payroll.my Open in urlscan Pro
13.113.144.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://payroll.my/
Effective URL:
https://payroll.my/
Submission: On December 20 via api (December 20th 2023, 11:50:16 am UTC) from US — Scanned from JP

Summary HTTP 222 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 18 domains to perform 222 HTTP transactions. The main IP is 13.113.144.31, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is payroll.my.
TLS certificate: Issued by R3 on October 24th 2023. Valid for: 3 months.

This is the only time payroll.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	13.113.144.31 13.113.144.31	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:824::2008	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:824::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
34	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	104.20.94.138 104.20.94.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2404:6800:400... 2404:6800:4004:821::2003	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:824::200e	15169 (GOOGLE) (GOOGLE)
4 19	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
31	2404:6800:400... 2404:6800:4004:825::2001	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:827::2002	15169 (GOOGLE) (GOOGLE)
11	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
2 3	2404:6800:400... 2404:6800:4004:820::2004	15169 (GOOGLE) (GOOGLE)
8	172.217.26.226 172.217.26.226	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:826::200e	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:828::2006	15169 (GOOGLE) (GOOGLE)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
2 3	172.217.31.162 172.217.31.162	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.222.6 142.251.222.6	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
222	24

26 13.113.144.31 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com

payroll.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:801::2002 (Australia) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:827::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:820::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.26.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:826::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:828::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.31.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.222.6 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

scontent-iad3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

scontent-iad3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	642 KB
42	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent-iad3-1.xx.fbcdn.net — Cisco Umbrella Rank: 5250 Failed scontent-iad3-2.xx.fbcdn.net — Cisco Umbrella Rank: 5254	1 MB
26	payroll.my 1 redirects payroll.my	291 KB
24	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	243 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	217 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	141 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404	70 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
8	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	103 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	7 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	386 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	109 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 15885 c.statcounter.com — Cisco Umbrella Rank: 10182	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	139 KB
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 17722	526 B
222	18

	Domain	Requested by
32	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
31	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com payroll.my
26	payroll.my	1 redirects payroll.my
25	pagead2.googlesyndication.com	payroll.my pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net payroll.my
12	s0.2mdn.net	payroll.my s0.2mdn.net
11	www.gstatic.com	googleads.g.doubleclick.net
8	www.googleadservices.com	payroll.my
8	www.facebook.com	1 redirects payroll.my static.xx.fbcdn.net connect.facebook.net
7	fonts.googleapis.com	payroll.my googleads.g.doubleclick.net
6	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net payroll.my
5	scontent-iad3-2.xx.fbcdn.net	www.facebook.com
5	scontent-iad3-1.xx.fbcdn.net	www.facebook.com
5	fonts.gstatic.com	fonts.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdnjs.cloudflare.com	payroll.my cdnjs.cloudflare.com s0.2mdn.net
2	ad.doubleclick.net	payroll.my
2	connect.facebook.net	payroll.my connect.facebook.net
2	www.googletagmanager.com	payroll.my www.googletagmanager.com
1	s-cs.send.microad.jp	1 redirects
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	payroll.my
222	26

This site contains links to these domains. Also see Links.

Domain
hr.my
freechequewriter.com
lampiran1.hasil.gov.my
www.kwsp.gov.my
www.perkeso.gov.my
www.hasil.gov.my
calcpcb.hasil.gov.my
facebook.com
jsns.eu

Subject Issuer	Validity	Valid
payroll.my R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-28` - `2023-12-27`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://payroll.my/
Frame ID: 6F11831313305C978CA18574A63ACC37
Requests: 51 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252F202708376488646%26tabs%3Dtimeline%26width%3D350%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: AC341E88A6EDCA61EA12003926D3ED52
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: DA4CACEAA174A9A9C806CA880D6B2B05
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&adk=1812271804&adf=3025194257&lmt=1703073010&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fpayroll.my%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073011215&bpp=18&bdt=500&idt=206&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7848877418218&frm=20&pv=2&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=234
Frame ID: 8095F21E65C591272B36A32389489E29
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=200&slotname=2059126289&adk=1158759801&adf=1602745239&pi=t.ma~as.2059126289&w=940&fwrn=4&lmt=1703073010&rafmt=11&format=940x200&url=https%3A%2F%2Fpayroll.my%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073011233&bpp=3&bdt=518&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7848877418218&frm=20&pv=1&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&rplot=4&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
Frame ID: 911F1703369D90813C2B3628230D87CF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=250&slotname=2737906844&adk=2266820169&adf=4260084012&pi=t.ma~as.2737906844&w=300&lmt=1703073010&format=300x250&url=https%3A%2F%2Fpayroll.my%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073011236&bpp=1&bdt=522&idt=228&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x200&nras=1&correlator=7848877418218&frm=20&pv=1&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=231
Frame ID: 984839180AE28B44CAFE34FA10612BAF
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 37E3D1220A6BBD7C9775F147D0FA6FA5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 91D7A781394D2E76D8595E60102AA23C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: F16CA29EEC84126AEED8039C2AA95F6F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27e545425c0b28%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&container_width=940&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true
Frame ID: C42FAB5A3259C98B7DBA3CE47284983A
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df131cbd71486be4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&send=true&show_faces=false&width=450
Frame ID: 8E8FF6369F0319757EF37D4116490120
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Frame ID: 47E31D5ED7BA2C4ED0D750BCC0376B19
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B212280699C893E960922F9FBE924679
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E330AEF13D36912422E6DCBB5BFE7B54
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6773561368244514&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703073010&rafmt=1&to=qs&pwprc=4511807673&format=1200x280&url=https%3A%2F%2Fpayroll.my%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073013182&bpp=1&bdt=2467&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D547276001571dfc6%3AT%3D1703073011%3ART%3D1703073011%3AS%3DALNI_MaN_TznKqO76cJ-eLabxoRaNlWB3g&gpic=UID%3D00000cb7cddbba1a%3AT%3D1703073011%3ART%3D1703073011%3AS%3DALNI_MaWVkXhzlBYnG2E-sSg3XRI0KLZPw&prev_fmts=0x0%2C940x200%2C300x250&nras=2&correlator=7848877418218&frm=20&pv=1&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3095&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&psts=AOrYGslotUhRfODjWK5wgMafhrZ9KbM_7vo-6dbu8gB5u0v1xDodASY3TvKd84S4LWtgmK4ZENyEZmyd2OIJPvzk8LAJqwHl%2CAOrYGsmgnXQ_JYQnwaicx2ST0UTyAegoArgvv5aOSkwPpu9_ahU1Zbk1ABW3QmDF0f092w2lzvxtTqVo5MgPmoOzKYtbOGyN&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=3&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=64
Frame ID: CB5D0565C3C9F53938E82757E952DDAE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6773561368244514&output=html&h=90&adk=413024534&adf=3844467294&pi=t.aa~a.1535826200~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1703073010&rafmt=1&to=qs&pwprc=4511807673&format=1200x90&url=https%3A%2F%2Fpayroll.my%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073013182&bpp=1&bdt=2467&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D547276001571dfc6%3AT%3D1703073011%3ART%3D1703073011%3AS%3DALNI_MaN_TznKqO76cJ-eLabxoRaNlWB3g&gpic=UID%3D00000cb7cddbba1a%3AT%3D1703073011%3ART%3D1703073011%3AS%3DALNI_MaWVkXhzlBYnG2E-sSg3XRI0KLZPw&prev_fmts=0x0%2C940x200%2C300x250%2C1200x280&nras=3&correlator=7848877418218&frm=20&pv=1&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&psts=AOrYGslotUhRfODjWK5wgMafhrZ9KbM_7vo-6dbu8gB5u0v1xDodASY3TvKd84S4LWtgmK4ZENyEZmyd2OIJPvzk8LAJqwHl%2CAOrYGsmgnXQ_JYQnwaicx2ST0UTyAegoArgvv5aOSkwPpu9_ahU1Zbk1ABW3QmDF0f092w2lzvxtTqVo5MgPmoOzKYtbOGyN&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=67
Frame ID: 5F2A7FF7A60842EED7D544A605AAE92B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8D51D2B0CA1E2A7AECD702DABFC4F77F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 5DE7E7B922B5C20E460E021FFF8DF9BF
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 27BF533A3E7780231ED64F83A71315A1
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6325BB7E44997BEDD902EC9B699878EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv6cBCb4qXLBBiorKD7ATAB&v=APEucNW5YcWMNvuBFUvnPJXxF4eHxioOv5oHCzK2aUM3dPOz2XbeEyaDer5jcIkDZxpX7kHxFG8TdbldU8RAeo0S9NPK9kMq0w
Frame ID: 1BE6D0897EC815E00E3402553FCCE19D
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 5701CB4801C5F9DA5DD596C911D57D99
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 349287596F45F4110B529BD41E5C389B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ED3CC5CEDD54FA7A2EC39FC8844568C5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7311F0CA7AB6B7E7442BC3FA8296F540
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250
Frame ID: BD23ABB45AE57727A86818933885208A
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 9CB462CB79768571C2F01B265331EB3A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 0658D84C21E891AA86E95330E41CCDA9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: E807AFF1234585CB8B81696F2B0FE4EE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ead7905f6864%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true
Frame ID: CA5E4535008718F9FFFE78C3A02B0683
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PCB Calculator 2023, EPF Calculator & SOCSO Table - Free Malaysian Payroll Software

Page URL History Show full URLs

http://payroll.my/ HTTP 301
https://payroll.my/ Page URL

Detected technologies

Joomla (CMS) Expand

Overall confidence: 50%
Detected patterns

(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)/com_|<table[^>]+class="pill)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

222
Requests

95 %
HTTPS

71 %
IPv6

18
Domains

26
Subdomains

24
IPs

4
Countries

3670 kB
Transfer

11275 kB
Size

16
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://hr.my/
Title: Free HR & Payroll. Unlimited Employee.

Search URL Search Domain Scan URL

URL: https://freechequewriter.com/cheque-amount-to-word-converter
Title: Amount in Words

Search URL Search Domain Scan URL

URL: https://hr.my/doc/timeclock-attendance-management.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=calculator
Title: Free Time Clock Attendance

Search URL Search Domain Scan URL

URL: https://hr.my/?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=calculator
Title: Leave Management

Search URL Search Domain Scan URL

URL: https://hr.my/doc/expense-claim-management.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=calculator
Title: Claim Management

Search URL Search Domain Scan URL

URL: https://hr.my/doc/ea-form.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=eaform
Title: EA Form

Search URL Search Domain Scan URL

URL: https://hr.my/?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=note
Title: HR.my - Free Malaysian Payroll and HR Software

Search URL Search Domain Scan URL

URL: https://hr.my/doc/leave-management.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=leave
Title: Leave Management

Search URL Search Domain Scan URL

URL: https://hr.my/doc/expense-claim-management.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=claim
Title: Expense Claim Management

Search URL Search Domain Scan URL

URL: https://hr.my/doc/timeclock-attendance-management.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=attendance
Title: Time Clock and Attendance Management

Search URL Search Domain Scan URL

URL: https://hr.my/doc/document-workflow.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=workflow
Title: Document Workflow

Search URL Search Domain Scan URL

URL: http://lampiran1.hasil.gov.my/pdf/pdfam/Jadual_PCB_2018.pdf
Title: PCB Table 2018

Search URL Search Domain Scan URL

URL: http://www.kwsp.gov.my/portal/documents/10180/175560/JADUAL_KETIGA_04012019_ENG.pdf
Title: EPF Contribution Third Schedule

Search URL Search Domain Scan URL

URL: https://www.perkeso.gov.my/index.php/en/social-security-protection/employer-employee-eligibility/rate-of-contributions
Title: SOCSO Table

Search URL Search Domain Scan URL

URL: https://www.perkeso.gov.my/index.php/en/eis-registration-contribution/eis-contribution-rate
Title: SIP / EIS Table

Search URL Search Domain Scan URL

URL: http://www.kwsp.gov.my/portal/home?display_mode=classic
Title: KWSP

Search URL Search Domain Scan URL

URL: https://www.perkeso.gov.my/index.php/ms/
Title: PERKESO

Search URL Search Domain Scan URL

URL: http://www.hasil.gov.my/
Title: LHDN / Hasil

Search URL Search Domain Scan URL

URL: http://calcpcb.hasil.gov.my/pcb_calc_2023.php?&csrf=2145664acbe3a2ed4110367&statwork=1
Title: Kalkulator PCB - Lembaga Hasil Dalam Negeri

Search URL Search Domain Scan URL

URL: https://facebook.com/202708376488646

Search URL Search Domain Scan URL

URL: https://jsns.eu/
Title: jsns.eu

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://payroll.my/ HTTP 301
https://payroll.my/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 89

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs53f89SCZaC3HtCIid4P6tue2AjGoLrlX8KNgtqaEYGp3s75ChABIMOm5R1gifPFhPQToAHOyuW6AsgBCakCdIwYFU3tPT6oAwHIA8sEqgTgAU_QMn-BFm9BrlfE31dhYU3n-p9LYd9-R3oiRBN7SE6h0BnD9RjbUOShtrZLaK1ZtlLTMre9ULX2scRWRX4J4mNwSYt2Q8c4U6UfLpL_170nWEpwiX4v4xfTNZZZkuvaNPt4EozRsrLMk5yxQw63WfvYJYsd1LrygtmJK5QFOY49Veee0LNz0ndUtVnwKTOMggxwwhILKbrmSQbxHXnooA1abmc0fS8V3ULfm0Xmchkzy63O-_Jrk4-9atqGGnHzdLZ6UIhHSaMMuSU7kJIxgwC8P0bwve987srNF2YRCXM0wATUjIDGoAOIBeLbysQqkgUECAQYAZIFBAgFGASgBi6AB5q1msUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ2eEi0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljW3IGv-Z2DA5oJnwFodHRwczovL3d3dy5hbWF6b24uY28uanAvJUUzJTgzJTlFJUUzJTgyJUE0JUUzJTgzJTkwJUUzJTgzJTgxJUU1JUI3JUE1JUU2JTg4JUJGLSVFNyVCNSU4Ni9zP2s9JUUzJTgzJTlFJUUzJTgyJUE0JUUzJTgzJTkwJUUzJTgzJTgxJUU1JUI3JUE1JUU2JTg4JUJGLSVFNyVCNSU4Ni2ACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwQCgoQgMjgw6H6hIcXEgIBA7gTiATYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNjc3MzU2MTM2ODI0NDUxNBgA&sigh=Ian13JADOrE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_KK2ULyNOrgdq14JjCXW2_yT0c34uC2pqhW6Fbov73pvCPZfUDfvahNCBDp6rvexKt4qpTRaigtYtxCP5Qi2fnL5jk3KW1FpiehgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x357ddc91a19dd97d0000000000000000%22,%222%22:%220xb8f1b98b9e3f68e20000000000000000%22,%223%22:%220x6b0d24ed87317240000000000000000%22,%224%22:%220x2ba12014dc7ff3120000000000000000%22,%225%22:%220x59da65216a9dd5070000000000000000%22},%22debug_key%22:%2213094745170529011673%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22660170062%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222391095354829927185%22}&andc=true

Request Chain 94

https://googleads.g.doubleclick.net/pagead/adview?ai=C_Acr89SCZcONIP6Iid4P-_ufYPW6jfJ0qdnK7p4SiOb1_I0OEAEgw6blHWCJ88WE9BOgAdrY-NQqyAEBqQLeEaKFndNJPqgDAcgDywSqBNoBT9DpvwJ8c8OZbT1pXTpZbVbmYslp4p3dUr89Grk6nKXXFgHEyfsztI-JmDimeJFTit-NTzy61-irdczC2wI3h5MZEe3QB8KXxuiqCPNXq69KVyT5vZEqdu0eWR9CM-Rg2m0WkjAUFFUys7HldcmpagKL_7gK_sNjOOv5G1ZMGcoGyr6vT04qK5dy72uCXyvvCoEeBwcbx_dAylrprcJHLJETGWAQ7tgHxXacZHKhwoSlzr9Det-coerJkDRQEcTaje1cqJjLFZlnlr37FVEQ3WTz3_PCGWZD2mLABMLiv9rOBIgFiIaU4E2SBQQIBBgBkgUECAUYBIAH2pDJtAWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC9iy7SCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WL60g6_5nYMDmgkWaHR0cHM6Ly9lbGVjdHJvanAuY29tL4AKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2gwRCgsQ4N6Aj8DI6bfPARICAQPYEwLQFQGAFwGyFxwKGggAEhRwdWItNjc3MzU2MTM2ODI0NDUxNBgA&sigh=jUq020ysOGs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_j4EH6cvT7PDYm0QYVI-6iyAhNU_vA8SmI0zWXOe3JlKDZrZZJV501omjkX16HbNjzVHFQn0Pj6KXgKL75E1bFSbU0AXsVtzS3BgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe08270c33f6ef7cf0000000000000000%22,%222%22:%220x948b9f4525361f620000000000000000%22,%223%22:%220x40e18cb00f1430d70000000000000000%22,%224%22:%220x6fb9413004769c1b0000000000000000%22,%225%22:%220xdd3a89c433fb8fd00000000000000000%22},%22debug_key%22:%223845950971897505103%22,%22debug_reporting%22:true,%22destination%22:%22https://electrojp.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211452427354%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213408554441670000449%22}&andc=true

