXYX1xplq4AG2oWnoezwn5ZeoAYhqAeT2LECqAeU2LECqAeV2LECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WJvNnbO_ypIDgAoB-gsCCAGADAGqDQJVU-oNEwjhhqKzv8qSAxW-PLkGHXweF6eIDgnQFQGAFwGyFx4KGBIUcHViLTY0OTQ5ODc4NzU1MDM0OTcYABgMUAE&sigh=tBumqx5Cplk&uach_m=%5BUACH%5D&sreq=1&cid=CAQSswEA56J1efHWRIVort7Lxx7gkgT7t0GfjNAAATcuLabbH6cy0nG9KSxQIw55nIP-alMOxyJjpAlhoxDnaBgkfbnEqc4zQ0WKZwhmnqzVWq2_zmRN_mbWExxYKakl3JAIdUQOvi0tqXc8XBZOexXkIxHDAl4iCGv3Oc3YqBejnSrl5qlfNkhJ0qLSZULBfy6kYx__czq-KD1s1DrvUfILtlVqD-ZfiALjI3Zo6LeQuQG1qPNLlxgB&vis=1
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html

Response headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sun, 08 Feb 2026 18:12:19 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
log
hblg.media.net/ Frame CAC1 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AdoEewKELwQCEAABAIAAAgAAAABAAAEABgAAQIABAAgAMNCYCXBG8QVQMjIwMTE1MDM5Mjc1NTZfMTQ5ODA1ODMxXzMzNzY5MTUzODQ2MDFfMEAzY2YwNDQwYjkzOTYyYWRiNDBiMzlhOWE2MzZkYzAwYQCkjobCApgHMzMzMzMzwz8zMzMzMzPDP1podHRwczovL25ld3N0b29sYmFyLm9yZy9wYXljb20tZW1wbG95ZWUtbG9naW4EVVOA0ICJGMoBTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTQ0LjAuMC4wIFNhZmFyaS81MzcuMzYebmV3c3Rvb2xiYXIub3JnEjhDVTFTR1o0MwgOMTYweDYwMBAwLjA3MzEyMCJzaW1pbGFyc2VhcmNoLm5ldA5lYXN0X3NjMDhDVVJJN1QzVS01MzYxNTI0MzAtNy0xMQZBRFgICG51cmwAAAAAAABAVkD41KLnh2cCMQAAAAAAAPC_RHJ0Yi1hcHBuZXh1cy1hLTdmZjhkYjRkNWItbWw0d3ouU0M-MTcwMDA5MDAwMTA5MTkwMDE2MDA2MDAwMDA0MDQwMAIQM2Y3ZDU3YTkCZAIUYXBwbmV4dXMtYT4xNzAwMDkwMDAxMDkxOTAwMTYwMDYwMDAwMDQwNDAwQDFjNWY3MTc1N2U2NTA3ZWVjMGM4YTA4MDU5YTQ0MThkAgoAAgEAAjEOQklEX0FQSR5uZXdzdG9vbGJhci5vcmcABjMuMxBwaW5uYWNsZRRnb29nbGUuY29tAgAAAw
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.200.28 Ashburn, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-222-200-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Sun, 08 Feb 2026 18:12:19 GMT
access-control-allow-origin
*
content-length
35
date
Sun, 08 Feb 2026 18:12:19 GMT
content-type
image/gif
log
qsearch-a.akamaihd.net/ Frame CAC1 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfke&evtid=dmmra_enc&__q=AcQGxf7Brz9HACAYAAD-Ga9HB_4fRsP-kvcMAMBQwAfQP4zesON_-P9z_vuGwfv_HwAA_P__7wBAM2NmMDQ0MGI5Mzk2MmFkYjQwYjM5YTlhNjM2ZGMwMGEMaHlicmlkDDAuMTUwMAwwLjAxMDACMARVUxI4Q1UxU0daNDMSMzM3NjkxNTM4EmNoYXJsb3R0ZQ5lYXN0X3NjEDAuMDczMTIxHm5ld3N0b29sYmFyLm9yZwIxEDAuMTUwMDAwCDAuMTUGNDYwEDEwMC4wMDAwDDAuMTUwMExuZXdzdG9vbGJhci5vcmcvcGF5Y29tLWVtcGxveWVlLWxvZ2luLwIxBE5DBjQ2MAh0cnVlAjEOMTYweDYwMBBwaW5uYWNsZbKfxAQCNA4xMS4wLjE3_6__9gcmMjAyNi0wMi0wOCAxODoxMjoxNwZhZHgsV1A0TlpUQUxkWkhydy03NWlyTC12UQAAAAAAAAAAADMzMzMzM8M_CnN0YWdlBjI2NQQyNcoBTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTQ0LjAuMC4wIFNhZmFyaS81MzcuMzYSMTQ0LjAuMC4wAAAAAAAAAAACKhAwLjE1MDAwMAAMMC4xNTAwAjQGMTk2AjAEMTgENTEIMC4wMAgwLjE1DDAuMDAwMAQxMAwwLjE1MDAGMC0xAjEMMC44OTAwImFzd2lmdF8xODEyMjcxODAzFjQ2MF9CSURfQVBJAjACMAIwAAAAAAAAREACMRQxODEyMjcxODAzFDE4MTIyNzE4MDM0ZG1tLXN0YWdlLTZmOTY2N2Q3ZGQtODI5NGwKZmFsc2UMMC4wMDAwCmZhbHNlBDUwJHNpbWlsYXJzZWFyY2gubmV0LwwwLjAwMDAMMC4wMDAwDDAuMDAwMAwwLjAwMDAMMC4wMDAwDDAuMDAwMAwwLjAwMDAMMC4wMDAwAjEqcGF5Y29tLWVtcGxveWVlLWxvZ2luRHJ0Yi1hcHBuZXh1cy1hLTdmZjhkYjRkNWItbWw0d3ouU0M6MjAyNi0wMi0wOCAxODoxMjoxNy4zNDI0MDU4NDUiYXN3aWZ0XzE4MTIyNzE4MDMiYXN3aWZ0XzE4MTIyNzE4MDMMMC4wMDAwDDAuMDAwMAwwLjAwMDAETkECMAIwBjAtMAplcXVhbAwwLjE1MDACMA5ERUZBVUxUFDE4MTIyNzE4MDMIdHJ1ZQZFTVM-MTcwMDA5MDAwMTA5MTkwMDE2MDA2MDAwMDA0MDQwMBAxLjAwMDAwMAJkBC0xCtejcD0Ktz-4HoXrUbi-P3sUrkfhepQ_DlN1Y2Nlc3MGcTkwAAAAAAAwjkAMMTdfNDYwAQRlbgEBAQAAAAAAAPC_AAAAAAAA8L8BBDE3OG1vd3gtbGl0ZS1hLTU2N2JjZGY2ODctbW1tOXcENTUQZG5fMV92MzQMMTEuMC44exSuR-F6pD8pXI_C9Si8P7gehetRuL4_pHA9CtejwD_sUbgehevBP-xRuB6F68E_exSuR-F6xD97FK5H4XrEPwAAAAAAAAAAAAAAAAAAAAB7FK5H4XqUP3sUrkfhepQ_exSuR-F6lD-4HoXrUbieP5qZmZmZmak_uB6F61G4rj_sUbgeheuxP3sUrkfherQ_mpmZmZmZuT8pXI_C9Si8PwIwBjUxNwAAAQoyODI2OR4xNjB4NjAwfDEyMHg2MDACMQAAAAAAAPA_AAAAAAAA8D8GZGVmEmFtX3Jvd19zOEAxYzVmNzE3NTdlNjUwN2VlYzBjOGEwODA1OWE0NDE4ZBRhcHBuZXh1cy1hEDNmN2Q1N2E5BkFEWApAZWZiNTI5YTUxOGMzNGEwYmY0MTEzNDg3M2M0ZjVjOTcAMDhDVVJJN1QzVS01MzYxNTI0MzAtNy0xMQACMQASaGVhZGVyQmlkBjAuMAIITm9uZQYzLjMAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC_AjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.176.229 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-55-176-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Sun, 08 Feb 2026 18:12:19 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Sun, 08 Feb 2026 18:12:19 GMT