Request Chain 99

https://www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500

Request Chain 156

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGYrLj7ZUu1zMwILct8KVEc&google_cver=1

Request Chain 158

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYLU9bWyk9x.8aMmNVuN9wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGYrLj7ZUu1zMwILct8KVEc&google_cver=1&google_hm=2

Request Chain 163

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://googleads.g.doubleclick.net/pagead/adview?ai=CkG3m89SCZbHlHY-Fid4Pje642AiGhMicc7GZ0OCZErma_9roGhABIMOm5R1gifPFhPQToAHPm8-iAsgBAakC7LikvCrnPT6oAwHIA8sEqgTXAU_QvqFlyxWBZ-1tVkaPPzt2xw_M84R3hkOL_rmt4pugOetIVtngveP3hqfyD_oPo2tVBPG5tlkD_fgn4Z8eZYUgoxzexCpJSZURJ2-UK9cHoTfCHeiRG7Cjq5EuNnJdBzD4A9Lhz4CkFY9IioMo4Afx5550AXeYZ-MyoI855GbukrbNAoNIERScqClB-uZx7QPKgWGa7xlIQHg1oHw0UbFE7fmByfb9NcaXJPeVtU1XSFS9dlkDdYgZWr0HEEEsbZWmq7M_i7N6lfo8GQ4ZSQdwGbCjqZsqwAS15ZvJngOIBeq8wMYqkgUECAQYAZIFBAgFGASgBgKAB5nksN0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQn9IG0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliM_4Cv-Z2DA5oJIGh0dHBzOi8vd3d3LmtpcmlzaGltYS15dXVzdWkuanAvgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLaDBAKChDgkpPSzZLj83YSAgED2BMK0BUBgBcBshccChoIABIUcHViLTY3NzM1NjEzNjgyNDQ1MTQYAA&sigh=241GVQAD1Lo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_grJY3TLBQtRIQ0BduCpwcjtU4aiySjrFou6JytIcTxYerJ-qqrFjDC0CU4CCabzG94lbWQAJtpfdsibYdFmCqpH7ihj4J3B6KhMYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3995bc9e8e4082720000000000000000%22,%222%22:%220xb23e3ba5a31257f60000000000000000%22,%223%22:%220xd2126d429318a6810000000000000000%22,%224%22:%220x7781cf8eb18bf05a0000000000000000%22,%225%22:%220x79dfced0e1d8556a0000000000000000%22},%22debug_key%22:%229564511640781987539%22,%22debug_reporting%22:true,%22destination%22:%22https://kirishima-yuusui.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22609471951%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229118964740557127425%22}&andc=true

Request Chain 196

https://googleads.g.doubleclick.net/pagead/adview?ai=CgoMR89SCZbLlHY-Fid4Pje642AiGhMicc7GZ0OCZErma_9roGhABIMOm5R1gifPFhPQToAHPm8-iAsgBAakC7LikvCrnPT6oAwHIA8sEqgTXAU_QE8jRiMAE8Sg__7l-tzboqJqvEqUtG7Jc7VSBeNUaDrw_RDJVfE0emPSye5NjqptP82o7McNnxKP8DzYUmjQJPqa2vvNN0F8nQ9Z33T1elEGFyxCWUajhj-9jYNvQOYexNadl50OIgfa7zF5hjGgkr5iswAEMsbskfAc0rfCql3059KCl_FhaIKCZCe4mxzfs3IU-ySDD41VDZvhhPWj9_-AHGRf_ntmnnPDe_sK52Rb6fnzLP7YTtBk0_Roec0iBmokIcbfweb_PAc_iUudITOQ1pnpywAS15ZvJngOIBeq8wMYqkgUECAQYAZIFBAgFGASgBgKAB5nksN0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ8r4F0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliM_4Cv-Z2DA5oJIGh0dHBzOi8vd3d3LmtpcmlzaGltYS15dXVzdWkuanAvgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLaDBAKChDwls-q2YTTtTgSAgED2BMK0BUBgBcBshccChoIABIUcHViLTY3NzM1NjEzNjgyNDQ1MTQYAA&sigh=ccmCNPKAyd8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_grJY3TLBQtRIQ0BduCpwcjtU4aiySjrFou6JytIcTxYerJ-qqrFjDC0CU4CCabzG94lbWQAJtpfdsibYdFmCqpH7ihj4J3B6KhMYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3995bc9e8e4082720000000000000000%22,%222%22:%220xb23e3ba5a31257f60000000000000000%22,%223%22:%220xd2126d429318a6810000000000000000%22,%224%22:%220x7781cf8eb18bf05a0000000000000000%22,%225%22:%220x79dfced0e1d8556a0000000000000000%22},%22debug_key%22:%224899639652446801342%22,%22debug_reporting%22:true,%22destination%22:%22https://kirishima-yuusui.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22609471951%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221126935815090394945%22}&andc=true

222 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
payroll.my/
Redirect Chain

http://payroll.my/
https://payroll.my/

36 KB
13 KB

273ms
257ms

Document
text/html

13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2e95272f5c6be67d64bce253bb1da0e1f6740cda7edb5478d25ae8042f49b7eb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 20 Dec 2023 11:50:10 GMT
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified: Wed, 20 Dec 2023 11:50:10 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Wed, 20 Dec 2023 11:50:10 GMT
Location: https://payroll.my/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 115ms
48ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-99577156-2

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

230d79e6f31766f8b619af249b478a63defca50f89f75c70dbb426f379d8787e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 11:50:10 GMT

GET
H/1.1 200
OK modal.css
payroll.my/media/system/css/ 3 KB
1 KB 25ms
3ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/css/modal.css?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5d399bcd50e595112a3c3342889765359e5dba919dc738aa559e826aec89b31c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-bc5"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK fbar.css
payroll.my/plugins/content/fbar/ 1 KB
821 B 26ms
3ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/plugins/content/fbar/fbar.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ac0113db18b2bf86355b310ef7859c3eb6389566e288422497392ea8ff37eaf0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jul 2017 23:33:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"59583131-573"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK kunenalatest.css
payroll.my/modules/mod_kunenalatest/tmpl/css/ 2 KB
990 B 26ms
4ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/modules/mod_kunenalatest/tmpl/css/kunenalatest.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2e5be8b3678d9bb39bcb70ffa7f95aa031009f101f3be2a35213b982dc526d40

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Jan 2022 01:30:44 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61e4c6c4-6b6"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.css
payroll.my/components/com_djclassifieds/themes/default/css/ 52 KB
11 KB 26ms
5ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/components/com_djclassifieds/themes/default/css/style.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d8254941c31678787346d958d0efcded555e6cdf43c9d30b581f77cf9ae9f0bd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jul 2017 23:33:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"59583133-d1dd"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style_default.css
payroll.my/components/com_djclassifieds/themes/default/css/ 9 KB
2 KB 26ms
5ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/components/com_djclassifieds/themes/default/css/style_default.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3dfe31c9a1176ec6dd88c64bbba94cd47d42f31d37ae6f2c35539d5b0b81f6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jul 2017 23:33:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"59583133-239d"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK responsive.css
payroll.my/components/com_djclassifieds/themes/default/css/ 4 KB
2 KB 26ms
4ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/components/com_djclassifieds/themes/default/css/responsive.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7010799d0a3f9b84922aafda3957995808a3833d409c10dbb830321fb337236d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jul 2017 23:33:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"59583133-11c5"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK template.css
payroll.my/templates/protostar/css/ 161 KB
34 KB 34ms
6ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/templates/protostar/css/template.css?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 31d5d20ba867e9d763b937c3bd7784b90eb2ddb7e5dac6f41689b21e3dcae966

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Jan 2022 10:41:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61e547d1-282ec"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 101ms
43ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 11:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 10:43:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 11:50:10 GMT

GET
H/1.1 200
OK style.min.css
payroll.my/modules/mod_facebook_slide_likebox/tmpl/css/ 4 KB
2 KB 29ms
3ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/modules/mod_facebook_slide_likebox/tmpl/css/style.min.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f6b5044cfdbf0d2d36814fbc517f7d1e48a83a10bd6d27ba6706dca074f06bc9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jan 2021 09:29:36 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"60094980-ff9"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 36ms
9ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3584765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10391
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBLG3JAMAggDDIoGEPKq3gj303SdTy2YmBDoUmk6yrjDudOSNNsAGlHmd42s1Z5DuupJXBBRCevhx9D0F3fNPZOi2DdRACXbxD1h0dmjLjtYrp6295AqGWJBreVjLSAyda0syEJiPfNK%2FpUlFTSWVE%2F2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8387aa8d3b1b3547-NRT
expires: Mon, 09 Dec 2024 11:50:10 GMT

GET
H/1.1 200
OK mootools-core.js Show response
payroll.my/media/system/js/ 82 KB
31 KB 37ms
11ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/js/mootools-core.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-147b5"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK core.js Show response
payroll.my/media/system/js/ 9 KB
4 KB 32ms
7ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/js/core.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 98333312a99b4c67911a1c1d4bddda30653715ffa23ea460fe385fa1987b39ba

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-221f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK mootools-more.js Show response
payroll.my/media/system/js/ 231 KB
79 KB 33ms
9ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/js/mootools-more.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-39d19"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK modal.js Show response
payroll.my/media/system/js/ 10 KB
4 KB 35ms
8ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/js/modal.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bb0d7bdcac2da7402e126ad96a388ce507fa972b741323a5a40ea65df2076b8d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-278f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK jquery.min.js Show response
payroll.my/media/jui/js/ 95 KB
39 KB 38ms
12ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/jui/js/jquery.min.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-17d6e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK jquery-noconflict.js Show response
payroll.my/media/jui/js/ 21 B
279 B 36ms
6ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/jui/js/jquery-noconflict.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61b45bf0-15"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21

GET
H/1.1 200
OK jquery-migrate.min.js Show response
payroll.my/media/jui/js/ 10 KB
4 KB 33ms
3ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/jui/js/jquery-migrate.min.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-2748"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK caption.js Show response
payroll.my/media/system/js/ 491 B
751 B 33ms
3ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/js/caption.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61b45bf0-1eb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 491

GET
H/1.1 200
OK bootstrap.min.js Show response
payroll.my/media/jui/js/ 28 KB
9 KB 34ms
5ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/jui/js/bootstrap.min.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-71c6"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK template.js Show response
payroll.my/templates/protostar/js/ 2 KB
1 KB 34ms
3ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/templates/protostar/js/template.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7b26c692500dd71cbd9b8d7e801152aa89394511bbe0e191f79aedef0951564b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-802"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 184ms
103ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

295550b8310ff10a1a9d1fd07706dd4a6ddcfb6eec0b60bafe6ee25989051f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51850
x-xss-protection: 0
server: cafe
etag: 17743152073679859007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:50:10 GMT

GET
H/1.1 200
OK payroll.my.css
payroll.my/cs/css/ 2 KB
906 B 18ms
3ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/cs/css/payroll.my.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 55d2d32282a68be7f7ce8c1f679946ce4ea53e877f86eae3214ba552efc9ea2f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jan 2022 01:46:50 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61e61c0a-74a"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK Payroll.my.beta.png
payroll.my/images/cs/logo/ 7 KB
7 KB 4ms
3ms Image
image/png 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payroll.my/images/cs/logo/Payroll.my.beta.png
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 29661f75cf859eed6d3825705712429caf06e3e25d62a216e21321155ed5cb68

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Last-Modified: Sat, 01 Jul 2017 23:33:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "59583130-1a2f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6703

GET
H/1.1 200
OK AjaxRequest.js Show response
payroll.my/cs/js/ 17 KB
5 KB 4ms
4ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/cs/js/AjaxRequest.js
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 43be5a3181a17e89330922c0015fd9cb33d5b4a5311e20f756dbe964e685c133

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jul 2017 23:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"59583132-42ad"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK cool.png
payroll.my/media/kunena/emoticons/ 781 B
1 KB 4ms
4ms Image
image/png 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payroll.my/media/kunena/emoticons/cool.png
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f69fa757fca82ffa06f59a98a7a7d3640ea96f0fa6655a5db8255953f0b935cc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Last-Modified: Mon, 17 Jan 2022 01:30:13 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61e4c6a5-30d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 781

GET
H/1.1 200
OK HR.my_Payslip_Thumb.png
payroll.my/images/ 37 KB
38 KB 4ms
4ms Image
image/png 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payroll.my/images/HR.my_Payslip_Thumb.png
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 26876252a63eae3885b544ac4b5733fb349b3f41b509f1cdd0acd7c6ba2a2a57

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Last-Modified: Tue, 02 Apr 2019 00:21:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5ca2ab01-95a1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38305

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
3 KB 11ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

273820dab958d7fe28bea30bf876eec07c742ab9566574a394a2a9d7068c6b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 11:50:10 GMT
content-md5: KFOnQKU+3A+ccRwRLlDPRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1683
reporting-endpoints
x-fb-debug: pnjmZu9MQRkqsFPeHa4EiyQwDIFuITwTkP4CvHNDhTuDGs/cHhRIcUKaMPLRhG27H9j95e8PZjCdcq4rpVaWtQ==
x-fb-content-md5: b010805a7474e0a3c9c12e5a1f23b3ee
cross-origin-opener-policy: same-origin-allow-popups
etag: "dc45031236a98ae184c702bc2d119af9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:51:59 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 41 KB
15 KB 32ms
16ms Script
application/javascript 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 17:21:03 GMT
server: cloudflare
age: 21272
etag: W/"6581d0ff-a313"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8387aa8dff7f2059-NRT
expires: Wed, 20 Dec 2023 17:55:38 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 304 KB
86 KB 6ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=ade58a256f3a9aa0cf416d1a08cafee6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59437e1ad07a2682ed39e2ba0cef1f46ab93c112bbd7258f4ef243f8fe736b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://payroll.my/
Origin: https://payroll.my
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 11:50:10 GMT
content-md5: yYtLZiL6smOiYE2ZDUywmQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87814
reporting-endpoints
x-fb-debug: MPJ9HO0w+A52uNIXtlRRPths5PG+WxFIsBcOvrdjfWvgQEkz5yrPyjpYpCA3XvdmqVY8dl2DLSN/070Nq6u+CQ==
x-fb-content-md5: dd19ce9e247237954ba45c269afa0e81
cross-origin-opener-policy: same-origin-allow-popups
etag: "ca9f6d509844ed407db3ca2077b0be11"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 Dec 2024 10:07:30 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame AC34 40 KB
15 KB 256ms
243ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/202708376488646&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24924efc88fb180d54b964a33d001cf908bd35304d02ac9ab1bc09b3665b73bd

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:11 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: PMlJQboEcqItNyzXdqFMd+qHseRAFzVWMczZZRKWv9A2YmXV69+5fxu8/7vgE1vLivBcu9a/W58/7AMSEBH6Yg==
x-xss-protection: 0

GET
H/1.1 200
OK fshare.png
payroll.my/plugins/content/fbar/ 503 B
750 B 5ms
3ms Image
image/png 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payroll.my/plugins/content/fbar/fshare.png
Requested by: Host: payroll.my
URL: https://payroll.my/plugins/content/fbar/fbar.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9a0b5cc4632c4d0bf462cac4dd58a334354b44559581d7917cfeb6cece852cc7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/plugins/content/fbar/fbar.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 11:50:10 GMT
Last-Modified: Sat, 01 Jul 2017 23:33:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "59583131-1f7"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 503

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 76 KB
76 KB 17ms
13ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin: https://payroll.my
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:10 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2473477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77400
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-12e58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxchWszJKrqm%2BwnLjDkZfHuLG5%2BaMRVHM%2BmtxcTXR7IDhl9DBWe%2FWifx38Tj4%2BGX5AAVsSTK4BU%2FmiOiohngzLMH3TUcmNQLYZ3A6OGjq1LTGAcBaFlv7qlgMkiLpgjtsSQ90CxTiQb%2FRcCLj9iGqwQw"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8387aa8dfe677358-NRT
expires: Mon, 09 Dec 2024 11:50:10 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
19 KB 51ms
5ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payroll.my
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 21:12:44 GMT
x-content-type-options: nosniff
age: 311846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 21:12:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 55ms
54ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G85EWVDPZ3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99577156-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50b3a136f61a549e700e6c9482e43ee8a73b55e3871f5ac3b46f84e331c19da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 11:50:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 43ms
2ms Script
text/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99577156-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 10:42:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4041
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 20 Dec 2023 12:42:49 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
486 B 167ms
161ms XHR
application/json 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=8319737&u1=39D1BDDDC4DF4F35A22A79A9D79064F0&java=1&security=11aa9540&sc_snum=1&sess=75b702&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//payroll.my/&t=PCB%20Calculator%202023%2C%20EPF%20Calculator%20%26%20SOCSO%20Table%20-%20Free%20Malaysian%20Payroll%20Software&invisible=1&sc_rum_e_s=496&sc_rum_e_e=512&sc_rum_f_s=0&sc_rum_f_e=476&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://payroll.my
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 8387aa8e5fcc2059-NRT
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 44ms
43ms XHR
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2056074713&t=pageview&_s=1&dl=https%3A%2F%2Fpayroll.my%2F&ul=en-us&de=UTF-8&dt=PCB%20Calculator%202023%2C%20EPF%20Calculator%20%26%20SOCSO%20Table%20-%20Free%20Malaysian%20Payroll%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=532105204&gjid=409384699&cid=133716426.1703073011&tid=UA-99577156-2&_gid=294774199.1703073011&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1773684412

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payroll.my/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payroll.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 46ms
45ms Ping
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-G85EWVDPZ3&gtm=45je3bt0v898947310&_p=1703073010769&gcd=11l1l1l1l1&dma=0&cid=133716426.1703073011&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1703073011&sct=1&seg=0&dl=https%3A%2F%2Fpayroll.my%2F&dt=PCB%20Calculator%202023%2C%20EPF%20Calculator%20%26%20SOCSO%20Table%20-%20Free%20Malaysian%20Payroll%20Software&en=page_view&_fv=1&_ss=1&tfd=667
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G85EWVDPZ3&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payroll.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/ Frame AC34 20 KB
5 KB 21ms
8ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/202708376488646&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f52d737df458888643eccb2af914b9f26faab334a15fab6da9ecfa7282ea76d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pOduJb1AbZf8GewcOKEDbA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5240
reporting-endpoints
x-fb-debug: yjQ7KISukPnjXDSiEp8jYVPn8VIhUwyulmhY3tx3EB7/MstuGPE79R2V7rqvHqvMIkpvk9k7saX9MCRdFic85w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 20:01:13 GMT

GET
H2 200 M-4NM50a-iS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ Frame AC34 355 KB
92 KB 20ms
7ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

815feb5a3c616eecf145c2d70b428bd7f93854b19bd745bf8d0e91e1f24fd26b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iwdBQhZ4wq3YVbHj5W6VNA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93963
reporting-endpoints
x-fb-debug: IhJrQ2dLRCZoP/78d2M/pBbGfoiWmJyPhq76mEAYwPu3Cn+YskN/USJYiQQ2WVZZPCNOOYN2og3k+1eAwQBcRg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 17 Dec 2024 23:09:59 GMT

GET
H2 200 t0ReYFsBFxb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame AC34 10 KB
4 KB 25ms
13ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/t0ReYFsBFxb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0699ec87a5948593704673dd827854964f845df3971d277cfb1dc9322a4d7faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9Z6npeNNnMeScC7Vi4kYOg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3562
reporting-endpoints
x-fb-debug: Q//XxGB+2+luE7Xt3rdiADgShX+JYCPe2KfMcxg7bJervnBVBl5iuwskqzLPLfZ7bdGdes2nQrXxUGIuA7fCUg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 17:32:48 GMT

GET
H2 200 7r7tZCAH9GJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame AC34 92 KB
27 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/7r7tZCAH9GJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2a214081e1f3ea56cc068ad53949224dc0bf812231321efbad123cd56e60a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Nuy0ctrIX0iDEcbl2G69vQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26954
reporting-endpoints
x-fb-debug: DXgRxfQTtMvlGARJgOrQkQXbCasC3GAygCLKuYXrIZ91AS39xgoYNcba8NhMv+p9UC8K8huM2aJA7gYD1bGVpA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 15 Dec 2024 03:14:32 GMT

GET
H2 200 ZuO3Risk2lA.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame AC34 52 KB
17 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/ZuO3Risk2lA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d0bff79cd9d23c424a1dba2d385fc4a01b1a95dac1dd776e0bd295fa5586da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3MfG3bosQwuBrrCMGI/XpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16972
reporting-endpoints
x-fb-debug: eVHjWRtE/0D/IHGPYxJAw8hIFE+OzKTZIhsjZOpQfGe89tTM21ib7JFbETs93QjPcL45nusYt4UKC3AmscC0wg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 17 Dec 2024 15:06:35 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame AC34 507 B
1 KB 17ms
5ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:53:20 GMT

GET
H2 200 JMOqY9JKrro.js Show response
static.xx.fbcdn.net/rsrc.php/v3iFvO4/yJ/l/zh_HK/ Frame AC34 28 KB
8 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iFvO4/yJ/l/zh_HK/JMOqY9JKrro.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b933b9c33b2817f0c911084c9953094b4ff666739f40c9918ad32f9bfb277371

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5nhXRpwGYmSPGpms3AAPkA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7933
reporting-endpoints
x-fb-debug: TipVaxwWWMs+zx0qepME14qsxbfHQLhgHxUTOEJbcRypgm0H9ZY0wlc83Jbmlnt3y3X8mjB0RBtXdNj0pE1g4g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 15 Dec 2024 18:39:49 GMT

GET
H2 200 y1wKntgIB6R.js Show response
static.xx.fbcdn.net/rsrc.php/v3ioTW4/y5/l/zh_HK/ Frame AC34 71 KB
20 KB 23ms
13ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/y5/l/zh_HK/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f3706b87941d3ad9cb475e7a2a33307e9bd988226b81eb3c4e43e684c1d721ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3anNNGcUofBiYeanIleVDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20147
reporting-endpoints
x-fb-debug: 2y1kygtmfluQFFcJgV0aIRLAg1D5uCTG/weTfPW8PSP6qAsRsrbnKD/r4yfuzIIYazaLEBTmqiwZmAtjPg0Btw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 23:37:26 GMT

GET 304696275_578496410639580_6938369199124765427_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/ Frame AC34 0
0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 80ms
77ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f562d9edf58f937f3f684e422e3375392b442290a2fd39f58791c030d1db7f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137927
x-xss-protection: 0
server: cafe
etag: 16505861163434265724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:50:11 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame DA4C 9 KB
4 KB 51ms
4ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:52:25 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 10:52:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame AC34 573 B
714 B 8ms
3ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: ZD3QxG4H8eTNbhHaKOzszlH4EtHKvLShzewdJeBbNtZmfDVFH+Y9gPvS5cqCqRkE52XvbU/eG5BqgT6K7eJRzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1,i
expires: Thu, 05 Dec 2024 21:03:22 GMT

GET
H3 200 uJcry4Jjx7c.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame AC34 208 KB
59 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/uJcry4Jjx7c.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c32f431eb95abb07ba006254d697d9ac347ad016ae53d764bc6c30f74312339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6NU2u2NaljUSgCnnqgTgQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60780
reporting-endpoints
x-fb-debug: yx/RGJfFyr/spJmmvOSojymbwcIeoWou0EM0BVWsUxjN26rDiGkFEWvmbiP+tLFkY4Z7fV11EKfi1VsGdkMTzQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 17:26:23 GMT

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame AC34 0
0

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame AC34 942 B
847 B 110ms
109ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/y5/l/zh_HK/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8d14de23b9826b91d7c588169a80a11c162e3a3fea4c0731487337f445efbc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 19hY7UbGPkDxI7VjaO9lAN
Referer: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/202708376488646&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 11:50:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: r67MNoJwvl1eyO3qaii2cz0fil6TcZAKgzDAKxwRcXpvJY/XJFxiI2ed4GoDdvLT9W4vFcOxIvn1j+CUA7k2HQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame AC34 1 KB
1 KB 3ms
3ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
reporting-endpoints
x-fb-debug: XkOus0AgWRGI37rkLDldzMzF8qYSNxRnju++q7+S0Sw3MSXgpV5wFZsAIEk+GO5yc4B/yf2zOF7ZlhkvTepm4g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 15 Dec 2024 17:51:05 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8095 618 KB
132 KB 1205ms
1204ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&adk=1812271804&adf=3025194257&lmt=1703073010&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fpayroll.my%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073011215&bpp=18&bdt=500&idt=206&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7848877418218&frm=20&pv=2&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=234

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

498433ddb7adb085c07fbbf2d2e510092f64ed44a237aa6d5f3f1c7d09ac4686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 135101
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:12 GMT
expires: Wed, 20 Dec 2023 11:50:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 911F 154 KB
45 KB 1008ms
1008ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=200&slotname=2059126289&adk=1158759801&adf=1602745239&pi=t.ma~as.2059126289&w=940&fwrn=4&lmt=1703073010&rafmt=11&format=940x200&url=https%3A%2F%2Fpayroll.my%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073011233&bpp=3&bdt=518&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7848877418218&frm=20&pv=1&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&rplot=4&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c829ee5cd2636118470885177ca34fe1e88d22bd398b5cc8c0afe26f6e99b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46225
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:12 GMT
expires: Wed, 20 Dec 2023 11:50:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ieeHDjcGsIR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame AC34 213 B
348 B 3ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:11 GMT
x-content-type-options: nosniff
content-md5: oSUZEsOZh+qyGbXjvLFs7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 213
reporting-endpoints
x-fb-debug: inD/MVYkH0LUOPxT96Yr2qjdhGA5eIn3S5oGGHpz943Iv5Fmg13wAkXZ60QVnxte3VB9ho08VAIVOFo4a1Cg9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Tue, 17 Dec 2024 18:39:45 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9848 128 KB
43 KB 1073ms
1073ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=250&slotname=2737906844&adk=2266820169&adf=4260084012&pi=t.ma~as.2737906844&w=300&lmt=1703073010&format=300x250&url=https%3A%2F%2Fpayroll.my%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073011236&bpp=1&bdt=522&idt=228&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x200&nras=1&correlator=7848877418218&frm=20&pv=1&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=231

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a13327705cf406464a9195825fd0d8ff3c6321077182b4df07d44f1eaf849a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43675
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:12 GMT
expires: Wed, 20 Dec 2023 11:50:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/login/ Frame AC34 0
0 151ms
151ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252F202708376488646%26tabs%3Dtimeline%26width%3D350%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/202708376488646&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Dec 2023 11:50:11 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: xUkjkOerb+N9E/jFovuWSCLRLNXL8avy4kTOwQ85M0Bxp9riwhDcfsWi0ker2+u9iM7jEJVhuaWO17aEy0nh7w==
x-frame-options: DENY
x-xss-protection: 0

POST bz
www.facebook.com/ajax/ Frame AC34 0
0

GET
H2 200 css
fonts.googleapis.com/ Frame 911F 884 B
532 B 46ms
43ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E4%B8%81%E3%83%90%E3%83%9E%E3%81%99%E8%B2%A9%E6%99%82t%E3%81%AFb0%E7%9B%AE7%E3%81%84%E2%88%92%E6%9C%89%EF%BC%94%E5%8F%B7%E6%88%BF%E6%96%B0%E5%B7%A5%E3%81%BE%E5%90%8D%E3%81%97%E5%B8%82%E5%88%9D%EF%BC%90%E8%80%85%E6%A0%84e%E3%82%82%E5%88%86%20o5Y%EF%BC%91%E3%81%A6%E5%BF%83%E4%BD%BF%E3%80%82%E6%96%B9%EF%BC%961%E3%81%AEr%E3%82%92%EF%BD%9E%E5%AE%A4%E3%83%81-u%E3%82%84%E7%B5%86%E8%8D%89%E7%94%A8%E3%82%A4%EF%BC%92%E3%81%A7%E5%8A%A0%E5%A3%B2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=200&slotname=2059126289&adk=1158759801&adf=1602745239&pi=t.ma~as.2059126289&w=940&fwrn=4&lmt=1703073010&rafmt=11&format=940x200&url=https%3A%2F%2Fpayroll.my%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073011233&bpp=3&bdt=518&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7848877418218&frm=20&pv=1&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&rplot=4&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86a441e4c2b779854aec38f795f74b0609c9485e4ba29772b0dda65a80304e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 11:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:50:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 11:50:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 911F 14 KB
1 KB 45ms
43ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 11:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:21:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 11:50:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 911F 2 KB
875 B 87ms
6ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 911F 23 KB
9 KB 85ms
7ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 911F 3 KB
1 KB 82ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 911F 20 KB
9 KB 81ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 911F 203 KB
65 KB 107ms
61ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:50:12 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 911F 37 KB
15 KB 52ms
6ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 10:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 10:51:54 GMT

GET
DATA 200
OK truncated
/ Frame 911F 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 9848 9 KB
4 KB 28ms
4ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=250&slotname=2737906844&adk=2266820169&adf=4260084012&pi=t.ma~as.2737906844&w=300&lmt=1703073010&format=300x250&url=https%3A%2F%2Fpayroll.my%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073011236&bpp=1&bdt=522&idt=228&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x200&nras=1&correlator=7848877418218&frm=20&pv=1&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 10:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 10:51:54 GMT

GET
H2 200 eca8f43f04ace2cb887c6c133446ca43.js Show response
www.gstatic.com/mysidia/ Frame 9848 11 KB
5 KB 31ms
6ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 05:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4745
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 05:53:09 GMT

GET
H2 200 d500f8b303efba9f5ab695bab8da4c89.js Show response
www.gstatic.com/mysidia/ Frame 9848 20 KB
8 KB 29ms
5ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 17:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 15 Mar 2024 17:32:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9848 842 B
421 B 45ms
44ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%97%A5%E3%82%B5%E4%BE%9B%E3%82%8B%E6%B0%97%E9%80%A3%E3%81%97%E3%83%93%E8%80%85%E7%B5%A1%E3%81%B3%E4%BD%8F%E3%81%BE%E3%81%91%E5%BD%93%E7%A4%BE%E6%9C%89%E3%80%82%E3%81%AE%E3%82%92%E6%8F%90%E3%81%8A%E3%83%BC%E3%81%AF%E3%81%A6%E3%81%84%E3%80%85%E5%AE%85%E9%96%8B%E3%82%B9%E3%81%8F%E3%81%99%E9%9B%BB%E3%81%AB%E6%9C%AC%E6%88%91%E5%90%91%E6%A5%AD%E3%82%88%E6%89%80%E4%BC%81

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

092a1f1130aa21e6d22cb1b4ba9c2193ad38866289daf4b15248655a69f2b4db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 11:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:50:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 11:50:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9848 7 KB
1 KB 41ms
41ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 11:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:46:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 11:50:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9848 2 KB
856 B 25ms
8ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H2 200 92da1c8e4790a69c4d76e84ba2e3001c.js Show response
www.gstatic.com/mysidia/ Frame 9848 6 KB
2 KB 21ms
5ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 12:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2259
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 12:47:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 9848 23 KB
9 KB 24ms
7ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9848 3 KB
1 KB 25ms
8ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9848 20 KB
8 KB 51ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9848 203 KB
64 KB 149ms
133ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:50:12 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 9848 37 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 10:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 10:51:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 37E3 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=250&slotname=2737906844&adk=2266820169&adf=4260084012&pi=t.ma~as.2737906844&w=300&lmt=1703073010&format=300x250&url=https%3A%2F%2Fpayroll.my%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073011236&bpp=1&bdt=522&idt=228&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x200&nras=1&correlator=7848877418218&frm=20&pv=1&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=231
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:32:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 37E3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
51ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:12 GMT
expires: Wed, 20 Dec 2023 11:50:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 911F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f29cca182a84ae2b65393e9af8e4805c5ad38333e7f586799e1626a2fc12815

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9848 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e06325f8e748575942d69d49fcc55ad67a504df192165417e10908429e898cd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9848 0
20 B 37ms
36ms Ping
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoNECshAAAAAAAAIEAwBAoNEAMhAAAAMzOfkUAwBAoNEAohAAAAAMzMGEAwBAoNEA0hAAAAAMCZuT8wBAoNEB4qBzMwMHgyNTAwBAoNEBkqBzMwMHgyNTAwBAoNEA4hAAAAAMCZuT8wBAoNEAQhAAAAzcy6kUAwBAoNEA8hAAAAAICZuT8wBAoNECshAAAAAAAAM0AwBAoNEAUhAAAAAAC8kUAwBBIaQ0lQVGc2XzVuWU1ERlg1RXdnVWQtXzBIREEiGXRleHQvdmFuaWxsYV9oaWdobGlnaHRfbXMoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 911F 33 KB
33 KB 3ms
3ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 03:51:15 GMT
x-content-type-options: nosniff
age: 287937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Dec 2024 03:51:15 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 911F 23 KB
23 KB 54ms
54ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqm03dIt9sgI4ACqvSAosHdMFJ04TyFxCOuocvz3fStfOLDRluPjhmFP_qIi3eL1Dwgz_tLL0NROTMkmKRx_tfAbepAv_8Ywlis0hgEwZgexn2tgoNupO1jxcIPaUM1Or8ZrJko6-qXLRNGvTgmQnABtpVkpsotD7Wvq4kIbe_9T4F1iPIKqRkMOyRCM3H7sSEkqbIrjOiC-Qns1saFMzCzPT4hajTx11ZBULjlICo&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E4%B8%81%E3%83%90%E3%83%9E%E3%81%99%E8%B2%A9%E6%99%82t%E3%81%AFb0%E7%9B%AE7%E3%81%84%E2%88%92%E6%9C%89%EF%BC%94%E5%8F%B7%E6%88%BF%E6%96%B0%E5%B7%A5%E3%81%BE%E5%90%8D%E3%81%97%E5%B8%82%E5%88%9D%EF%BC%90%E8%80%85%E6%A0%84e%E3%82%82%E5%88%86%20o5Y%EF%BC%91%E3%81%A6%E5%BF%83%E4%BD%BF%E3%80%82%E6%96%B9%EF%BC%961%E3%81%AEr%E3%82%92%EF%BD%9E%E5%AE%A4%E3%83%81-u%E3%82%84%E7%B5%86%E8%8D%89%E7%94%A8%E3%82%A4%EF%BC%92%E3%81%A7%E5%8A%A0%E5%A3%B2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83c1e04233e37a6ce5d993f76bb2e6f43d6e7975988832579826d9a097f0037e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:12 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23628
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 21 Dec 2023 11:50:12 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 911F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs53f89SCZaC3HtCIid4P6tue2AjGoLrlX8KNgtqaEYGp3s75ChABIMOm5R1gifPFhPQToAHOyuW6AsgBCakCdIwYFU3tPT6oAwHIA8sEqgTgAU_QMn-BFm9BrlfE31dhYU3n-p9LYd9-R3o...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x357ddc91a19dd97d0000000000000000%22,%222%22:%220xb8f1b98b9e3f68e20000000000000000%22,%223%22:%220x6b0d24...