Content-Type
image/gif
cropped-newstoolbar-32x32.png
newstoolbar.org/wp-content/uploads/2020/07/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://newstoolbar.org/wp-content/uploads/2020/07/cropped-newstoolbar-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.152.110.43 , United States, ASN22611 (INMOTION - InMotion Hosting, Inc., US),
Reverse DNS
secure.surveyline.org
Software
nginx/1.29.4 /
Resource Hash
1b251952f63d5d7d2d8fe8d1c73c7a2c6160752c80dc715f0b2df61990e545a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/paycom-employee-login/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"5f1ab812-532"
expires
Sun, 15 Feb 2026 18:12:19 GMT
x-proxy-cache
STATIC/TYPE
accept-ranges
bytes
content-length
1330
date
Sun, 08 Feb 2026 18:12:19 GMT
content-type
image/png
last-modified
Fri, 24 Jul 2020 10:29:38 GMT
server
nginx/1.29.4
vary
Accept-Encoding
sodar2.js
ep2.adtrafficquality.google/sodar/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202602040101/show_ads_impl_fy2021.js?bust=31096614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

content-encoding
gzip
etag
"1747411493688989"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sun, 08 Feb 2026 18:12:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:19 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
7188
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 7BF6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstoolbar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5044
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Feb 2026 17:56:16 GMT
expires
Sun, 08 Feb 2026 18:46:16 GMT
last-modified
Tue, 13 May 2025 23:17:50 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C7B3 		829 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.104 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f104.1e100.net
Software
ESF /
Resource Hash
2b263aa198e0a988dedf100f24e681645323e413479303c8afc1824815bb4da1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TMBsBhPlPzCLSffpTy6daA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstoolbar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TMBsBhPlPzCLSffpTy6daA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Feb 2026 18:12:19 GMT
expires
Sun, 08 Feb 2026 18:12:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C7B3 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gda_r20260204&jk=1486781764275822&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:19 GMT
x-xss-protection
0
content-type
image/
server
cafe
h5XOzv5WYoNVAeqHk89uqc2s0CZ5EEbYccWp6WwzFMM.js
pagead2.googlesyndication.com/bg/ Frame 7BF6 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/h5XOzv5WYoNVAeqHk89uqc2s0CZ5EEbYccWp6WwzFMM.js
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
sffe /
Resource Hash
8795cecefe5662835501ea8793cf6ea9cdacd026791046d871c5a9e96c3314c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/

Response headers

content-encoding
br
age
1872
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Mon, 08 Feb 2027 17:41:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 17:41:07 GMT
last-modified
Mon, 02 Feb 2026 17:18:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
20961
x-xss-protection
0
server
sffe
generate_204
ep2.adtrafficquality.google/ Frame 7BF6 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep2.adtrafficquality.google/generate_204?bWyz3w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ww-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 08 Feb 2026 18:12:19 GMT
cross-origin-resource-policy