0
0

81ms
42ms

Fetch
text/css

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x357ddc91a19dd97d0000000000000000%22,%222%22:%220xb8f1b98b9e3f68e20000000000000000%22,%223%22:%220x6b0d24ed87317240000000000000000%22,%224%22:%220x2ba12014dc7ff3120000000000000000%22,%225%22:%220x59da65216a9dd5070000000000000000%22},%22debug_key%22:%2213094745170529011673%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22660170062%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222391095354829927185%22}&andc=true

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bom05s09-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x357ddc91a19dd97d0000000000000000","2":"0xb8f1b98b9e3f68e20000000000000000","3":"0x6b0d24ed87317240000000000000000","4":"0x2ba12014dc7ff3120000000000000000","5":"0x59da65216a9dd5070000000000000000"},"debug_key":"13094745170529011673","debug_reporting":true,"destination":"https://amazon.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["660170062"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"2391095354829927185"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 11:50:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 11:50:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x357ddc91a19dd97d0000000000000000","2":"0xb8f1b98b9e3f68e20000000000000000","3":"0x6b0d24ed87317240000000000000000","4":"0x2ba12014dc7ff3120000000000000000","5":"0x59da65216a9dd5070000000000000000"},"debug_key":"13094745170529011673","debug_reporting":true,"destination":"https://amazon.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["660170062"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"2391095354829927185"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 91D7 50 KB
19 KB 3ms
3ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 13:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 427638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 13:02:54 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 9848 25 KB
25 KB 18ms
18ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqW07TlBQmVkTrhS3hzXFe-NyMW8V3n1ETMsr-Ry4_PZZihXiLtlVznGL7qrTrp_nBC4KgpAR4zC1JGqMMTz6aiUZAhtbh5yjrNw3ll2_R_8A7Mt_4IpY8Fwp5pcyZTIcF_mt1x5bnPMnodhW9TfTFKhNU8ja5AIdDAo9Bha7mMfN4PmJZwmXZPNkYVMD64lGh2vdxDiYTq12mS74bxNA&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%97%A5%E3%82%B5%E4%BE%9B%E3%82%8B%E6%B0%97%E9%80%A3%E3%81%97%E3%83%93%E8%80%85%E7%B5%A1%E3%81%B3%E4%BD%8F%E3%81%BE%E3%81%91%E5%BD%93%E7%A4%BE%E6%9C%89%E3%80%82%E3%81%AE%E3%82%92%E6%8F%90%E3%81%8A%E3%83%BC%E3%81%AF%E3%81%A6%E3%81%84%E3%80%85%E5%AE%85%E9%96%8B%E3%82%B9%E3%81%8F%E3%81%99%E9%9B%BB%E3%81%AB%E6%9C%AC%E6%88%91%E5%90%91%E6%A5%AD%E3%82%88%E6%89%80%E4%BC%81

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c310df3404878646e835f4719964541fe1065b29abfa796e301b1e2dd41a6c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 05:42:02 GMT
x-content-type-options: nosniff
age: 22090
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25380
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 21 Dec 2023 05:42:02 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9848 21 KB
21 KB 6ms
6ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 23:54:58 GMT
x-content-type-options: nosniff
age: 129314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 23:54:58 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 90ms
42ms Preflight
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bom05s09-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 11:50:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9848
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C_Acr89SCZcONIP6Iid4P-_ufYPW6jfJ0qdnK7p4SiOb1_I0OEAEgw6blHWCJ88WE9BOgAdrY-NQqyAEBqQLeEaKFndNJPqgDAcgDywSqBNoBT9DpvwJ8c8OZbT1pXTpZbVbmYslp4p3dUr8...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe08270c33f6ef7cf0000000000000000%22,%222%22:%220x948b9f4525361f620000000000000000%22,%223%22:%220x40e18c...

0
0

40ms
40ms

Fetch
text/css

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe08270c33f6ef7cf0000000000000000%22,%222%22:%220x948b9f4525361f620000000000000000%22,%223%22:%220x40e18cb00f1430d70000000000000000%22,%224%22:%220x6fb9413004769c1b0000000000000000%22,%225%22:%220xdd3a89c433fb8fd00000000000000000%22},%22debug_key%22:%223845950971897505103%22,%22debug_reporting%22:true,%22destination%22:%22https://electrojp.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211452427354%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213408554441670000449%22}&andc=true

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bom05s09-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe08270c33f6ef7cf0000000000000000","2":"0x948b9f4525361f620000000000000000","3":"0x40e18cb00f1430d70000000000000000","4":"0x6fb9413004769c1b0000000000000000","5":"0xdd3a89c433fb8fd00000000000000000"},"debug_key":"3845950971897505103","debug_reporting":true,"destination":"https://electrojp.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11452427354"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"13408554441670000449"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 11:50:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 11:50:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe08270c33f6ef7cf0000000000000000","2":"0x948b9f4525361f620000000000000000","3":"0x40e18cb00f1430d70000000000000000","4":"0x6fb9413004769c1b0000000000000000","5":"0xdd3a89c433fb8fd00000000000000000"},"debug_key":"3845950971897505103","debug_reporting":true,"destination":"https://electrojp.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11452427354"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"13408554441670000449"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F16C 50 KB
19 KB 3ms
2ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 13:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 427638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 13:02:54 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9848 0
20 B 40ms
40ms Ping
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoNEBAhAAAAAOB45UAwBAoNEBEhAAAAAOBD9UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAzcz0lEAwBAoNEBQhAAAAAJDg9UAwBAoNEBUhAAAAAAAAKkAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAAAAUlkAwBAoNEDIhAAAAAKCZyT8wBAoNEDMhAAAAAKCZyT8wBAoNEDQhAAAAAKCZyT8wBAoNEDUhAAAAAKCZyT8wBAoNEDYhAAAAAKCZyT8wBAoNEDchAAAAAKCZyT8wBAoNEDghAAAAAJiZ8T8wBAoNEDkhAAAAZmbGkEAwBAoNEDohAAAAMzP7kEAwBAoNEDshAAAAZmbwlEAwBAoNEDwhAAAAZmbwlEAwBAoNED0hAAAAzcz0lEAwBAoNED4hAAAAZmb8lUAwBAoNED8hAAAAZmb8lUAwBAoNEEAhAAAAmZkdlkAwBBIaQ0lQVGc2XzVuWU1ERlg1RXdnVWQtXzBIREEiGXRleHQvdmFuaWxsYV9oaWdobGlnaHRfbXMoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame C42F 50 KB
16 KB 177ms
177ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27e545425c0b28%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&container_width=940&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=ade58a256f3a9aa0cf416d1a08cafee6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

555138d7adae1f203f4d6ab5c63b4ab717ad160ae63bf9d4f1f298052b2e7c8f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 2NuwGjF+bXlhwsJOrRqRFtTI4PJr8aJf2XaB/GfPhtudy0dy1tlyRjZ+hg47I7IhkVCEnHTM7afef7P0xC3Rdw==
x-xss-protection: 0

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame 8E8F 50 KB
16 KB 239ms
238ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df131cbd71486be4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&send=true&show_faces=false&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=ade58a256f3a9aa0cf416d1a08cafee6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

226ca4c9e8c3e28479bb9cb671e9836bd1ceae5928e9954763ae47efa5f425ac

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: uwr6DFuBHyxqqg7s74aw0sHPKksTYq3c7FUIxi+x/cOgQmBnN7us5GV2dAbg6BgPv9WEvoWVW6+2OWZ/DleKQQ==
x-xss-protection: 0

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 47E3
Redirect Chain

https://www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canva...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas...

185 KB
40 KB

476ms
476ms

Document
text/html

2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=ade58a256f3a9aa0cf416d1a08cafee6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7e4b9e66c40919b3b1d6fb39b80b40efffaf5027a81f3471929cb44925271b8

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Wed, 20 Dec 2023 11:50:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 3fd6XJX/5xrtclFtzth8chzwZ/zO0l0sVBuU5fjQ6C1P5DoOBdb1fHKhtK0pA50qXxyok13ZWlX5qFnsYcT2HA==
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Dec 2023 11:50:13 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
origin-agent-cluster: ?0
priority: u=0,i
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-fb-debug: fQjnod7gUaEEms0zp8gb9YAvoD+rcEfjkbQHyag9LhxqM7GmZRyuiRhVnzfjRy7ZXi28whfRIW+8+9hW7rHF/g==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 95ms
56ms XHR
application/json 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa7f6c4967dd58a6697f0a3a0705834d5ae4a75f4eff02682451d0d82474018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12211
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bom05s09-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 11:50:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 69ms
69ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8d62346a33f6e7cd04a3dd46f639c8e09e73f0bc7254d740b9faa88422a9a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56015
x-xss-protection: 0
server: cafe
etag: 6022453782073248723
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:50:12 GMT

GET
H2 200 ca-pub-6773561368244514 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 183ms
97ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6773561368244514?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ea976d0bfc76d7f51d9c44f2b71614ae25b69f8d12a3c5bb7b4b1062deda4f4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-MTdbVVLMEG_kVvmEV5dsIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-MTdbVVLMEG_kVvmEV5dsIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 43ms
42ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 11:50:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B212 13 KB
5 KB 4ms
3ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 45842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 23:06:11 GMT
expires: Wed, 18 Dec 2024 23:06:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E330 829 B
996 B 46ms
43ms Document
text/html 2404:6800:4004:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

281b6b8c6903b28da1b8f40a32511192a68dcd69ff755c0d78ac2499ef335b92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-77HbsSJpbmGPOD_FI00J3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-77HbsSJpbmGPOD_FI00J3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:13 GMT
expires: Wed, 20 Dec 2023 11:50:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame C42F 299 B
436 B 3ms
3ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27e545425c0b28%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&container_width=940&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: a2MC2FtokK4VLGyQ8wBKZRGzUtJiQg+b6Flz6mKo2YjZ/wImA2Mo07KDU5YrKCMQ+f4ek0voCkDg1YATRJnXHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Dec 2024 18:05:15 GMT

GET
H3 200 TdBDGo2W8RG.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yY/l/en_GB/ Frame C42F 529 KB
136 KB 4ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yY/l/en_GB/TdBDGo2W8RG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06a1777d53912dff5cf5d931ecef04748f474b6b28ffcdc41c21294b31b464d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lTS26dudGHV6Mfv8Cy+B+Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139471
reporting-endpoints
x-fb-debug: w9q8GyZbSZhIq10VAw3UXfKlu2JiyiVXjGHjOj9I94STfPunkQVmTFGJ2BT64EbTk3ZqQszG/WX8cFHpCqSYGQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 18 Dec 2024 22:51:24 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B212 39 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Dec 2024 13:19:30 GMT

GET
H3 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 8E8F 299 B
436 B 3ms
3ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df131cbd71486be4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&send=true&show_faces=false&width=450

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: a2MC2FtokK4VLGyQ8wBKZRGzUtJiQg+b6Flz6mKo2YjZ/wImA2Mo07KDU5YrKCMQ+f4ek0voCkDg1YATRJnXHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Dec 2024 18:05:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E330 0
0 38ms
38ms Image
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1607374832718903&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 TdBDGo2W8RG.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yY/l/en_GB/ Frame 8E8F 529 KB
136 KB 4ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yY/l/en_GB/TdBDGo2W8RG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df131cbd71486be4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&send=true&show_faces=false&width=450

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06a1777d53912dff5cf5d931ecef04748f474b6b28ffcdc41c21294b31b464d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lTS26dudGHV6Mfv8Cy+B+Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139471
reporting-endpoints
x-fb-debug: w9q8GyZbSZhIq10VAw3UXfKlu2JiyiVXjGHjOj9I94STfPunkQVmTFGJ2BT64EbTk3ZqQszG/WX8cFHpCqSYGQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 18 Dec 2024 22:51:24 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB5D 436 B
233 B 240ms
240ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6773561368244514&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703073010&rafmt=1&to=qs&pwprc=4511807673&format=1200x280&url=https%3A%2F%2Fpayroll.my%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073013182&bpp=1&bdt=2467&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D547276001571dfc6%3AT%3D1703073011%3ART%3D1703073011%3AS%3DALNI_MaN_TznKqO76cJ-eLabxoRaNlWB3g&gpic=UID%3D00000cb7cddbba1a%3AT%3D1703073011%3ART%3D1703073011%3AS%3DALNI_MaWVkXhzlBYnG2E-sSg3XRI0KLZPw&prev_fmts=0x0%2C940x200%2C300x250&nras=2&correlator=7848877418218&frm=20&pv=1&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3095&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&psts=AOrYGslotUhRfODjWK5wgMafhrZ9KbM_7vo-6dbu8gB5u0v1xDodASY3TvKd84S4LWtgmK4ZENyEZmyd2OIJPvzk8LAJqwHl%2CAOrYGsmgnXQ_JYQnwaicx2ST0UTyAegoArgvv5aOSkwPpu9_ahU1Zbk1ABW3QmDF0f092w2lzvxtTqVo5MgPmoOzKYtbOGyN&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=3&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=64

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bcb770fa62da9c0d3fe5f0d079bf7135f0efe1a7d06891d24b2c6404c682286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5F2A 436 B
234 B 408ms
407ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6773561368244514&output=html&h=90&adk=413024534&adf=3844467294&pi=t.aa~a.1535826200~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1703073010&rafmt=1&to=qs&pwprc=4511807673&format=1200x90&url=https%3A%2F%2Fpayroll.my%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703073013182&bpp=1&bdt=2467&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D547276001571dfc6%3AT%3D1703073011%3ART%3D1703073011%3AS%3DALNI_MaN_TznKqO76cJ-eLabxoRaNlWB3g&gpic=UID%3D00000cb7cddbba1a%3AT%3D1703073011%3ART%3D1703073011%3AS%3DALNI_MaWVkXhzlBYnG2E-sSg3XRI0KLZPw&prev_fmts=0x0%2C940x200%2C300x250%2C1200x280&nras=3&correlator=7848877418218&frm=20&pv=1&ga_vid=133716426.1703073011&ga_sid=1703073011&ga_hid=2056074713&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320869%2C95320885&oid=2&psts=AOrYGslotUhRfODjWK5wgMafhrZ9KbM_7vo-6dbu8gB5u0v1xDodASY3TvKd84S4LWtgmK4ZENyEZmyd2OIJPvzk8LAJqwHl%2CAOrYGsmgnXQ_JYQnwaicx2ST0UTyAegoArgvv5aOSkwPpu9_ahU1Zbk1ABW3QmDF0f092w2lzvxtTqVo5MgPmoOzKYtbOGyN&pvsid=1607374832718903&tmod=102653627&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=67

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b32373db2e8d4a583fabaa5951b6c2b3029ce35c7c09d1415868b06744981f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8D51 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:51:58 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 10:51:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 5DE7 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:51:58 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 10:51:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 27BF 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:51:58 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 10:51:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 6325 9 KB
4 KB 3ms
3ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 10:51:58 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 10:51:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxV7Ln9VKOg_QpnwoWnRJbZxcI4tV-7NTQJixRWcmq77_RE0dJuZoJHV2U0ExOeXW6HLzm9oNPCKRfhDwHbjiZpFJXBAhgT0qfXWd2dhSDteF7qGUjqyfaZ3B_aW-k7LOb-RrtzW3Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 57ms
56ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV7Ln9VKOg_QpnwoWnRJbZxcI4tV-7NTQJixRWcmq77_RE0dJuZoJHV2U0ExOeXW6HLzm9oNPCKRfhDwHbjiZpFJXBAhgT0qfXWd2dhSDteF7qGUjqyfaZ3B_aW-k7LOb-RrtzW3Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDczMDEzLDI5ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYXlyb2xsLm15LyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f2b1d3a345699d7db904928bfc06df1cee568e5a570b707a4e96d5337b88fc9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-N2MxH4aVh6zWupIwSFVcYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-N2MxH4aVh6zWupIwSFVcYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 8D51 4 KB
671 B 37ms
36ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:22:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 11:50:13 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8D51 205 B
229 B 2ms
2ms Image
image/png 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 07:57:01 GMT
x-content-type-options: nosniff
age: 359592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 15 Dec 2024 07:57:01 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8D51 604 B
628 B 4ms
3ms Image
image/png 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 18:24:33 GMT
x-content-type-options: nosniff
age: 321940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 15 Dec 2024 18:24:33 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 8D51 16 KB
7 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:30:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 21:30:14 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 8D51 22 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:46:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:46:11 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B212 0
10 B 3ms
2ms Image
text/plain 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mfnoHw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5DE7 2 KB
822 B 2ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 5DE7 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5DE7 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5DE7 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DE7 203 KB
64 KB 79ms
79ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:50:13 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 5DE7 37 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 10:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 10:51:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 27BF 2 KB
822 B 2ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 27BF 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 27BF 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 27BF 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27BF 203 KB
64 KB 162ms
162ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:50:13 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 27BF 37 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 10:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 10:51:54 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1BE6 448 B
213 B 48ms
47ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COv6cBCb4qXLBBiorKD7ATAB&v=APEucNW5YcWMNvuBFUvnPJXxF4eHxioOv5oHCzK2aUM3dPOz2XbeEyaDer5jcIkDZxpX7kHxFG8TdbldU8RAeo0S9NPK9kMq0w

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5701 111 KB
39 KB 46ms
2ms Script
text/javascript 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Dec 2023 21:54:38 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 5701 7 KB
3 KB 2ms
2ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:19:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:19:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 5701 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:19:28 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5701 41 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 10:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 10:51:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5701 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5701 20 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5701 203 KB
64 KB 138ms
138ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:50:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5701 42 B
63 B 38ms
38ms Image
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQD1kk78_x7Z89lNGes41Y-WVrEgN9zVPjVsC4XtkmYc57ATUMFOR3gG5-jQdHQtwzx5RljjD5-9cI_KDkidkl8ibi7cML0aVTMRAqeq8yyAnNAmc

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXSpbLBl9IG34XapdxungOfNnVZSVL1vv40hFVI061RNNKArOsQv26sNi1x5kbmtnRG0YYmUb2NgIwXQ3lwwtSsFSWQLOfYPQRw5VsrigT81fV-Gc5QNMZosStD_xvb5P3FmJztog== Show response
fundingchoicesmessages.google.com/f/ 14 KB
6 KB 73ms
73ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXSpbLBl9IG34XapdxungOfNnVZSVL1vv40hFVI061RNNKArOsQv26sNi1x5kbmtnRG0YYmUb2NgIwXQ3lwwtSsFSWQLOfYPQRw5VsrigT81fV-Gc5QNMZosStD_xvb5P3FmJztog==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDczMDEzLDQyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGF5cm9sbC5teS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c781f6ec5143fb960fae654381b5d467b71081bcbcac6b62bac28071d20ef791

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZbGqSnEiWum2IlnFlyQruA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZbGqSnEiWum2IlnFlyQruA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3492 14 KB
1 KB 43ms
43ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:04:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 11:50:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3492 2 KB
822 B 3ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 3492 23 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED3C 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:32:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3492 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3492 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 10:51:54 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3492 203 KB
64 KB 81ms
80ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:50:13 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 3492 37 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 10:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 10:51:54 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1BE6
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
409 B

79ms
42ms

Image
image/png

172.217.31.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv6cBCb4qXLBBiorKD7ATAB&v=APEucNW5YcWMNvuBFUvnPJXxF4eHxioOv5oHCzK2aUM3dPOz2XbeEyaDer5jcIkDZxpX7kHxFG8TdbldU8RAeo0S9NPK9kMq0w

Protocol

Server

172.217.31.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 20 Dec 2023 11:50:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1BE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGYrLj7ZUu1zMwILct8KVEc&google_cver=1

43 B
771 B

20ms
19ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGYrLj7ZUu1zMwILct8KVEc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv6cBCb4qXLBBiorKD7ATAB&v=APEucNW5YcWMNvuBFUvnPJXxF4eHxioOv5oHCzK2aUM3dPOz2XbeEyaDer5jcIkDZxpX7kHxFG8TdbldU8RAeo0S9NPK9kMq0w
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvF%2FW%2F0U4tYWr6fPmuCHEb1H89iT8oonRdCzfxeuxTHdcfDWvUYbdAENVBpXOTYag4pIrn8nkoHnlIqpzoAFa22qeu%2F3o%2FfRGZz8PPhLK%2FdTR2ap0yknNLDGNUUJRUJ5X51HvbeNVZ4H3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8387aa9e9910afd9-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGYrLj7ZUu1zMwILct8KVEc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1BE6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYLU9bWyk9x.8aMmNVuN9wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGYrLj7ZUu1zMwILct8KVEc&google_cver=1&google_hm=2

43 B
739 B

16ms
16ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGYrLj7ZUu1zMwILct8KVEc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COv6cBCb4qXLBBiorKD7ATAB&v=APEucNW5YcWMNvuBFUvnPJXxF4eHxioOv5oHCzK2aUM3dPOz2XbeEyaDer5jcIkDZxpX7kHxFG8TdbldU8RAeo0S9NPK9kMq0w
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgPiLXZNSemo8YOOAnzVzRtlyYPd5onnOZ6OOwZqVizMGsNY5Zx%2BsZfoUXnlY%2BzYsxmgMirkd2W53UoyBZUS6vMC8Sv2%2FjDHymoIHTAoGNpBGDu1jJfBH8%2FPHKtaKuhn5vMW%2BxLeNpDKiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8387aa9f09c2afd9-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGYrLj7ZUu1zMwILct8KVEc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5701 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 394cf46e02b5ac2c99d525639be7cbc0797f7e11ccb25e52f62e17552ed2f158

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7311 38 KB
13 KB 3ms
2ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 89894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 10:51:59 GMT
expires: Wed, 18 Dec 2024 10:51:59 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/ Frame BD23 7 KB
2 KB 42ms
4ms Document
text/html 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1a2f08f4a405582f426262ad6fb10e8843a93bb4cb458a20e3466e0d5b2d937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 281962
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2340
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 05:30:51 GMT
expires: Mon, 16 Dec 2024 05:30:51 GMT
last-modified: Fri, 20 Oct 2023 18:31:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 5701 0
0 140ms
46ms Fetch
image/gif 142.251.222.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstuDXhDOZAi8ljTmtnnSxxhpMvuUTEWLIlaGf2zDkSRsVpemGZpAwBo0iYuAAxXQ6OLh9cSIzG-P6AYd6SuhgmxMXdFdBA7MJNL6KW28kICmbW1GAL1JZacw1C2JfcTulV_fyfQ2n0NmQNMufbfNmNCxalEfP2YCW1Fpgnp-7YRspurPwl2nZKOGD1_DYwGzaQUlTBySQ6n7GNXZCFJUyVicFdCmBuywsDMlT0Xq8ojNP1FO6TInAYnY7wes1CeKJSjk-CMszluwU_BQorUAw7TM20hz0mgI7xreY8o5jfVK0v4dGku6r334c_lzabb9JeMFuWR3BdKxQI9ZWNs0tipOXEHVGeIIKH6y55NbemVlNUxp0spK9M6Gyz63w6lvHhab_fiuFvvn2zBDA1AZk-xBz44lbqzQNcQRlUdqjYdH-u2RoSd0QvnQOxI73IdyBmuPYfM5sOj57xfEN7X6M6DsNqZlET5FdjCqLGr8h6_iZwo8JP0QnSAmwjPg0za8yb5-4v8-HvWe1YbJ5u2vRyGGJaD_7odsfsaBMKKe2ICvnRIv9_dP9xgY_8vPlAu3VUB3xtBXqhOYdJYdDBDYek2Xd9g0wBboHtWbkS0uxJIfg805Wvdmzl32rZ55CdyLpeVDcDGkXdLC7TDFNp1wReamMA2ldxRAO53_BxTEVlT3dTCGwcjGAGmbKR8dl5fMFC38ZYfv8NZmWV-stjL5RqHir1_BQtqt4ijXD328HgcTQDbpDML1NstuAXMW8ugjqxa2dJ1jwcWNq3BVF5YQ2aqdPpQcqXeAKHD41APgCDM3wlyM5eujHI2Mzbwx7CmcwJzjEhtgeDFQwXVDCMAVWXKDTC_LiDlQ5AH9m93akqlmer_IfBFhIbenG7MCc0bi_JkCtP77Igo4dNyi-1QoQ28ye-mp0w9a0rY3v5cafepjOmcZ1DZQvKBlzczZYMAg78g43lrr-RpmPJQI6waLq0ZYvAF9vjWptPIUhLMTAJlZxUkLoVaMczmDlxXCzgRqGvk4h1Dc0qn3O5Vi390uhM1jvX4f1xatfdZvCcYtEWQBJfig2oF0WP3gjtnnVifDeIku0OridK2aPADKPBr2EqgmwrWL5IqFYIgF8HmtokngPr7X7EbMcWl_MoyBJC2F9aag_ozZd70H9UP931PJ7nf0MEbDYQaaZoB0DICyQgh5FfZUemSvI1GbL-lPgvg4vmYMQaesCaTArnI21AzE_maEaNCoX2nx0orFhchdhZgpY7Q8DK8S6aerQ4L_rmC1hI9xmW_ydV2KQb9xUZxcEQgprb2NPy-m8uRruTtUMNvaO5PSwHW&sai=AMfl-YSzzL0d6_zQjB4J_EtKJ052kd2_bI6YX45A3ZOvq5cXMfnqp0W-gEZqQBQfELVbilbf6FljUkxU9gHFgIV-zehX9RG8CfJQhRAMdK3GU83hNV7ksAcRhtdMH6ukbm_uKDoPwgXDj100_9sZ-g0x2wdRBBptx0VCvfiR4WkhYDX9DhdvxkZv8NX1noeUvyJqQqbDaZin-kJmN9zM6vw7w9sTU9Twav-GQR_TlNLIksNgVPFdwSuot3ihTdBL7U6zXC0-odSlUrUhD-yo1tC56_fAy2tW2_QXS3Dpg9kxLzj3TAxE9iM-BTLyduW72OS8uoFvF4qehIuPvn73tmyzLPTM5BN3NZaGOOCRvRXscT7iXKa8imIW2eN2Y3wBGhere37qLL2ovjOzd0AITgDrEWZwPfxi0HHc33ntNGZ_7X-l79-dCaMYZXOBCuvlHSpSiXHSuBuXWyhWJYmKg_ZXQqdmpcbxnMfPh45bPZ2b9nAtk5-M-Ja4WMh_01xvSisBi2OEX__upYOG4Q&sig=Cg0ArKJSzGsy2Gfkqw_KEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9naWxlYWRoaXZ0b2dldGhlci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=105&cbvp=1&cstd=102&cisv=r20231207.67626&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED3C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
56ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:13 GMT
expires: Wed, 20 Dec 2023 11:50:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5664928361754120407
tpc.googlesyndication.com/daca_images/simgad/ Frame 5DE7 30 KB
30 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5664928361754120407?w=360&h=720&tw=1&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6b647ee54323d5982c050e7befa30f11fbe4b02668a1057a50923d41d730ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 05:15:45 GMT
date: Sat, 16 Dec 2023 05:15:45 GMT
x-content-type-options: nosniff
age: 369268
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30341
x-xss-protection: 0
last-modified: Sun, 07 May 2023 09:51:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 5DE7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 835bed40ed8224475a98424d5c556e2382aa6e8ca1a16db808c7f018ddd6987d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7311 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Dec 2024 13:19:30 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/ Frame BD23 61 KB
22 KB 10ms
8ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3247492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22334
last-modified: Thu, 25 Mar 2021 07:56:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "605c4223-f455"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZTktjQ8%2FSNLdJZF42XhIyhZ88YnXiQLzMZPv7TZdG7c75ndFfxq8CFnyuA%2FLt0QB3ccccrL2hY1RJCParQmOcxxsm8L9OTWHsFZwGNjKi0MB6N%2Bw3Vbo1qeG9UdqaValsvOrH2Z8otRtJ%2B4qf2PCqg2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8387aa9eaf433547-NRT
expires: Mon, 09 Dec 2024 11:50:13 GMT

GET
H3 200 image1.jpg
s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/ Frame BD23 27 KB
27 KB 5ms
4ms Image
image/jpeg 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/image1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9176ad8fec1e5e5e4b61176fdea525dac71f55e8f0db2972fb2ba78ec8752a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 19 Dec 2024 01:01:02 GMT
date: Wed, 20 Dec 2023 01:01:02 GMT
x-content-type-options: nosniff
age: 38951
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27461
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 18:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 image2.jpg
s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/ Frame BD23 17 KB
17 KB 6ms
5ms Image
image/jpeg 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/image2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a718529848cda09a89e4c25ede7bf3e70302d901f83172ec731e7ec11299b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 05:05:24 GMT
x-content-type-options: nosniff
age: 542689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16926
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 18:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Dec 2024 05:05:24 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/ Frame BD23 7 KB
7 KB 5ms
3ms Image
image/png 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e50c53670346d11fd2f4be0909d96d5f9d6fbf1560552cefd9a5e29b38773cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 15 Dec 2024 08:18:30 GMT
date: Sat, 16 Dec 2023 08:18:30 GMT
x-content-type-options: nosniff
age: 358303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7279
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 18:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 t1.png
s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/ Frame BD23 12 KB
12 KB 5ms
3ms Image
image/png 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/t1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3010e3256031d911db478312c02550e17ba10e3a06ea9dbf700040b8e1e8d749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 16 Dec 2024 05:30:51 GMT
date: Sun, 17 Dec 2023 05:30:51 GMT
x-content-type-options: nosniff
age: 281962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12429
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 18:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 t2.png
s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/ Frame BD23 6 KB
6 KB 9ms
5ms Image
image/png 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/t2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668a7bcff19fcd734183f3fc2feee0866b8eb19760d787e76eb27693711c6928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 01:05:07 GMT
date: Fri, 15 Dec 2023 01:05:07 GMT
x-content-type-options: nosniff
age: 470706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6094
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 18:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 t3.png
s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/ Frame BD23 7 KB
7 KB 3ms
3ms Image
image/png 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/t3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9665290de3744085bd3a1209d37bec4b3e4864c49e649ec5e388bfb379ac800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 16 Dec 2024 05:30:51 GMT
date: Sun, 17 Dec 2023 05:30:51 GMT
x-content-type-options: nosniff
age: 281962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7145
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 18:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 t4.png
s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/ Frame BD23 9 KB
9 KB 4ms
3ms Image
image/png 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/t4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

777b7455784ec64cb3efc99cd21f399cb23186ac5d6933028b6dcf1b2c23bf51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 19 Dec 2024 03:39:35 GMT
date: Wed, 20 Dec 2023 03:39:35 GMT
x-content-type-options: nosniff
age: 29438
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8986
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 18:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 t5.png
s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/ Frame BD23 4 KB
4 KB 3ms
3ms Image
image/png 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/t5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b4d91d4695f6a99ca0b206db4c143f55c520df8972a3cb861fa586e88ef7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 14 Dec 2024 01:05:07 GMT
date: Fri, 15 Dec 2023 01:05:07 GMT
x-content-type-options: nosniff
age: 470706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3644
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 18:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/ Frame BD23 6 KB
6 KB 3ms
3ms Image
image/png 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd1c560cd3b7c91e91f49d437b2ed8fe09a4c436fd247da021f90cf50f665c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 19 Dec 2024 03:32:31 GMT
date: Wed, 20 Dec 2023 03:32:31 GMT
x-content-type-options: nosniff
age: 29862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5661
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 18:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 legal2.png
s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/ Frame BD23 6 KB
6 KB 3ms
2ms Image
image/png 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/legal2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e22154d4794686c8c5195e975abd63c4ff7ad42d8712e8e589a272c78c110180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13110558384285733863/1032729-1-Gilead_France_Banner_V2_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 16 Dec 2024 05:30:51 GMT
date: Sun, 17 Dec 2023 05:30:51 GMT
x-content-type-options: nosniff
age: 281962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5751
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 18:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CB4 50 KB
19 KB 3ms
2ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 13:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 427639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 13:02:54 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5DE7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkG3m89SCZbHlHY-Fid4Pje642AiGhMicc7GZ0OCZErma_9roGhABIMOm5R1gifPFhPQToAHPm8-iAsgBAakC7LikvCrnPT6oAwHIA8sEqgTXAU_QvqFlyxWBZ-1tVkaPPzt2xw_M84R3hkO...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3995bc9e8e4082720000000000000000%22,%222%22:%220xb23e3ba5a31257f60000000000000000%22,%223%22:%220xd2126d...