cross-origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 98F3 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuF1Z_Ko_yiM4bmDU6lB1bQZ9vGI_4F4p_aXrBI5XnOgVE41w326JwA7B6h8SmK_rj02e9ZsTC0e7nRcKP6qjwucluVPdlGwkziSTIBS1uCrdXdJCQzYdqDujoz1fz83Zbkw0uJit3m-HXNJwauiUP953VFhBi6vrJonLfDSmgPIC3b_AA&sig=Cg0ArKJSzHuSpSoAeUSoEAE&id=lidar2&mcvt=1000&p=0,0,280,820&tm=1819.2999992370605&tu=819&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20260204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=351594745&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=6650713700&rst=1770574336928&rpt=1801&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 08 Feb 2026 18:12:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A73 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaYa4R1QZ8j-x3RD17QC_NxTOUI5-Y6s8pEnK0bUePTdP5i4kvPToP3xAhos9zfdXfHmflLxpfWWtYlxqHlw7guJTnwSz5JmiyLwoZm5Nyz8ESwM1T30x4eAD2CtdyIoOuwnVA6v48U9kLIUv3bzTusw1MItJ2XSAu8R48pczLl9qRFh8&sig=Cg0ArKJSzFZDi9YpKo7GEAE&id=lidar2&mcvt=1000&p=0,0,280,740&tm=1865.7999992370605&tu=865.7999992370605&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20260204&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&vu=1&app=0&itpl=20&adk=3804845819&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=6650713700&rst=1770574336951&rpt=1798&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 08 Feb 2026 18:12:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
c
gtracenep.admaster.cc/ju/log/ Frame B953 		0
39 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gtracenep.admaster.cc/ju/log/c?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=00e6c3e81a58b983494a5913f43958b5&mguid=&c_sync=1&app=vimpLog&ext={%22name%22:%22REAL_VIMP%22,%22vimp_elapsed_time%22:1598,%22time%22:1770574339864,%22intersectCount%22:1,%22intersectErrCount%22:0}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 08 Feb 2026 18:12:19 GMT
content-type
text/html; charset=utf-8
ic
tracenep.admaster.cc/ju/ Frame B953 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=00e6c3e81a58b983494a5913f43958b5&acid=75&data=2BtPaMEDwiV4Jg_PgANKGSyelF6o5d7zGSH3cc4ZZQrXP3BMrZ911K8vMiZQrCV-azu95rFeUrH8RldibwRr-T4WwRCphAHN82RoTjSljta20U_1447vfJAuPWN2fZkveAOplNHYY2yo6PmN22yTTMo3Lkp8VJQK165PaWqORhdHNUxa1ASKvN1lZdosm_vQXoZgmFk3RDHNt_RvzBcar_JfJxRPU1mBc7ysXvphWcQlcfVHd7ktKGj9TKcsxAZhfg2aDzgNxs3IpiYe4xfLx5EGy2m9oiN9nKuueZ5uBFNJ4-q_D_ULCRInGDGRL2yMvfu7Xs9J4spVhu5acg1qULtxEgd6usi3HeZsm0_HVxLRmsUkNptSHLfMS0O5wSl4nfjEA5ioA3rm6eblJbdNKEfhVrsQjid_WusZW_PQ0JFIY6MMOddOa2owqezbEV26qzo6MY5QCdJ1JnDyj-WzpaHcx4NEQII9eThLHZvPzVB2XAUu1IzExvRinR-HQz33eoUfOonTMsBVI5nFAVY43NJfRJ6dPn-r7-gzbsTkBgVUgC-J578wGL04Bm15cnsKryi-l3V4W6S79pX9GK8jozCJZ2VdciDMLphxSrCHqt0wzLw6Ven_8_GIc_vLvlteqk4IvIcMAs2yuo0_zuT_FSLVWa9wZiTpar94wgyTJiy_a77sEfZDUmcgU9is-YRkUcGhgrtbrZZHEIRuOHlAq9Bb0q7ZF3bfL30CcSyUuFXWNW6VQIumJO_YQEE0LWphj1wP0R2WtrZegFnCLEwJfYWwNvG1prOsoBd0QExrbjxrZV4vu90dtaESz46ANG8As-EuFzImva4USB1Fm_mJtewDL6jNxARs4UC322pVh9WppnImvS37yMH8koePq67KEo-We8eSi4KEWwzxY5IkReMKGlttxDtrQ0_qfzoLzN93HCx1ZvqPsElijBAS4T4kQVaQ0dQfP_pJZWtt66f_HoWSwy4BBOCd4y9UlXtmkmO1NCRKfxhGwaep95vYGt9_vNRrd8yePlnPRwAcWSzCyTLZu40r8MsetBg3pi-npWu2JNEE94KUb-BlNhIfgF3-gqYzsYfitLV-iFBVHqXmNaEvB6CpScALbxjWDUymxSyDyCxekrWG6QUCyE08GD2Ftf-Wr5kedsHSmL7aKNsfU5dh4MQGRVBfIvHqfyqcb9Mm1IOr8Rs01SBfxNdM_rO5X3BCguvaKbsfdOFh--NSPVKvbZYDA3UTrzgn8U2OmSc0VoaoGlNZraQXDNZJy35wXr6pb-DPpkmAGnYSKm-vz44QaNKo2o4ntD1hxfphEam-beQzd21OkM6vUEbx7QpGtSkNhf4p3NCmo_FfFxRSZVxNGhnBI5rD-hlHXtnXOeG5CSuEdGJQcJ7h91NWrpvelHDtzyW5Izo9lUwny2wmXUoK2oHMEoi4VRRUdVkz44D9Ek5VZXNsrHfohbLaiIToufPurkWargff3gJgwmTgr6Q5jUXGlnOn_h4p9QPMbYB6RmUOisQ16S1MGH5u704Jsg0iXePgmWywrnHyTFNHRwJzQ1sTJctLI37HsSWUnZiUXosefDhe8vchRvSjrFc9gnCi95qecaN0796w6zlbMvgBe1_0I5FCbpNA4AmUe907Zqj0F9pMzUjW5vi6vGd4&uid=000012d4241b3b7d&mguid=&ap=0.077945&tid=71&c_sync=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:19 GMT
content-type
text/html; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame B953 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKCQ_7MEthFPwZQ0mz9glPgJnaGU9KliWVok9L7hY9LCVJS0lCHsQmDJF7EkAIO4BHb-2kZOr4ENAOG0fqAYtZXvuSfbYSNmaP4BeEZJeSmN3-Is6z8Db4Dciy8bChp_F3Wsdblw__hNOX9Oa_PN3tIK9Y5cJ_zUkLgEowSeqdapJr844&sig=Cg0ArKJSzHneDv6eeoMuEAE&id=lidar2&mcvt=1000&p=0,0,600,160&tm=1357.5&tu=357.4000015258789&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20260204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=6650713800&rst=1770574338266&rpt=250&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 08 Feb 2026 18:12:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
bqi.php