0
0

40ms
39ms

Fetch
text/css

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3995bc9e8e4082720000000000000000%22,%222%22:%220xb23e3ba5a31257f60000000000000000%22,%223%22:%220xd2126d429318a6810000000000000000%22,%224%22:%220x7781cf8eb18bf05a0000000000000000%22,%225%22:%220x79dfced0e1d8556a0000000000000000%22},%22debug_key%22:%229564511640781987539%22,%22debug_reporting%22:true,%22destination%22:%22https://kirishima-yuusui.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22609471951%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229118964740557127425%22}&andc=true

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bom05s09-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x3995bc9e8e4082720000000000000000","2":"0xb23e3ba5a31257f60000000000000000","3":"0xd2126d429318a6810000000000000000","4":"0x7781cf8eb18bf05a0000000000000000","5":"0x79dfced0e1d8556a0000000000000000"},"debug_key":"9564511640781987539","debug_reporting":true,"destination":"https://kirishima-yuusui.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["609471951"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"9118964740557127425"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 11:50:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3995bc9e8e4082720000000000000000","2":"0xb23e3ba5a31257f60000000000000000","3":"0xd2126d429318a6810000000000000000","4":"0x7781cf8eb18bf05a0000000000000000","5":"0x79dfced0e1d8556a0000000000000000"},"debug_key":"9564511640781987539","debug_reporting":true,"destination":"https://kirishima-yuusui.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["609471951"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"9118964740557127425"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame 47E3 721 B
532 B 6ms
5ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8PXgZwd+47LIQZAIO7K6FA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 393
reporting-endpoints
x-fb-debug: rifTKFUgQJPlA0uwnsKWRIxTBWfARa8aa0LEt+XDH0jJd4bafn1uaF+fC2yvNY3rMyFZrH0Wr3Vyv20w2ZLLtg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Thu, 12 Dec 2024 21:44:31 GMT

GET
H3 200 OkQEuDSv139.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ Frame 47E3 110 KB
19 KB 9ms
7ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/OkQEuDSv139.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

077ba19da8900544b2adaca3f2da24093b15b172bdd262cb65dde9eb84f3188a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2DOqnFPPeWyHmYcrdmZmcg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18936
reporting-endpoints
x-fb-debug: PCbdz9ZuMrdtDxd2+0UwA5GvM6Ca2irgnCSWhgLCQ2NTawWpD7TNCm2FKeFVUp87CMPbtQIURaBSa3KEfButrw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Sun, 15 Dec 2024 23:23:38 GMT

GET
H3 200 M-4NM50a-iS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ Frame 47E3 355 KB
92 KB 11ms
9ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

815feb5a3c616eecf145c2d70b428bd7f93854b19bd745bf8d0e91e1f24fd26b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iwdBQhZ4wq3YVbHj5W6VNA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93963
reporting-endpoints
x-fb-debug: IhJrQ2dLRCZoP/78d2M/pBbGfoiWmJyPhq76mEAYwPu3Cn+YskN/USJYiQQ2WVZZPCNOOYN2og3k+1eAwQBcRg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Tue, 17 Dec 2024 23:09:59 GMT

GET
H3 200 I_DrTecIaBB.js Show response
static.xx.fbcdn.net/rsrc.php/v3ij9m4/yj/l/en_GB/ Frame 47E3 150 KB
42 KB 12ms
10ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/yj/l/en_GB/I_DrTecIaBB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d92761b8e8329fc86fac6fac223bf29d70f3510467a7d951372661427dda9a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HJ8qXUasvM9b6F+g+0KUyA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 43018
reporting-endpoints
x-fb-debug: u79OPiLiyshmJX5PwjGFg00EnPxO1+oPoghnRQzjtD4EYwSxGkF9OGPCpLSsCVbg42v3D08SaI/51ymJj2WWOw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Wed, 18 Dec 2024 23:36:05 GMT

GET
H3 200 OpcOOPNlAZJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iMWt4/yY/l/en_GB/ Frame 47E3 1 MB
282 KB 18ms
16ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iMWt4/yY/l/en_GB/OpcOOPNlAZJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8d354f0f499ec35a82e7abf56a36e7f5c6114c7fb8b1b4d6bcd2c62dc55ffa6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lEKZR0UGrHT0VdoK5wW/Mg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 288709
reporting-endpoints
x-fb-debug: gr0WcvNbzjFXrCnW1uTChGv5q/RZPdvfSMmlLKGsom8pfM1vj6m/zZPpnMKpTiXWRx2pxz6GwEYjgshvDTAYMw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Tue, 17 Dec 2024 23:11:01 GMT

GET
H3 200 ECxExa-RovS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 47E3 3 KB
1 KB 14ms
12ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/ECxExa-RovS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0dc52873979ca16619b47da64b0ca990250daa89a2513074c8cf37f8ca3fe46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o/flr4A+26WfqsBJwlkB1g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1361
reporting-endpoints
x-fb-debug: nzxK0cvA08eCAoXAkKpV2u6rALuCZovWaz10VfU/Vp15nkzfdBf8/LoLx6dSp1S+jwH6xYJI4uMl+weuwpCykg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Wed, 18 Dec 2024 17:33:05 GMT

GET
H3 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 47E3 507 B
431 B 15ms
13ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 05 Dec 2024 18:53:20 GMT

GET
H3 200 RNKEmZtxiH4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 47E3 28 KB
9 KB 15ms
13ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/RNKEmZtxiH4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a451b0af3e320da920e4d5f9762cde37e0f1418f86551712a8e570bb0ff63b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EAX7a+To0c3gvqLj2SZ43g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8616
reporting-endpoints
x-fb-debug: ZKxpF2EKdYNF40ISJnKuReAFITKQm2DgEYprwomQpEI+MgWFt+yudqx6F+aubww60U/R3wTbh38D4HBV85ICsw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Wed, 11 Dec 2024 16:41:38 GMT

GET
H3 200 A26OeqL15Mp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame 47E3 58 KB
16 KB 17ms
15ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/A26OeqL15Mp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6cddb0acb8765d10d69cd416b80ae7c8a9cb35333f4569c4aac932c2e396ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hAHu/efVQlxvbPr8YcLnNg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16011
reporting-endpoints
x-fb-debug: S/iGUnbQB3n/zon4ZCfNWXnRNZZRb2dAQfzAepqxVtxnsOlagTv2sHsi7PrKCCl0hyu1OYm5Pb4yuz06VtZ9bQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Fri, 13 Dec 2024 00:17:57 GMT

GET
H3 200 Zc3fdFiL7rS.js Show response
static.xx.fbcdn.net/rsrc.php/v3iCwx4/yW/l/en_GB/ Frame 47E3 44 KB
13 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iCwx4/yW/l/en_GB/Zc3fdFiL7rS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b208dcfd36d007a8b5cc2ed9235e0b41a90c035ceb404b365727bc45bba70c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ztqC45u8QoqFxRl5cl1Qmg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13295
reporting-endpoints
x-fb-debug: XoA8eWde8Q37fzolW8DChLggeXx9SkXlDxq+8KsiQp9aPqGQSfqJDv70qt7593wa1m2qWwEaUM8qNB1p+k0qHg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 03:30:31 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 40ms
39ms Preflight
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bom05s09-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 11:50:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 5701 0
0 43ms
43ms Fetch
image/gif 142.251.222.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstuDXhDOZAi8ljTmtnnSxxhpMvuUTEWLIlaGf2zDkSRsVpemGZpAwBo0iYuAAxXQ6OLh9cSIzG-P6AYd6SuhgmxMXdFdBA7MJNL6KW28kICmbW1GAL1JZacw1C2JfcTulV_fyfQ2n0NmQNMufbfNmNCxalEfP2YCW1Fpgnp-7YRspurPwl2nZKOGD1_DYwGzaQUlTBySQ6n7GNXZCFJUyVicFdCmBuywsDMlT0Xq8ojNP1FO6TInAYnY7wes1CeKJSjk-CMszluwU_BQorUAw7TM20hz0mgI7xreY8o5jfVK0v4dGku6r334c_lzabb9JeMFuWR3BdKxQI9ZWNs0tipOXEHVGeIIKH6y55NbemVlNUxp0spK9M6Gyz63w6lvHhab_fiuFvvn2zBDA1AZk-xBz44lbqzQNcQRlUdqjYdH-u2RoSd0QvnQOxI73IdyBmuPYfM5sOj57xfEN7X6M6DsNqZlET5FdjCqLGr8h6_iZwo8JP0QnSAmwjPg0za8yb5-4v8-HvWe1YbJ5u2vRyGGJaD_7odsfsaBMKKe2ICvnRIv9_dP9xgY_8vPlAu3VUB3xtBXqhOYdJYdDBDYek2Xd9g0wBboHtWbkS0uxJIfg805Wvdmzl32rZ55CdyLpeVDcDGkXdLC7TDFNp1wReamMA2ldxRAO53_BxTEVlT3dTCGwcjGAGmbKR8dl5fMFC38ZYfv8NZmWV-stjL5RqHir1_BQtqt4ijXD328HgcTQDbpDML1NstuAXMW8ugjqxa2dJ1jwcWNq3BVF5YQ2aqdPpQcqXeAKHD41APgCDM3wlyM5eujHI2Mzbwx7CmcwJzjEhtgeDFQwXVDCMAVWXKDTC_LiDlQ5AH9m93akqlmer_IfBFhIbenG7MCc0bi_JkCtP77Igo4dNyi-1QoQ28ye-mp0w9a0rY3v5cafepjOmcZ1DZQvKBlzczZYMAg78g43lrr-RpmPJQI6waLq0ZYvAF9vjWptPIUhLMTAJlZxUkLoVaMczmDlxXCzgRqGvk4h1Dc0qn3O5Vi390uhM1jvX4f1xatfdZvCcYtEWQBJfig2oF0WP3gjtnnVifDeIku0OridK2aPADKPBr2EqgmwrWL5IqFYIgF8HmtokngPr7X7EbMcWl_MoyBJC2F9aag_ozZd70H9UP931PJ7nf0MEbDYQaaZoB0DICyQgh5FfZUemSvI1GbL-lPgvg4vmYMQaesCaTArnI21AzE_maEaNCoX2nx0orFhchdhZgpY7Q8DK8S6aerQ4L_rmC1hI9xmW_ydV2KQb9xUZxcEQgprb2NPy-m8uRruTtUMNvaO5PSwHW&sai=AMfl-YSzzL0d6_zQjB4J_EtKJ052kd2_bI6YX45A3ZOvq5cXMfnqp0W-gEZqQBQfELVbilbf6FljUkxU9gHFgIV-zehX9RG8CfJQhRAMdK3GU83hNV7ksAcRhtdMH6ukbm_uKDoPwgXDj100_9sZ-g0x2wdRBBptx0VCvfiR4WkhYDX9DhdvxkZv8NX1noeUvyJqQqbDaZin-kJmN9zM6vw7w9sTU9Twav-GQR_TlNLIksNgVPFdwSuot3ihTdBL7U6zXC0-odSlUrUhD-yo1tC56_fAy2tW2_QXS3Dpg9kxLzj3TAxE9iM-BTLyduW72OS8uoFvF4qehIuPvn73tmyzLPTM5BN3NZaGOOCRvRXscT7iXKa8imIW2eN2Y3wBGhere37qLL2ovjOzd0AITgDrEWZwPfxi0HHc33ntNGZ_7X-l79-dCaMYZXOBCuvlHSpSiXHSuBuXWyhWJYmKg_ZXQqdmpcbxnMfPh45bPZ2b9nAtk5-M-Ja4WMh_01xvSisBi2OEX__upYOG4Q&sig=Cg0ArKJSzGsy2Gfkqw_KEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9naWxlYWRoaXZ0b2dldGhlci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=360&vt=11&dtpt=255&dett=3&cstd=102&cisv=r20231207.67626&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5664928361754120407
tpc.googlesyndication.com/daca_images/simgad/ Frame 27BF 30 KB
30 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5664928361754120407?w=360&h=720&tw=1&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6b647ee54323d5982c050e7befa30f11fbe4b02668a1057a50923d41d730ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 05:15:45 GMT
date: Sat, 16 Dec 2023 05:15:45 GMT
x-content-type-options: nosniff
age: 369268
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30341
x-xss-protection: 0
last-modified: Sun, 07 May 2023 09:51:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 27BF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa8d5bf31ab9b6654cd76bf8b6bc05d852670a2be8c10e15640052fd930605d8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 0658 50 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 13:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 427639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 13:02:54 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame E807 50 KB
19 KB 3ms
2ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 13:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 427639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 13:02:54 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 27BF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CgoMR89SCZbLlHY-Fid4Pje642AiGhMicc7GZ0OCZErma_9roGhABIMOm5R1gifPFhPQToAHPm8-iAsgBAakC7LikvCrnPT6oAwHIA8sEqgTXAU_QE8jRiMAE8Sg__7l-tzboqJqvEqUtG7J...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3995bc9e8e4082720000000000000000%22,%222%22:%220xb23e3ba5a31257f60000000000000000%22,%223%22:%220xd2126d...

0
0

42ms
42ms

Fetch
text/css

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3995bc9e8e4082720000000000000000%22,%222%22:%220xb23e3ba5a31257f60000000000000000%22,%223%22:%220xd2126d429318a6810000000000000000%22,%224%22:%220x7781cf8eb18bf05a0000000000000000%22,%225%22:%220x79dfced0e1d8556a0000000000000000%22},%22debug_key%22:%224899639652446801342%22,%22debug_reporting%22:true,%22destination%22:%22https://kirishima-yuusui.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22609471951%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221126935815090394945%22}&andc=true

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bom05s09-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x3995bc9e8e4082720000000000000000","2":"0xb23e3ba5a31257f60000000000000000","3":"0xd2126d429318a6810000000000000000","4":"0x7781cf8eb18bf05a0000000000000000","5":"0x79dfced0e1d8556a0000000000000000"},"debug_key":"4899639652446801342","debug_reporting":true,"destination":"https://kirishima-yuusui.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["609471951"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"1126935815090394945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 11:50:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3995bc9e8e4082720000000000000000","2":"0xb23e3ba5a31257f60000000000000000","3":"0xd2126d429318a6810000000000000000","4":"0x7781cf8eb18bf05a0000000000000000","5":"0x79dfced0e1d8556a0000000000000000"},"debug_key":"4899639652446801342","debug_reporting":true,"destination":"https://kirishima-yuusui.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["609471951"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"1126935815090394945"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 911F 42 B
64 B 42ms
42ms Fetch
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY7NnRvTBfUZupeKrj3SrSKvzI4jkJSvyFHAK-rz-evJLc_rBuASqGak5OVs_3x0f6VCssr51AByfgFmgxqkbtsp5hfcO2SxzMC4r6sZYeem_nC7Y7rhDNejq-aHFSAfjM0uEtkDS1vSLZQIuJhmGW6Ssv&sai=AMfl-YTGmln8hktaUPUfQtTglodo8iQjhwWnM3zSEFSblEr5yipd9ZV4YaBmBJODl9YsDVXuB9bdm2aOMRyIzNsz8thKKrGcHJcESY4aY0TPzGCm7r3YfumWCm5SC-xcR8LAkMW3cTIvlKuOCxiC4uEh&sig=Cg0ArKJSzImFQaqGS8OlEAE&cid=CAQSTgAvHhf_KK2ULyNOrgdq14JjCXW2_yT0c34uC2pqhW6Fbov73pvCPZfUDfvahNCBDp6rvexKt4qpTRaigtYtxCP5Qi2fnL5jk3KW1FpiehgB&id=lidar2&mcvt=1023&p=0,0,200,940&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1158759801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703073011462&rpt=1317&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 uoWAUtlL8pn.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame 47E3 1 KB
654 B 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/uoWAUtlL8pn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/M-4NM50a-iS.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac1f9ffe1dc38624fe3d9106ec403da31711273604be5aae00a43278fd752c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pn5MeApNp1wyeqM1DbSjGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 514
reporting-endpoints
x-fb-debug: RRPPkoT53d+xxp8Neg3wMA7PZkK+XHD0GZyq3to9yOsfnfXh51NrCQA+qYWfGLveaqsj7V5Z6YNb0A4/ncuZaQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Tue, 17 Dec 2024 17:23:19 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 43ms
42ms Preflight
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3995bc9e8e4082720000000000000000%22,%222%22:%220xb23e3ba5a31257f60000000000000000%22,%223%22:%220xd2126d429318a6810000000000000000%22,%224%22:%220x7781cf8eb18bf05a0000000000000000%22,%225%22:%220x79dfced0e1d8556a0000000000000000%22},%22debug_key%22:%224899639652446801342%22,%22debug_reporting%22:true,%22destination%22:%22https://kirishima-yuusui.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22609471951%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221126935815090394945%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bom05s09-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 11:50:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9848 42 B
64 B 42ms
41ms Fetch
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqkw250ReCGhMZkwpGWvGtbjrgBExxhQdUuT0T0e6yPH-TUthGvbHURnZloJATssVe7qMgnEfFMH7AnL36dgljHB0X9DLmIgGkmVaS7Z8vW07hMR6j-1nlCsP14lN50cGSX90P-WDmZMBLV1XQbDmgLxXQ&sai=AMfl-YSwo7WYWC3ZLkGE9fJUeKemGqdaNnwTJVXrJys0znPiWjAuG5aMnxIsX_Tbn8qRnCoEfMDwQtjsQmmBGkw5zmt5Mz6scTsxFIBL1L3JI1aSbEICfWJ-sZGnO210wasKdgZEHX_3fvLLm-5c5WZU&sig=Cg0ArKJSzHKY9Kp2gkwoEAE&cid=CAQSTgAvHhf_j4EH6cvT7PDYm0QYVI-6iyAhNU_vA8SmI0zWXOe3JlKDZrZZJV501omjkX16HbNjzVHFQn0Pj6KXgKL75E1bFSbU0AXsVtzS3BgB&id=lidar2&mcvt=1036&p=0,0,250,300&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2266820169&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703073011467&rpt=1413&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JZUNEvdo8io.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 47E3 57 KB
57 KB 3ms
3ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/JZUNEvdo8io.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/OkQEuDSv139.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b55a9e4a8ee877aedcffb5e76f6d1fded8260177ae8f72b5bbc3cde8a7ddcd10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/OkQEuDSv139.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
content-md5: 8KvuQoZujxOjzxw3/WYnxQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58367
reporting-endpoints
x-fb-debug: smDB5pJEQSd11ysDgMHIUvs1Z6HsQiX1nRZWxnqu2UxSiEhWCEPEzjo3sqjx7ZEmz91ABHKoebQ/noXPYDoeaA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Dec 2024 18:26:42 GMT

GET
H3 200 1f642.png
static.xx.fbcdn.net/images/emoji.php/v9/t4c/1/16/ Frame 47E3 480 B
620 B 5ms
4ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/images/emoji.php/v9/t4c/1/16/1f642.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

790febcf2123f481b536e9443d1843fb4fca516886c4df9ebbaa45c6c2e1f393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
content-md5: vVk4MGJSkMeB6vn2kaVICg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 480
reporting-endpoints
x-fb-debug: MAbzv3+DZZEuTxepozAnb9h+oPj6yNtBHRPQRdAZXCDbarvExCYc1hC8iyyw1u4Qteicyh/W+CiIDfn4jafadw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy: same-origin
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Dec 2024 17:30:22 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 47E3 1 KB
1 KB 3ms
3ms Image
image/jpeg 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:13 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1131
reporting-endpoints
x-fb-debug: O+AOtmyuLb3SHryaw8VHQ6nRD6PqlE9sXVT6Lj4wCOtnyrIoOhki2IX5GHrU3lRDjGE0DMXBbZbWJfE90kK2PA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 12 Dec 2024 20:07:22 GMT

GET
H2 200 401659875_6703213746413504_5641985060773046276_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/ Frame 47E3 2 KB
2 KB 824ms
405ms Image
image/jpeg 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/401659875_6703213746413504_5641985060773046276_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=106&ccb=1-7&_nc_sid=4da83f&_nc_ohc=Bq3RmNGEO40AX8nKFCv&_nc_ht=scontent-iad3-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfB-U0yKqROIhdUicTZozZWl2rsFrUf3uQLNfKRHk62JWw&oe=65881C15
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 381db1a47335dd5b5f982729cb57029d9a57f730f52a367e4f36bcb14941bfcb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 15 Nov 2023 11:13:50 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2823826224
thrift_fmhk: GBBvVb2VdoLoDcWjQwD6DFyJFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4291900955
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1623

GET
H2 200 246954853_10158496686154632_7425325893956703944_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/ Frame 47E3 2 KB
2 KB 224ms
222ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/246954853_10158496686154632_7425325893956703944_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=104&ccb=1-7&_nc_sid=4da83f&_nc_ohc=PFpU3guz75UAX8KAOfo&_nc_ht=scontent-iad3-1.xx&edm=AJqh0Q8EAAAA&oh=00_AfAcxEkFvSYyNc3wbwVHRXmlI5YsnMu0iyIPn3LslZr7Kg&oe=6586D888
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 59bcd53a08e399ecdfad42ab10c8b6f15abdd14e9192e4024a364e3d4d4534ef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 18 Oct 2021 09:46:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1947876079
thrift_fmhk: GBDQTbOVOaqEiyQT5EJc4yQWFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3549813919
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1679

GET
H2 200 321228303_730425441764111_2363840280933130731_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/ Frame 47E3 1 KB
2 KB 822ms
403ms Image
image/jpeg 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/321228303_730425441764111_2363840280933130731_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=103&ccb=1-7&_nc_sid=4da83f&_nc_ohc=A1Bko2_W6z0AX91i591&_nc_ht=scontent-iad3-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfCHzvyLByrRz4CUOTi3iQWx0oFifBr-1IeXPzedRrzP2A&oe=658773F6
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 06959a8e30d493fef9b942cf5403afcca1bc79b86332325f2b747d3c5dd9f10e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 22 Dec 2022 13:20:42 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2601442055
thrift_fmhk: GBDBlSdaCnF4WvcOpSR4sPN6FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3687345651
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1446

GET
H2 200 394818938_197267666748544_1748955313559246358_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/ Frame 47E3 1 KB
1 KB 223ms
221ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/394818938_197267666748544_1748955313559246358_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=Yk6z8sAUcOMAX-8E50G&_nc_ht=scontent-iad3-1.xx&edm=AJqh0Q8EAAAA&oh=00_AfCLgLz78TWN5u-xl9-8rEPKhuS8w_zMMcyYjgr_FhDb7g&oe=6586D9F7
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 865d3da6231f7d506bf80e21590eacdf83ed8c4b4c0af4b09f3d8ffb4eebf72e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 23 Oct 2023 08:55:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2737062699
thrift_fmhk: GBB/J6QzD1VyGFFfYvmF+5WkFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4018794760
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1167

GET
H2 200 556063_4219491719371_158334285_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t1.18169-1/ Frame 47E3 1 KB
2 KB 240ms
239ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t1.18169-1/556063_4219491719371_158334285_n.jpg?stp=c4.4.48.48a_cp0_dst-jpg_p56x56&_nc_cat=107&ccb=1-7&_nc_sid=db1b99&_nc_ohc=yjDE38quGOQAX-vKPBx&_nc_ht=scontent-iad3-1.xx&edm=AJqh0Q8EAAAA&oh=00_AfB62iCUhVONNRYRvw6jldsowEzms6DoK--1YZq5A0m4Pw&oe=65AA5A26
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1f867034080df98f2ff4dc99888eb5cdc3ed1214466315f22a476c7e03bd2203

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 03 Oct 2012 00:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2025174364
thrift_fmhk: GBBufspRO3KHLslORO/HCZ2uFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2460155509
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1425

GET
H2 200 45846957_10216243081863652_7994321197544243200_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t1.6435-1/ Frame 47E3 2 KB
2 KB 822ms
404ms Image
image/jpeg 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-2.xx.fbcdn.net/v/t1.6435-1/45846957_10216243081863652_7994321197544243200_n.jpg?stp=c0.160.754.754a_cp0_dst-jpg_s48x48&_nc_cat=105&ccb=1-7&_nc_sid=db1b99&_nc_ohc=lNjqro_KBY4AX93urTH&_nc_ht=scontent-iad3-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfBu9jNZH6nkpQjGZRr9UnC_3Ws1fNXr8sBTshKJhJ0SXw&oe=65AA4005
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: aa857b6dc0c9fbba5f9aefc95bb6106a4e97963138d73bba0f74f692b9ab2724

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 09 Nov 2018 15:09:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3868211856
thrift_fmhk: GBDXMLyumjArX5o6fkCZ6tvUFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1714544349
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1660

GET
H2 200 210304794_4439606292756919_6267894195583289308_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t1.6435-1/ Frame 47E3 1 KB
1 KB 629ms
211ms Image
image/jpeg 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-2.xx.fbcdn.net/v/t1.6435-1/210304794_4439606292756919_6267894195583289308_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=109&ccb=1-7&_nc_sid=db1b99&_nc_ohc=XQVvZ6op90EAX8r0tA3&_nc_ht=scontent-iad3-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfCAzPvbw8TW1XybRz3YWpmH1oiH0n2rwSujR7v-MNg-ug&oe=65AA4683
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 711c690368186e368be2d73093ca8fc9f416544e22e588e234fd434a80d5585e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 03 Jul 2021 09:05:55 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=562266521
thrift_fmhk: GBCo3ZGqk2cWa/1wOLOff5sZFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4141308268
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1299

GET
H2 200 22310168_1502661979803070_6762648421143474675_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t1.18169-1/ Frame 47E3 1 KB
2 KB 242ms
241ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t1.18169-1/22310168_1502661979803070_6762648421143474675_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=102&ccb=1-7&_nc_sid=db1b99&_nc_ohc=oNOjMyI04SAAX-4AnNx&_nc_ht=scontent-iad3-1.xx&edm=AJqh0Q8EAAAA&oh=00_AfBI1MHK9P8z5Re3A6n9zzYnXJtn8RhOQ2YDnQRxH-oNNg&oe=65AA3233
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1a745f40d06d542b3ef0542269eaa7195f26b13580896a62c18024e3101e53ad

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 15 Oct 2017 14:06:17 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2095825023
thrift_fmhk: GBDbXkWIdBgBDTjzHXrkcW+LFa6g3sMEAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1716786182
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1420

GET
H2 200 143086968_2856368904622192_1959732218791162458_n.png
scontent-iad3-2.xx.fbcdn.net/v/t1.30497-1/ Frame 47E3 1 KB
2 KB 622ms
204ms Image
image/png 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-2.xx.fbcdn.net/v/t1.30497-1/143086968_2856368904622192_1959732218791162458_n.png?stp=cp0_dst-png_p48x48&_nc_cat=1&ccb=1-7&_nc_sid=db1b99&_nc_ohc=YUP9h2YH5zkAX-OftXH&_nc_ht=scontent-iad3-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfDiiXj7att1RqZJ1DWp-GmFjv9f3EwzwMrrOI_uSkjQXQ&oe=65AA5538
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a8eb0a0b7cb7f5a2c06f9edc03c06c9891363db33f1ec8661d362b440b946fa1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 27 Jan 2021 21:09:20 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=1099843478
thrift_fmhk: GBAH5whEHYIZjx0V4uk+JzKgFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2193203146
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1280

GET
H2 200 28056680_10204243102034841_4438830158681974574_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t1.18169-1/ Frame 47E3 1 KB
1 KB 240ms
240ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-1.xx.fbcdn.net/v/t1.18169-1/28056680_10204243102034841_4438830158681974574_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=107&ccb=1-7&_nc_sid=db1b99&_nc_ohc=fV9i7XXxcvwAX99399v&_nc_ht=scontent-iad3-1.xx&edm=AJqh0Q8EAAAA&oh=00_AfDVCWG49CdbKRjXTT35Z9YqDwuNLGBn56axFE9EBfEEnA&oe=65AA412F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f89bbb9a89d2%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e9ab8ba933e5f1910ed0ce119436ca0f06703bd2e9f6ee0ec9513d2115baffa0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 19 Feb 2018 05:42:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2817895114
thrift_fmhk: GBDzvqzcG74VTNpfAiUc8z1RFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1913751644
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1370

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1607374832718903&bg=!wsGlwY7NAAY3kmNgF5I7ADQBe5WfOIzcQ5k2DCA0ufzrAMW1iQ6RlJbtCz4neJYkJ6gG_utXVC1p9ae8SXqtui26EwLEAgAAAPtSAAAAAmgBB5kC2z-LV7QLGUQGkiFSgqeaiGMbkJ1HRLNy162n_6uktQctP4Mf_jjW-ZZBL86-c9Z5NPaPuUr6cjdcFzDBW5ze3_XwhXUqHrww_6vj2ASbJ5w-Xi0OyYMzPuhwSAaxJvNZKsewxiE-Ma7qdFfJSmiVY2q8wztXQkGquEPrccyc5m0EL1mtRzW9zANM-9s9lz95pxmh_UJaDOxJORMQ0KfVaFEX-xQ2PeZuJbt4naZVsRwbdCnuHu3Ng3hLUvSL1-79ocU5J95FE9_h-ptcZiCCRpPPiM0zOPaUJnw6dB7fzeRJLuqPW9rAW7vlSDQRxGMm9fhEcQ3R-eyflf-Cy1HH_9jkh_pkBq0YSn0Ip1TKKgnG14W-m0iQw3SOogh2ldnqndHy_kbL_r4ONimG0WOarXz9ZiN20l_F6jtAOzASX3-ypSrKtRaDHVoWJdpxxNLwqtghFf1hH56vQHy27G3K5xWzrOMJFs3FiG3_QetkcaNJP5C0HJSRbjTOLykzRbkAlfB-9XTugpCChkxTcQquKYFFZiEPMq32tWUw7MQrrnMRuVrt9fb-WaJcOQoaDcbIYcuVFP_xU5ks9efNYurwdjl8RGIQx7rtVqgGP8K3wj3aciBjvGCiAjtxKP97KxfnxtOuZ4RBKfEYeLvi3t3l8KbHc-XYedQ0EDObW54l3BYDVsx015Ja6Omp4lU8Wiy5hx40AAiKg6phto8ClnkbYzPoD16YJRVU1AZ1JX29p4jGJcVnHFfC5CVuJ6L5BgdeD_twRHfC46gnI_3ni2WWPHkgjgYEVm3T5ivNsBbPb4wWqhh7ANA5xQ-ftAxyqUKsCADt8FF0kKmQwEXCwiA4Ga9up7VrUMF3BlraHWluO6xM5P_vlrmy3-HQ3vzxcEzE3sWpOMOEfMQkcEqkkHdnbO3WhyL_GB4ptxIrTlxpe58P8ROJoekxnWiWizpZiXJn-LdeZE2EHp4s39Gi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7311 0
20 B 46ms
46ms Image
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BE16u89SCZbPlHY-Fid4Pje642AgAAAAAOAHgBAI&bg=!m5ilmNfNAAY3kmNgF5I7ADQBe5WfOG30eZA0CFl8q2TKdPylIl52nfCYSuxyNTyCUtZh_jMXK9Ot8OEtHI-4pOwBtHjGAgAAAYVSAAAAA2gBB5kDKtcMZwoEbsRWWbw4j2VSwtu1AUJ090s_u37oXuMecS_TvNU4xNB6-JwMua0du3SB6smiyJmxu_zXix9S3Rn_NcPWbf5H4d444u9JsDl0SIjyr0Zl9OBRcsI0pB2jydkDoaisNbP5S8N4EXqDFTg31JONyUnNbLzD54PNaWO2lf8u6TSD64q3idnQIJBeLgrkMR2bq-ivymPJmjDinvbpawJQMrV6ndT9nP1CFpACKyY0jiBGSZSg1L5WzuZyjK_lylwRZQ88Y2cHTNm3PuMwsc_2wLuj3642JxXWUWKyifCiRHPgiE6mx-M5JH1UbSEKsNqE70OK9JeS6bpLtLZr3ClIfqgIOtNGLJ9YDd9oGyHbiQJnb4Za2DiYniQwHmAJfCZA3lvhCi5NkysYqe0QTgnYedTU7m75YF_Y49tWDqPbkwVS4hUG-Q48dadD7q_SrPijRbDeDSNSaPfrZFnW_jwWj0VXdG-CIQWpy0lyI2HMqwn9glSUN0cHO_dlADSQxHCclqt4VqMe0DUrFJcrvETgAp8v9Bd5XdNscm2pag3f9HdVsUpgkWl3EzhYd7WH-NqA3XpsLvkbNsUT_iyJ3xsw7_01cV74QlRl658k00MbGyE9Tou1_LZkd3WfBigie1Ph0e5qhBcnZ0TgyE8uWRBwcTM4A3FazWRN6hGCT4huslaaPFbE70MY-xDRDjfvBaTWCd4zyJm1EVVhOROP5CeC1_N41lqYWUXsBp4il4zi6aMkqfaIuJh8_a7I9WSF-iS95_m_k4_C__xsWPdUQZlOT07daG0EZ0IPUORMU1YRZxA50rh8F4iO6Gc98HIJyh0ZakUsxdK0_yofg2c5SMi9GyfvYB2bN6P2NRJo68P7RYpJJxFgkTFnKrpf4kgpS4kr0-lz2qrS2oALoEwHPPsJ5e353E9Rx3nIjZLHZMBGtLCA3_dJaEtB1VUbpg6qyCnx98eIuxPWEK66mkDsrrrQ_M6fUC6L3xnCa6Dn7PzDqsBH6VY-ew2VzNSPm18TKuA4JdbXI92NSrQAPqRYDfLYzsNwif7tT366cYDK6ExtUNOFdllL4TRi-Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 53ms
51ms Image
image/gif 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.3331665238277322

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-62EABNLuUShkaCBdE4P9XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-62EABNLuUShkaCBdE4P9XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 50ms
49ms Image
image/gif 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.644232313843633

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WYltibjt4jGfbEiUOpQ5Yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-WYltibjt4jGfbEiUOpQ5Yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5DE7 42 B
64 B 45ms
45ms Fetch
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyv1IE_dFFkyNR1mQIkzRrNJ92avwx9VFnl2vKdZVefUIxqjExBaSCG_2ZB54yIPeaT65mFVrM49-Hl017Y9FDrci9su0d-kQIBigsN2--S-5w5J51nchduP1BHZAoKN6eB8G7569ZqllcIgWJ-MtspWeN&sai=AMfl-YSUDJJq9L32e2_hFeSTjldtoku2msMIH43oqZ-TXQdA2z4L9eKkO9gFDLRVv3MDKVi9w4PpGRoyfL0qiTCMMxolhcdzHGRQ-vm_je5HyRfXj79kKQ8Mty0z9i6q2LVdZSFmcg-gKMoM0d2-n02W7A&sig=Cg0ArKJSzCeNBYFoVbm8EAE&cid=CAQSTwAvHhf_grJY3TLBQtRIQ0BduCpwcjtU4aiySjrFou6JytIcTxYerJ-qqrFjDC0CU4CCabzG94lbWQAJtpfdsibYdFmCqpH7ihj4J3B6KhMYAQ&id=lidar2&mcvt=1000&p=-50,0,450,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703073013282&rpt=249&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5701 42 B
64 B 42ms
41ms Fetch
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvx4DPCCoceNeExS_G1Itgme5NM8nMcULFY99WHcm2jriTmsEChv0IyhW-6vW4ZcFgnF6EM-WrCfDYec3jdjO75t73l0BRazOnivABn3VJMbEHjEViKjBHIaGzzwaFxxZOwjhdT4Qyympg&sai=AMfl-YQC3U9RAmisEHkcVfFyKMyU4-jnLh3c7-5VQkJjUrnQ8Q-05-khKd0AXnpdFbhZB_MwIklClC-acuYQnbMqGrHUV9uDSnkH5jMg8n8xfq9-XknPeajxTXs9mTez0Hu1h3pV6CC46uou6MYfSXJBhA&sig=Cg0ArKJSzKW-el8r5042EAE&cid=CAQSTwAvHhf_grJY3TLBQtRIQ0BduCpwcjtU4aiySjrFou6JytIcTxYerJ-qqrFjDC0CU4CCabzG94lbWQAJtpfdsibYdFmCqpH7ihj4J3B6KhMYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=484,937,1000,1000,1000&tos=484,453,63,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703073013361&rpt=347&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 27BF 42 B
64 B 43ms
42ms Fetch
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQRewc8ulnYnwoN3Oo2CZlYb2nHt7wS2Uzv30_kWM9IGSMdPVvInuaQeJSomGFkoX-6pUyxrxG7nUhg5kFHgymKto53SghWzu7PBs3fCOScirCqnWyDaqMm7ivDPdJqNOx5TXcgXzQpu6_r1vPw01mObhi&sai=AMfl-YQ5kcnB7vMu5J-dwOaPXEVtRBZBt5gJVEAzLkiWmxI8KpZCjMl7LSO-ASEdZgrPQyIulVJa5Zr5loyarbF4JZnLGuFvQwFCNezBsiwiDgS79joymTuCG7nZGECFEcgGNlMqqcqiMhENOIIdiKxYFw&sig=Cg0ArKJSzIg4DsvNL4qWEAE&cid=CAQSTwAvHhf_grJY3TLBQtRIQ0BduCpwcjtU4aiySjrFou6JytIcTxYerJ-qqrFjDC0CU4CCabzG94lbWQAJtpfdsibYdFmCqpH7ihj4J3B6KhMYAQ&id=lidar2&mcvt=1001&p=-50,0,450,200&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703073013284&rpt=466&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:50:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST bz
www.facebook.com/ajax/ Frame C42F 0
0