lg3.media.net/ Frame 436B 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=5072&&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_aref=0&vgd_tsce=L1134-S1134&vgd_l2type=weaver&vgd_ydspr=1&vgd_bid=374953&vgd_cdv=O2736&vgd_cage=2&vgd_tpid=TQD1S9E&vgd_matchstr=bb%3D1_1%7Chr%3D0%7Cdlg%3Den%7Cclg%3Den%7Cbcat%3Djo%2C16e%7Ccsh%3D1&vgd_pgids=0&vgd_pdtid=1&vgd_ecrid=1700090001091900160060000040400&vgd_oreqf=one&vgd_oresf=one&lf=3&prid=8PRVCXX19&cid=8CURI7T3U&crid=536152430&requrl=https%3A%2F%2Fnewstoolbar.org%2Fpaycom-employee-login&vi=1770574337144847051&ugd=4&cc=US&sc=NC&bdrid=460&subBdr=196&ybn_cc_exp=0&vgde_bdata=QOfvzxjj~8xLjMjvu9~e8fXv9~GwMNEYv9~myJLEYv9.uX~N7-mzj5ejfLMQOvuif~EmQejfLMGvi.uA~OmYMGvu.fu~QNOvzN~L1Jv9%2C9%2Cou~OmYMjvf9~ejfLMQOvf9fF9f9WuF99~8xLjMGvuXXX.XX~xLjM7UNv9~Q7Ov1QB8k7MuWuffhuW9A~YzMGJwMGmmQ7v9.ih~N7-ejfLMQOvuWF~8EvABr5yc~kGGvuF~GwM8Yvfi~L88Ex1vH%2CH~LNvu~LEQMQOvf9fF9f9WuH~L1Oev9.999%2C9~xLjMGv9.FH~ejfLMxLjMGv9~xLjMjvu9~QjevuW.9A~yN17vX99AuX~GGvuiF~JLEYv9.uX~ejfLMxLjMUNv949~QQOeLvWAH.AF~EQ8MNvuh%2CuX%2C9%2C9%2C9%2C9%2C9%2C9%2Cf~EQ8MOvi99~LUJv9%2C9%2Cou~1AEMGvH.Ff%2CHf.WF~QOv9~LMBLMGvX9u.h%2C9~x8OvLhV0hr-h%3DVtAk%2F8008~NejfLMGvf.iX~G7OvuAfuiAHWHHu9AWXuWi9AfFhiWfX9WifWFhFi99WFXiAXFhh9hF9iFAXuiFFHXhHfHFfXAih9hWhFffFFuAifuAiXAHXuiiuAWuXHWuWiFuXH9AWXWhWhWHuXiuWffuAXWHXhuFFuHAXWWiuXWhWFHAFh9iffHHHW~x8Yv9~1EEMzvzmzM1EE~eLMxLjMGvXhA.iu~myOfEMGv9.ih~GxyOvH~QQvIK~NNvPb~x8Bvou~NJv9~LNevfF.hf~%3DVvAXhh~UGMxNvof~z7Qvf~1GYvu~N7vNw1Ljm77J~1yyMQ7mLJMQOv~G1Q8QfvuiF~%20GNvu~GO7vuhh9XhHAAh~G1Q8QuvuiF~ONvW~ejfLMGvH.FF~GwMQOvf9fF9f9W9f~77vWii~OQOeLvXhH.9H~JQ7v9~eBMJ-Nv9.Wi~e8QMQOvufHh9~GwMNmv9~jMG8OOJLM8OvHF9~ONfvu~eM1Qzvi99i~GOLM8z7LELJ7MGvou999~GMkjLv9.9u~GOLM8z7LELJ7MQOv~OQeLvXhH.9H~j1Q7v~Nemyv9~e8QMxLjMGv9.Xh~ejfLM8MQOvf9fF9f9WuF99~e8QMxLjMjvu9~UNfXv9~J7vuW~xjYMQOv~ejfLM8MGv9.9u~8EMGULvuMuf~LJkMLvI~e8QMGvhFi.WX~ejfLMxLjMe8vu4ouF~xLjM7e8v9~1yyMQ7mLJMGvu~O1LeLvXhH.9H~eev9~NejfLMQOvufXf9~jfLMGvu999~J-MQvf~BLMGvH.FF%2C9~L1OEv9.999%2C9~Q8OvXAFuXfHA9~N7-ejfLMGvou999~eBxv9.Wi~OfEMjvH9~Nejfvf.iX~AENkvu999~myMYQwv9.uX~OYYMQ7LyvE8zz1NjJ~OfEMGv9.ih~LEQMGvHf.WF~LUBEv9.999%2C9~z75EJvu~J-EQNmLJvou~LUBOv9.999%2C9~EmQejfLMQOvuiW~8QDJkv9~8Q8kv9~N7-mzj5ejfLMGvou999~G8Ov9.uX~NGOEv9.9hA~875EJM8Ovuh~875EJMmeJLL8OJvKrt~QJjjJLM71yM8Ov1QB8k7MuWuffhuW9A~QxEEj5M71yM8OvuWuffhuW9A~OJ7JN7JOM71yM8Ov1QB8k7MuWuffhuW9A~NMj1zyvJz~e8JB1G8j875v9.Wi~EmQvF~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~N1LL8JLVOv9~myG8Ov9.uX9999~GkjLv9.9u9~Qx8Ov~O7NvJ1Q7MQN~8QMmL7Gvu~OYYMJLEYvk1jQJ~OYYvE8zz1NjJ~GOEN1EOv9~O1jyvw5GL8O~QmGEv~-8OvKrtoExGoFHiHiWhWhXX9AHih~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~OYYMOfWv9o9~ELJO8N7JOMBLvH9.99~ONx7vX9~OmyGv9ou~OJLEv9.uX99~O1jyvw5GL8O~JNEMxQJOv%20i9~JNEMeJLvOzMuMeAH~JNEME9Xv9.9f~JNEMEu9v9.9f~JNEMEuXv9.9f~JNEMEf9v9.9A~JNEMEfXv9.9H~JNEMEA9v9.9X~JNEMEAXv9.9F~JNEMEH9v9.9h~JNEMEHXv9.9W~JNEMEX9v9.9i~JNEMEXXv9.u9~JNEMEF9v9.uu~JNEMEFXv9.uu~JNEMEh9v9.uf~JNEMEhXv9.uf~JNEMEW9v9.uA~JNEMEWXv9.uH~JNEMEi9v9.uH~JNEMEiXv9.uF~JNEMEiiv9.uF~OYYMQkYvuhMHF9~eGLv1YMLmBMQW~~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~7Y-vfiA~Y-GU7v9~Y-wYQvHW~Y-wYJv9~kExLJ%20vu&vgd_acid=3cf0440b93962adb40b39a9a636dc00a&hvsid=00001770574337333032306677762559&cme=wrZ2qQ75piBnmdZgE0lHpPIzAMQqzLVg4AId84IIwifFTn3wrgC1GU2jDZ-Vuzb02VnftpiUV2yyXHFnaqImBzl6AsB_FWoMJsJvFTSHOP5azBWScGz2lF7MFvA5F5jaEFnmeO-4efdt7HAzI5VjB3JbjaWfEN6JRlEK0dGjArG-3Bq88eBO3AqM2eFsAoc665bO9dGP8e60vQCLLg0GBjo5fWaLGKKoz84y8AEwiRB8BRqXeA-9_hHv-0vI3ZGFal-27y1KLHX2dKIebh0HqAn1kW6kLYb2HZ1y89OzBN0csWsVincsxDrUhjusT0xArPKgfYhqww01RDgg0Lnx2EjO8D1AhG9idAWJrZeBeR_DHQGLFAJRRg%3D%3D%7C%7Cd9vPLM1tRn-WLhCjY8-_mw%3D%3D%7Ct70VQkp5hFEq_Mpo4GcvlZl40KzsRjnW%7Ca0AmFUYXmD5KNBClN9IRWfPUyXi1ClRHgMZ_hwLIRrUhKdqftQUNss2AigYEaj4kydA3QLzgjmk%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CmOSIDZX3QvZCIArdI4MaOcMQRf3QPveNCbqLRn5yeq-KIve_vE8LWc0SR513LogWCUrAQpISMIkHkweVp2zPf9gl0VrplfyzaykNltPm69-OtJ_mHTpuhDiKKEsJ-hWGio5j6aNX3zmOVxBa5pIDoeLUZ4S6SXNoa5AKECphz5UL-JoEOcgW_8P-sNb6OTesZnnfkq0l5g0m4kL26IJ0jUZJOx1piZtAY611_7rBXGo1H_02AXbN3ffTi3TT8QAxFmw1w-jMPqLTJStKgzUNTFe_4HJgKSJsxspyyts_3A4RBOdFc6WTXzGxV_8Tw48073UIENG7mL_vIn8tHIGgWINhQ8kIlhZ8CSvRjeptuVj65GVcWAQ9gxTp98Kz12dt-ARImFHOQy9m1YYH9IVgT3XoegY9gMtmC3OURyHssZC2zV-ALuqnE0ZWzh0-netf9JYNcsPiJmB6opG7wn-p8CvNSl1C5qElJCO8cWDFjzNhpanL6eT8dWMEWagNCe9GHbs6HY6aYw-IGqzEtYbahUJS7Wh-kuL_re4cQpNJSXwtpQgd941QfCq6UvSqBLSoU8A20lazn6LcHk0RRlZQjkw42V5imWVHoLVpaodlsiJ0X2ctjxAFFkeVoXbkoAhpA_vBtXlc5C7DOFyTRtBYTBxw8N7-svs-Su0jmoKHhKLwMVgzIYVJ3_T2jwLMxq6IaxlG_C10VmVnrd2555SK0M1apPfqt082jYQAmzuuJ_Q1iAC1eYKbxsg1d7qVX9Fv_Ko-N5AW3TTCETfkryzIa7tc2Yw6Mti8gObAG5dm-rfE3ZnIaW5XvsATSv3Ls5HM8U5BJJJVqfprT_flRZ7dfFkyg8_JzhYFoYtb9nUuqH2J-9khm3UZ4-BKXewUrKzMtBr7GGu0jJMr99SpY-r2OG9WPSjb85XJcMNUFT2UE1mQHrewtz_Mx5gv6ML_2cLgSN7Ax4EoCw2aJcqG0iAbh5OEL33CP1e8%7Cu8A6SM53vAeV5r4ww6ldE8TMDOtCsF6e%7Cqk5jDP-Bqht8AUEIoCxyGGxeRRMQBwSB%7C&fp=bOykoNr_4TvGQFII4IwMIYrl9K2h-FtiUn_uAFqr15l02JManPJYDsFEpCFGmrXaXRXVNqN_xQ1g_c3dvw-vwREawNKEFYWIkpoK0lp-CpSaJbaNPM9zRIVLRkOw5uqGFeltgoZttsr0ZTfaEQ1jAA%3D%3D&vgde_ydsp=%7B%22GxNUJ7VO4z7875%22%3A%22iiii%22%2C%22GxNUJ7I1YJ4z7875%22%3A%22pJ1eJL%22%2C%22QEx%22%3A%22XuWX~%22%2C%22yE8O%22%3A%22%22%2C%225ON%22%3A%22Nff%22%7D&vgd_rensize=160_600&vgd_end=1
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.222.200.28 Ashburn, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-222-200-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://contextual.media.net/

Response headers

strict-transport-security
max-age=21600
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
quic-version
0x00000001
expires
Sun, 08 Feb 2026 18:12:20 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2629800
content-length
15
date
Sun, 08 Feb 2026 18:12:20 GMT
content-type
text/javascript
activeview
pagead2.googlesyndication.com/pcs/ Frame CAC1 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssamkVQlTbs-poVDAdZW1mgHyqum_YislVpvooU9YlE1-CUscGVAT02s8DmoCtQE_V8zdKoyA1AE2EYRgwFBROL3EkxOLdkVUrDvXUJgv2D5KMQUOiVowv24qS1drqwGAEHEr9lHILkLvQLzHEdvRqjEyKCTCYthCluTVKcgInI6du3Vgs&sig=Cg0ArKJSzOn1b-Ucl3wZEAE&id=lidar2&mcvt=1006&p=0,0,604,160&tm=1766.7000007629395&tu=761.2000007629395&mtos=0,1006,1006,1006,1006&tos=0,1006,0,0,0&v=20260204&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=6650713800&rst=1770574338192&rpt=42&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 08 Feb 2026 18:12:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar
ep1.adtrafficquality.google/pagead/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gda_r20260204&jk=1486781764275822&bg=!6uml6abNAAYdRSB-PUU7ADQBe5WfOJdXP0HntpKlc2o7UKeWfiAgpa64Ha4z9spp6IWLlGJTmYvupByLahfWvcF1jmODAgAAAHFSAAAABWgBB34AN7uHSuQ_3mmKxNgtC-yZGQForNGTPDooJWszdvCRlBmDLnFylSM4YIqyfaK5JACz65_YwmwoOU6ZAlomwjEmCWM7Om4UuvkcTFNEGcYButFB8d2LE_W2MZr5s35azVxEMy3VdCrPsxwGsQFuvtQfwdEYwXkHlIWJgOaOIRNeY8gjo9TtxSK6Ri556l-LOTdDKxFY3kltMxJQkjwaZSAkS2DRjes_Hi147gyRaO6UCP8iXMvn-ZPtz2OILyPKtNKnu-VIxv1ZafxliFw0pExvkGQgOVAvlL2EHpUTECzrfTBPH9vc64x-ls_2Ry0-eTHCAdya5_7JodauXDcHecHC1DY45PzJpFdKoU9pvBfHWqC1uBivwxl7TreTVvBFVPI0Zag91JoLPARyzXsExMLgYZVL86NLjZcWd7WsSayp4_SwBy3r43UmWro7lmVVCFQszQH9kxr31kaXvr3o1ncfef7jLAtbXNMAnrfi7tsd3z3jOYt_bOmLpdtGZNHRqEctlUI5skelQ159EdGDtaBasBw-KnHdYpBx86rbZ6r79-2S7BMcISAVsopxz5-FK5MQUkqsd4ta0MAEybQgPjWWdOhA8RNz-qNkgXQA_BgBJc466-cJifIjv2pKTFVMvJehKKrUdMsuW1xPr5MPhZu-O5Ie52gs4LQG04YEFQtqQBt5BirSeJfYNn-RlpqYSp90aanGDjdMSeoAjSHh94pz99gyU77RrOtDE195_2Gs6MpSXkR05C2tQB6BmaZMsqRLtrUIXhhrnrBQoYgmK8QJYsBO-5qdbz3S6lnFYapdIUs_rWmaX8pAG_X1MiyXduX51KsgbHKrO7YbcqlyjIPiJ3-Kl8vJmuMB4oCVDLuZzsDkVSsuRg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://newstoolbar.org/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 08 Feb 2026 18:12:20 GMT
x-xss-protection
0
content-type
image/
server
cafe
adview
googleads.g.doubleclick.net/pagead/ Frame D5F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-D4yAdKIaeqAA7755OUP_LzcuAqltoSEe8z8yrWgE8CNtwEQASDt9M1lYMnOo4qkpJgQyAEJqAMByAMCqgSJAk_QZnKUoJ1ukxMJpK42aLT0IoPSpI1xgI-xJ_nO5ClT1CD02o5umBi5xvo0bOH0xKzuwtqyjYWxtESKhTOJyPes9JktCZU5jCPI3ZidQ4MEXsuNf75mtAQ1wSkfVv9WlVp_Xvuvlzp7Oa-KA_pKTRvEZXo0c9rCxfHWZQiicQTugJjpXtadrjlpnhCCIk6Iv_7L0doxSY2dKZAob8J6z7y-2toVvOrAg3B6eAz3euA2Q46P24br6fQI5Xe5X3gyZV2WaDhrYdPCnuUrmkswgfuZUfOkZ1owPLomyMq1DA0DHtLqfKMqZOCDxWya_8NxtstEMGEYvXZQicNXMLwG1lHGxlCkvSXid7eABvqYhr76gO-RUqAGIagHk9ixAqgHlNixAqgHldixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOlibzZ2zv8qSA4AKAfoLAggBgAwBqg0CVVPqDRMI44ais7_KkgMVvjy5Bh18HheniA4J0BUBgBcBshceChgSFHB1Yi02NDk0OTg3ODc1NTAzNDk3GAAYDFAB&sigh=K9ianRzhU9U&uach_m=%5BUACH%5D&sreq=1&cid=CAQSswEA56J1efHWRIVort7Lxx7gkgT7t0GfjNAAATcuLabbH6cy0nG9KSxQIw55nIP-alMOxyJjpAlhoxDnaBgkfbnEqc4zQ0WKZwhmnqzVWq2_zmRN_mbWExxYKakl3JAIdUQOvi0tqXc8XBZOexXkIxHDAl4iCGv3Oc3YqBejnSrl5qlfNkhJ0qLSZULBfy6kYx__czq-KD1s1DrvUfILtlVqD-ZfiALjI3Zo6LeQuQG1qPNLlxgB&vis=1
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html

Response headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sun, 08 Feb 2026 18:12:20 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
win
tracenep.admaster.cc/ju/ Frame D5F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracenep.admaster.cc/ju/win?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=9ce06f7ea47c52a97693518792e65701&acid=34781&data=7HGCdH4e-qXZT1usQdu3q0zN86CYEz46w7Vw7LuE3Ik06YhhthEcG65sPuU3snTIlWTSY38s1j3J51MgDQYef660v68rCbTd79q45BR7H7RpY5yNjhbJJ8FDxrdoFVfptFIkI4Lzs_xxOfY2r_YISPt_aj3Z1Iyf8EdsEIw6dYj8hdtfXByte5pWv2sS22pQef8S_pPAKxheWimdjT87nnsr732an2DVwNJ05X5lefZwiNdgctiUf7aqZMbCPrlYx0A7Mt-mrXZOPBxRDjerB2yvFN22uingqZHWXSgL1DhCHj_MSXstW3Z3jM_NL9lxOGC_cNkfh3LstBT37G3MGyWPF36Icvm3oTomLDQKPBbYHb3svmEFNmRkC2RHQ7RWfcXgInKIasg3SNzR3L1k-tRI8PTJoJN0U9_ZyJXmNyMqMHVqm1OB7e8mRW8vzGAiCiFH-9NmcvmGI1sBm8xq9Q1Y9IuI-3mIZLZ60VZH7sTni46RRFRfaYIsQCeB4wQrFUby9Xp_o4i7gNGhwr_-S2uim2c3nkML4-OmX2mIH1xGjHRj5AdJx9OLZh2PVV25k5UgF3mjVCdqaxxnW4OlYrQW9z0PH9E3SCZd_gnNnmI40-yFxfn9o3g0lVfMoHDd8ZL1V5ddwF6TK-UcVQg1PjhbcrKHHP6txoIO4Mx5ZzUxeIjpKh4W5NPSAPr5McXsFqORNEQHnrKsqoDR86I2LY26GaoqKHod5n74SH-cGJzGCDwKaI-pJgl7KtUdAcZc9VrUMBZtvb8CSVYlzUWCrJD0GszmDvk_RKaNcM58Qy8nROj6-2U-nwugHRJxxkyW&uid=000012d4241b3b7d&mguid=&ap=aYjSAQAAwGoGuTy-ABcefJ_DPnpzFU2VfNn34A&tid=106
Requested by
Host: newstoolbar.org
URL: https://newstoolbar.org/paycom-employee-login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:20 GMT
content-type
text/html; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame D5F1 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVz_2iwWBC8dqfNXPVDLIaLNTN9ATAoJB5aJ-uwQMXpOsMoz-NktkfQAkjrbYdyobVqvllbWIrjOv6AXRYKH8l9VRgFcFBE5yT748bpoqlvLTtnATRdQh7Nbw5IUy53x4WvfXhOku1_TRhCWex-5WHuHlHXVCAeXdewqhut8eOU0ZwDtk&sig=Cg0ArKJSzIst1OgnbFsiEAE&id=lidar2&mcvt=1000&p=0,0,90,728&tm=2764.7999992370605&tu=1563.3999977111816&mtos=321,822,1000,1103,1201&tos=321,501,178,103,98&v=20260204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271802&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=6650713800&rst=1770574338284&rpt=295&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 08 Feb 2026 18:12:21 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
c
gtracenep.admaster.cc/ju/log/ Frame D5F1 		0
39 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gtracenep.admaster.cc/ju/log/c?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=9ce06f7ea47c52a97693518792e65701&mguid=&c_sync=1&app=vimpLog&ext={%22name%22:%22REAL_VIMP%22,%22vimp_elapsed_time%22:3064,%22time%22:1770574341348,%22intersectCount%22:1,%22intersectErrCount%22:0}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20260204/r20190131/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 08 Feb 2026 18:12:21 GMT
content-type
text/html; charset=utf-8
ic
tracenep.admaster.cc/ju/ Frame D5F1 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracenep.admaster.cc/ju/ic?tn=2ce2e6e33746b4224011d22068a89c02&trackingid=9ce06f7ea47c52a97693518792e65701&acid=34781&data=yHL5uxGsPhOVudVXb3nZN04C5rDMbcUbwO-_TT995Mr7rvii-1bluVzZy9XQeEUREphYG3Xeg0mhiDEYCqfFZn6OHOqSxGy8VxxMXo59JOtWXLyzdbMCEB0caTkV_1TLCbFCnUpfiKhvP_9VL5zGZ673y31jPJ7MIM-M-d5HZZA7kZPFf57bk0EKFd-PqLBMwM4TQEIkqccE1ngNsvze5LCVcB0jgg3yqa2Mj9BcE3hpis17wBBhmD1vH0qZjlBbB7EZ_zAgZKvkrXyfeqQoIanHhaLGhclW3irnUrZyMrZSdKPWn79BqKTDAspiU50mv894DTnRdaZq-vWF8OQplN03nDEIbLH0ldd0uhOkftEDetQTctXUIQINLdVX8NjK4O52zYicM2HShiWEGsnD2tpish0TQQJ63s5tppqgvyffMVR9qxyrsyYidO1h0z32rBvw5iP78VPA-bacZ6kix-lTXAGPQ8ge6Iq3UYBLsjxu-fNCpret504ScG65M6V2yM_WDsOvtEXHmckZqXq5nzSR6zIvwab6g6-sxaGiBaVLKqnYXQH6Ut9l7oiVlQgn5nBJCJsq_xoEBB4CD_Bd5bkMMWbHqhRhGsz3XCUWczLohsICr6GcK5MLWVsBboaMlG1LB7NOk9qL0miZWP_YO1S-3Bg4EjuYLBO3a9ZMraY0vf7FjbmSXFFgkQA9rLv3m4mztvCzcOALzaD4kM-IyDtHAab9clwguykdH4J8ennPrqzUS_7lyMq_QH1Y7dC0StPUQdCJ9rSH_38Pbs3fmO6JXUTFnPlyfSLZNKWLzpxF9Fk4xHIM3iTxBoDWdy3eTOjFXPUOkuRVlu9ggL0Gy7RnA1pMVuX92zGOWAQEQAXKjrKVzBiXVMYqGku3kjaQOKcVTK6MMWTefsfdVpcfddsrpK8L_SHIQ4ly5pjKZRT4vFajINFZeYW3l5d2B-eZoledSul38iT1-If7Af-SXznuYXtz3Tav4SfzfmkaYEHrVgTDHC_y04ptwbfKNAcUrCJ9J0SvhiQnZUDLCKT_AL_ejij_YU2k9dMaAFp-yyGxenMRxQGcHxD9KreJt0FUuJtVffMHYWnjV9f6deOuACcNh4XiiovybJFbZBziSLmHCZ8pP2rUsYYSqq3V621mnMfyc-zBliw7X_bA_9TpdJLdsLyawUnV-BrGyHrsgHTYx8FWeiS7EOBLrvCsI68miuHa-tW1MelJECoKMzdKO-BTNU1cpQaN0YlCSJe-fxzDElMr5SUlNdrnw_0IVZdP1MteMF4rhR_KtVKQ1QYNdayqvpMYxHdmataqAmnHTUqAx9Tlo9Vd3zxeoSTyIbUutYykKp_ZMVr26cPzP4LxrdoSxepJtdkFaLWBWBE36BUGt_eXv-z8T-Qn2v1B9U0xFpZozJetMVQCn4Gmc5Hc7PA480Uc7hSwrxGvFewQMr5ARiLaMACxsOJLtBlMqlkurBC3_1Q9Kl604q1EDXTHTE635P4yseP1p1OO12MCbqDwWzX4s7V4zTSgxaPuh9zMUbEqRViDXzBmISOMdBc7BPPeFDBoV3RfftW5zcitn1EedMxyh-BH6FcdfPZOwDnAQ-77yZ2pPO3UHbZkdUfnF4lNrchIPkjnpScmggNmOPpc5rxTUh1fd4ivzc0k0_8x&uid=000012d4241b3b7d&mguid=&ap=0.093339&tid=106&c_sync=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.233.198 Council Bluffs, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
198.233.209.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 18:12:21 GMT
content-type
text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

68 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| _wpemojiSettings function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE function| gtag object| dataLayer function| _statcounter object| adsbygoogle number| sc_project string| sc_security number| sc_invisible string| scJsHost object| generatepressMenu object| _sc_botd object| addComment string| currentText string| categoryCookie object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| google_js_reporting_queue number| google_srt boolean| BGtEY object| google_logging_queue object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_ad_modifications object| google_sa_queue function| google_process_slots object| google_ama_state number| google_unique_id object| fqjyf number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaGlobal function| google_sa_impl boolean| googFloatingToolbarManagerAsyncPositionUpdate object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| google_llp object| googletag object| GoogleGcLKhOms

17 Cookies

Domain/Path Name / Value
.newstoolbar.org/ Name: sc_is_visitor_unique
Value: rx8781098.1770574336.B7C1781BEE7E4817BE1C7208448FE2E1.1.1.1.1.1.1.1.1.1
newstoolbar.org/ Name: cookielawinfo-checkbox-necessary
Value: yes
newstoolbar.org/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.statcounter.com/ Name: is_unique
Value: sc8781098.1770574336.0
.newstoolbar.org/ Name: _ga_KMJZTK0496
Value: GS2.1.s1770574336$o1$g0$t1770574336$j60$l0$h0
.newstoolbar.org/ Name: _ga
Value: GA1.2.2135266722.1770574337
.newstoolbar.org/ Name: _gid
Value: GA1.2.814262359.1770574337
.newstoolbar.org/ Name: _gat_gtag_UA_154892205_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkzfrfe8aWk73KT3-eZPoEPgYz1bQmP2pAvm52mk9_X_uMmWPLabWoVaCu6MLQ
.doubleclick.net/ Name: __mggpc__
Value: 0
.admaster.cc/ Name: __mguid_
Value: b8be99e69758e3fa2l9ajz00mle28un5
.newstoolbar.org/ Name: __gads
Value: ID=5201f94490eb1314:T=1770574336:RT=1770574336:S=ALNI_MacsTJXHbj4_vnKQAkpNGX0QTIKPg
.newstoolbar.org/ Name: __gpi
Value: UID=000012d423f49f4e:T=1770574336:RT=1770574336:S=ALNI_MaPOybx4HZ4qjikCgzITSbNh2tKxA
.newstoolbar.org/ Name: __eoi
Value: ID=65fed60d195e114d:T=1770574336:RT=1770574336:S=AA-AfjZHmSznlCrN2dbZXKwHAUdg
.media.net/ Name: visitor-id
Value: 4135759386778586000V10
.media.net/ Name: data-g
Value: CAESEFgcfV9XutO6HVbZmMZKK-4~~6
.media.net/ Name: data-ga
Value: CAESEJtC4zrN-cNQoYmV5snhjIY~~1

2 Console Messages

Source Level URL
Text
rendering warning URL: https://newstoolbar.org/paycom-employee-login/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C09202A4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A0922AA4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akl-navvy.media.net
c.statcounter.com
cm.g.doubleclick.net
contextual.media.net
cs.media.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
gtracenep.admaster.cc
hblg.media.net
hbx.media.net
imagesnep.admaster.cc
lg3.media.net
msadsscale.microsoft.com
newstoolbar.org
pagead2.googlesyndication.com
qsearch-a.akamaihd.net
scripts.clarity.ms
secure.statcounter.com
static.admaster.cc
tpc.googlesyndication.com
tracenep.admaster.cc
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.152.110.43
13.107.246.40
142.250.31.132
142.251.16.156
142.251.167.132
172.253.115.104
172.253.115.155
172.253.115.156
172.253.62.138
172.253.63.97
172.66.169.241
192.178.155.157
23.222.200.28
23.48.8.28
23.55.176.229
34.111.60.239
34.160.55.127
34.54.226.84
35.208.249.213
35.209.233.198
35.227.244.76
012e32c3db8eab0778166b5af4367cdf98dcfb6b6dd530f8506f90708130eabf
02c5c410a2854826210ad49e2c91cbce598b656b5229f3f6401359f4bc57e4df
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
04d8ad01dab921e43e165fc02a3f0c8c2f93b3775f78bcef3152db8817c7f3f3
04e0142e1ae8bb711021ae2f9ec24aa63e662815b97e9de3d23d98cc2bb92f70
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1968c1a98ff7c24c39cb9d5cebc7be4d3712895c05219f45f0b8079ce7b52deb
1b251952f63d5d7d2d8fe8d1c73c7a2c6160752c80dc715f0b2df61990e545a3
1ff7400a8bdf1b5f830fd10864973e41eaefe7826e592ee24ed1acb45093f2eb
20c681a1937cbed8275424791df2954a83d20b51f2bc955f8957612f61469b63
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
2b263aa198e0a988dedf100f24e681645323e413479303c8afc1824815bb4da1
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
32a20bdf0dc30e762be2f0b74e1a53e4947556424499bcfaeffc7a46bec83891
47fdcf496cb4d1ba91d355a44076f7729f1e87daaa08500808d486aa364a8542
497761940337bae1c5e2837df4418316b2c315eb69e395229b2adffd4cf07cdd
4a78cfb375e495f619f3c139f31cc8fd94d5eba312d79b221337b1d69badd092
52cf34248c5f7365d432868647f654aae2daedbce623ce35a5f86dbf864225dc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
594486b781485bb2bbc46e47f91e36affd91ea2605d50430410385fb1ecc7c1f
62f9d36de90ed44c84af33e5b998d6451f30829770fbe0dc572bd7358e645f3e
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
69aaedaacf76ce25a17067506396f6e380ac82645cc80915a1250dbb52e668b7
6a05f0d9b1ecc19a4d8e0d5fc785d20f76fc394166f26c90aa0ca0c8193c90cc
6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
7880acdf45e13cb2be9b670db70c11c019ebb369be2032ec65d8e67d630ad00e
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
796e1e2a3ce71bbdb8a60b6d1e086faa85b2ba01e461f983add9c5d870a195c7
83b39c6725b867b24fe1495c8a502cb78332ebdceea328dbfa636cf0525fff94
860290342d29044bba2265646324ace17d94f74a8877400a3f5c4d5661199579
86606db7d6fa9915b4187ba8932d523c0216f5f4559b9aad3f142431b6a3ca9d
8795cecefe5662835501ea8793cf6ea9cdacd026791046d871c5a9e96c3314c3
94e5a4052c8f4acff783d75d4f41f1f43783ad6d80031044110083f9cbbc0fff
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
a7cedd7a7b1410d49bc7b90a7cc222f67dc435bcebc65a563c59124f976195b1
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
ac2a776bfd84cde0b15ba031f3d0d51bb2b9ded88dfce4fd43bcc804e9f20915
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b5a22ea5e348f9412c7daf140bbe2380b1014a94e95cd33429f6321afad108b1
b5af41b68909ceac0cb162606a520585d92847d53483eb285cded5cd4fe49f92
b5de31aca60065e57c56116eb90c10dd15c9bc1289f2321f74e678fb6af50565
c1e59998a7682189607d1dbb96b9b6519cd9eca17d7307791a5aa39a6d275ae5
c6c59e9a811d25b82a01a096c658b1458d4166dfa6b6438e84572226bf2a7331
c7308904efc8da3847aab82f9ab35918e8faccef6a04a6c657251759f30a8fb5
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7c55dd5d13049dee9113ffd2b385712e6bebf38e2e4bdc0456c98abab2caad2
c89fbb7c3991d609883de7c21412f6b27f44b0d049c72e49011d9a0311ac2eba
ca3f080df8f40b878e40b7b7f9334bec3e773168e756b5d1c4331ba6bc5d0977
ce1abbf92a71cb024f8acdd4ca835255a19cc03bfc9f6ad6486e7942882a5278
d3b1bb9f0f57c3a1f2f379399d145b47bf82f691031e7bb889e238cdec90a8a1
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e24a83f6d80be3ef18b72b5d8045e6be5316f8073a36998f136e1625c3755d02
e33ad12a5c60e3ed8af09afb5b92a8c25be78f9244f39fc88a1102240832e226
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab
ea4a3bda6fa5f3822ed8d15783364ff22f8cf737a748456564630c92970518ae
eb2358ba4f992d35e944e9eca63157152839bfee8e6b5817a6a6eb6e261ebd36
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb97c271d98e894b6ec3bb6b433f1c2c1270327e4848dcb18a69fe382d09d599
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81
f263ae9679f6d6f7e8c62003c18e9d6e4750728bdcac791ff464873fe7922ea6
f825058a7d145cf7f9072309ff5fa4f1f555bfae4094eae5026c4ed3949455ec
fbdfb2e035339a51583cd06a45d4899eab57cdeebd76431453226eea369f628d
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e