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame CA5E 50 KB
16 KB 181ms
181ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ead7905f6864%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=ade58a256f3a9aa0cf416d1a08cafee6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64e354c0a00d62c43c65ba0ed03bad8c1896d2bd6a5a4c8ce07d66ae82e549d5

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:50:14 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: O8aeF3o7f+GlkZJyAXIjKAVTKGGQ/72m8HtBlEbnmG0v4YHsZSMKs1Prihw6NR0XY9e/DIdApGP/KTq9BSMfdg==
x-xss-protection: 0

GET
H3 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame CA5E 299 B
436 B 5ms
4ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ead7905f6864%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:15 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: a2MC2FtokK4VLGyQ8wBKZRGzUtJiQg+b6Flz6mKo2YjZ/wImA2Mo07KDU5YrKCMQ+f4ek0voCkDg1YATRJnXHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Dec 2024 18:05:15 GMT

GET
H3 200 TdBDGo2W8RG.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yY/l/en_GB/ Frame CA5E 529 KB
136 KB 5ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yY/l/en_GB/TdBDGo2W8RG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ead7905f6864%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ff217df18b3d7648%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06a1777d53912dff5cf5d931ecef04748f474b6b28ffcdc41c21294b31b464d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 20 Dec 2023 11:50:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lTS26dudGHV6Mfv8Cy+B+Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139471
reporting-endpoints
x-fb-debug: w9q8GyZbSZhIq10VAw3UXfKlu2JiyiVXjGHjOj9I94STfPunkQVmTFGJ2BT64EbTk3ZqQszG/WX8cFHpCqSYGQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 18 Dec 2024 22:51:24 GMT

GET
H3 200 adbytes.&adnum= Show response
fundingchoicesmessages.google.com/f/AGSKWxXBw5a8EjjxDRIAkpE6qzVobUwE_gXEcXPssm_irjARm7MympRrcH6u2I6DzxF3LKtxksocpUVSJYQBxOetolROvWIJDjO4S5uGGQoRlEUUesGgNiqH4qcy5uedlGig3aH_rXsVKmXn-lZ1W7UUCNzYbNy1u... 54 B
109 B 49ms
48ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXBw5a8EjjxDRIAkpE6qzVobUwE_gXEcXPssm_irjARm7MympRrcH6u2I6DzxF3LKtxksocpUVSJYQBxOetolROvWIJDjO4S5uGGQoRlEUUesGgNiqH4qcy5uedlGig3aH_rXsVKmXn-lZ1W7UUCNzYbNy1uutdh--QFuyPdQn_HklIbt08UbYZUIeV/__ad_service./mediaAd./displayAdFrame./adbytes.&adnum=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7cc4ac01f23c367eefeb1a46a45db98d944dd2a1b9e2612c6cf9b7179e1be8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uXaA28ZjkzE8XlMI0NZMmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:50:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uXaA28ZjkzE8XlMI0NZMmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 84 KB
30 KB 2ms
2ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9bc1c2c975dd8572a1be2de18b57e04aeefb74ed1e5e15639d62af36ffe0bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30828
x-xss-protection: 0
server: cafe
etag: 1270192977547311863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 12:20:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: scontent-iad3-1.xx.fbcdn.net
URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/304696275_578496410639580_6938369199124765427_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=EILIyb9nZPAAX9KpMUd&_nc_ht=scontent-iad3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBY96qrqjZGn1JABrJyPIC_9UHoNkcGOi-7kyvnVGvVdQ&oe=65873B37

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2F202708376488646%22%2C%22width%22%3A350%2C%22height%22%3A500%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Fpayroll.my%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19711.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010529714&__s=%3A%3A8cmign&__hsi=7314642885499283435&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w5Kw&__csr=&__sp=1

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w5Kw&__hs=19711.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7314642885499283435&__req=3&__rev=1010529714&__s=%3A%3A8cmign&__sp=1&__user=0&dpr=1&jazoest=21787&lsd=19hY7UbGPkDxI7VjaO9lAN

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7wKxa13wt8K2WnFwLBwqo98nwgU29zEdEc83WwvE3vx60Vo1upE4W0OE2Wwio7C0yE460qe4o5-0me0sy0ny0RE2Jw8W1uwc-0pa0h-0Lo6-0iq0NE&__hs=19711.BP%3Aplugin_like_pkg.2.0..0.0&__hsi=7314642894904923976&__req=1&__rev=1010529714&__s=%3A%3A34il9s&__sp=1&__user=0&dpr=1&jazoest=21601&locale=en_GB&lsd=-pA2X0JSYA858-H0Z0gQtr

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payroll.my/	1969-12-31 23:59:59	Name: 17ed6ad1f789ae24085d565573772777 Value: 45ghh169bn75p51gq2h02k54lf
.payroll.my/	1970-01-21 02:40:33	Name: sc_is_visitor_unique Value: rx8319737.1703073011.39D1BDDDC4DF4F35A22A79A9D79064F0.1.1.1.1.1.1.1.1.1
.payroll.my/	1970-01-20 17:05:59	Name: _gid Value: GA1.2.294774199.1703073011
.payroll.my/	1970-01-20 17:04:33	Name: _gat_gtag_UA_99577156_2 Value: 1
.payroll.my/	1970-01-21 02:40:33	Name: _ga_G85EWVDPZ3 Value: GS1.1.1703073011.1.0.1703073011.0.0.0
.payroll.my/	1970-01-21 02:40:33	Name: _ga Value: GA1.1.133716426.1703073011
.statcounter.com/	1970-01-21 02:40:33	Name: is_unique Value: sc8319737.1703073011.0
.payroll.my/	1970-01-21 02:26:09	Name: __gads Value: ID=547276001571dfc6:T=1703073011:RT=1703073011:S=ALNI_MaN_TznKqO76cJ-eLabxoRaNlWB3g
.payroll.my/	1970-01-21 02:26:09	Name: __gpi Value: UID=00000cb7cddbba1a:T=1703073011:RT=1703073011:S=ALNI_MaWVkXhzlBYnG2E-sSg3XRI0KLZPw
.doubleclick.net/	1970-01-20 17:04:36	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:40:33	Name: IDE Value: AHWqTUnymbdFuiOP0ycpDRhPVIQ2nzdRoT0-vaeDwNLq5JP1rtEX3F-EDzAcPCvytfM
.googleadservices.com/	1970-01-20 19:14:09	Name: ar_debug Value: 1
.send.microad.jp/	1970-01-20 19:14:09	Name: TR Value: 53119613e80c865042d8b5821ae3e293e3dcd2984b2f07c9
.casalemedia.com/	1970-01-21 01:50:09	Name: CMID Value: ZYLU9bWyk9x.8aMmNVuN9wAA
.casalemedia.com/	1970-01-20 19:14:09	Name: CMPS Value: 5496
.casalemedia.com/	1970-01-20 19:14:09	Name: CMPRO Value: 5496

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://payroll.my/(Line 674) Message: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
c.statcounter.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
payroll.my
s-cs.send.microad.jp
s0.2mdn.net
scontent-iad3-1.xx.fbcdn.net
scontent-iad3-2.xx.fbcdn.net
static.xx.fbcdn.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
scontent-iad3-1.xx.fbcdn.net
www.facebook.com
104.18.36.155
104.20.94.138
13.113.144.31
142.251.222.6
172.217.26.226
172.217.31.162
202.233.84.8
2404:6800:4004:801::2002
2404:6800:4004:820::2002
2404:6800:4004:820::2004
2404:6800:4004:821::2003
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4004:824::200e
2404:6800:4004:825::2001
2404:6800:4004:826::2003
2404:6800:4004:826::200e
2404:6800:4004:827::2002
2404:6800:4004:828::2006
2606:4700::6811:190e
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba
06959a8e30d493fef9b942cf5403afcca1bc79b86332325f2b747d3c5dd9f10e
0699ec87a5948593704673dd827854964f845df3971d277cfb1dc9322a4d7faf
06a1777d53912dff5cf5d931ecef04748f474b6b28ffcdc41c21294b31b464d3
077ba19da8900544b2adaca3f2da24093b15b172bdd262cb65dde9eb84f3188a
092a1f1130aa21e6d22cb1b4ba9c2193ad38866289daf4b15248655a69f2b4db
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcb770fa62da9c0d3fe5f0d079bf7135f0efe1a7d06891d24b2c6404c682286
0dc52873979ca16619b47da64b0ca990250daa89a2513074c8cf37f8ca3fe46f
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18b4d91d4695f6a99ca0b206db4c143f55c520df8972a3cb861fa586e88ef7f1
1a745f40d06d542b3ef0542269eaa7195f26b13580896a62c18024e3101e53ad
1f867034080df98f2ff4dc99888eb5cdc3ed1214466315f22a476c7e03bd2203
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc
226ca4c9e8c3e28479bb9cb671e9836bd1ceae5928e9954763ae47efa5f425ac
230d79e6f31766f8b619af249b478a63defca50f89f75c70dbb426f379d8787e
24924efc88fb180d54b964a33d001cf908bd35304d02ac9ab1bc09b3665b73bd
26876252a63eae3885b544ac4b5733fb349b3f41b509f1cdd0acd7c6ba2a2a57
273820dab958d7fe28bea30bf876eec07c742ab9566574a394a2a9d7068c6b13
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
281b6b8c6903b28da1b8f40a32511192a68dcd69ff755c0d78ac2499ef335b92
295550b8310ff10a1a9d1fd07706dd4a6ddcfb6eec0b60bafe6ee25989051f3a
29661f75cf859eed6d3825705712429caf06e3e25d62a216e21321155ed5cb68
2a718529848cda09a89e4c25ede7bf3e70302d901f83172ec731e7ec11299b94
2c829ee5cd2636118470885177ca34fe1e88d22bd398b5cc8c0afe26f6e99b78
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5be8b3678d9bb39bcb70ffa7f95aa031009f101f3be2a35213b982dc526d40
2e95272f5c6be67d64bce253bb1da0e1f6740cda7edb5478d25ae8042f49b7eb
2ea976d0bfc76d7f51d9c44f2b71614ae25b69f8d12a3c5bb7b4b1062deda4f4
3010e3256031d911db478312c02550e17ba10e3a06ea9dbf700040b8e1e8d749
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d5d20ba867e9d763b937c3bd7784b90eb2ddb7e5dac6f41689b21e3dcae966
381db1a47335dd5b5f982729cb57029d9a57f730f52a367e4f36bcb14941bfcb
394cf46e02b5ac2c99d525639be7cbc0797f7e11ccb25e52f62e17552ed2f158
3b208dcfd36d007a8b5cc2ed9235e0b41a90c035ceb404b365727bc45bba70c2
3f29cca182a84ae2b65393e9af8e4805c5ad38333e7f586799e1626a2fc12815
3f562d9edf58f937f3f684e422e3375392b442290a2fd39f58791c030d1db7f0
3f9bc1c2c975dd8572a1be2de18b57e04aeefb74ed1e5e15639d62af36ffe0bf
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
3fd1c560cd3b7c91e91f49d437b2ed8fe09a4c436fd247da021f90cf50f665c6
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43be5a3181a17e89330922c0015fd9cb33d5b4a5311e20f756dbe964e685c133
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
498433ddb7adb085c07fbbf2d2e510092f64ed44a237aa6d5f3f1c7d09ac4686
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50b3a136f61a549e700e6c9482e43ee8a73b55e3871f5ac3b46f84e331c19da1
555138d7adae1f203f4d6ab5c63b4ab717ad160ae63bf9d4f1f298052b2e7c8f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d2d32282a68be7f7ce8c1f679946ce4ea53e877f86eae3214ba552efc9ea2f
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
59437e1ad07a2682ed39e2ba0cef1f46ab93c112bbd7258f4ef243f8fe736b86
59bcd53a08e399ecdfad42ab10c8b6f15abdd14e9192e4024a364e3d4d4534ef
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d0bff79cd9d23c424a1dba2d385fc4a01b1a95dac1dd776e0bd295fa5586da2
5d399bcd50e595112a3c3342889765359e5dba919dc738aa559e826aec89b31c
5e06325f8e748575942d69d49fcc55ad67a504df192165417e10908429e898cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
64e354c0a00d62c43c65ba0ed03bad8c1896d2bd6a5a4c8ce07d66ae82e549d5
658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
668a7bcff19fcd734183f3fc2feee0866b8eb19760d787e76eb27693711c6928
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c32f431eb95abb07ba006254d697d9ac347ad016ae53d764bc6c30f74312339
6c6b647ee54323d5982c050e7befa30f11fbe4b02668a1057a50923d41d730ef
6f2b1d3a345699d7db904928bfc06df1cee568e5a570b707a4e96d5337b88fc9
7010799d0a3f9b84922aafda3957995808a3833d409c10dbb830321fb337236d
711c690368186e368be2d73093ca8fc9f416544e22e588e234fd434a80d5585e
777b7455784ec64cb3efc99cd21f399cb23186ac5d6933028b6dcf1b2c23bf51
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
790febcf2123f481b536e9443d1843fb4fca516886c4df9ebbaa45c6c2e1f393
7b26c692500dd71cbd9b8d7e801152aa89394511bbe0e191f79aedef0951564b
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
815feb5a3c616eecf145c2d70b428bd7f93854b19bd745bf8d0e91e1f24fd26b
835bed40ed8224475a98424d5c556e2382aa6e8ca1a16db808c7f018ddd6987d
83c1e04233e37a6ce5d993f76bb2e6f43d6e7975988832579826d9a097f0037e
865d3da6231f7d506bf80e21590eacdf83ed8c4b4c0af4b09f3d8ffb4eebf72e
86a441e4c2b779854aec38f795f74b0609c9485e4ba29772b0dda65a80304e22
8d354f0f499ec35a82e7abf56a36e7f5c6114c7fb8b1b4d6bcd2c62dc55ffa6f
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
98333312a99b4c67911a1c1d4bddda30653715ffa23ea460fe385fa1987b39ba
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9a0b5cc4632c4d0bf462cac4dd58a334354b44559581d7917cfeb6cece852cc7
9a13327705cf406464a9195825fd0d8ff3c6321077182b4df07d44f1eaf849a0
9b32373db2e8d4a583fabaa5951b6c2b3029ce35c7c09d1415868b06744981f0
9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
a2a214081e1f3ea56cc068ad53949224dc0bf812231321efbad123cd56e60a2a
a451b0af3e320da920e4d5f9762cde37e0f1418f86551712a8e570bb0ff63b06
a8d62346a33f6e7cd04a3dd46f639c8e09e73f0bc7254d740b9faa88422a9a93
a8eb0a0b7cb7f5a2c06f9edc03c06c9891363db33f1ec8661d362b440b946fa1
aa857b6dc0c9fbba5f9aefc95bb6106a4e97963138d73bba0f74f692b9ab2724
aa8d5bf31ab9b6654cd76bf8b6bc05d852670a2be8c10e15640052fd930605d8
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac0113db18b2bf86355b310ef7859c3eb6389566e288422497392ea8ff37eaf0
ac1f9ffe1dc38624fe3d9106ec403da31711273604be5aae00a43278fd752c2f
b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b55a9e4a8ee877aedcffb5e76f6d1fded8260177ae8f72b5bbc3cde8a7ddcd10
b7cc4ac01f23c367eefeb1a46a45db98d944dd2a1b9e2612c6cf9b7179e1be8a
b9176ad8fec1e5e5e4b61176fdea525dac71f55e8f0db2972fb2ba78ec8752a8
b933b9c33b2817f0c911084c9953094b4ff666739f40c9918ad32f9bfb277371
b9665290de3744085bd3a1209d37bec4b3e4864c49e649ec5e388bfb379ac800
bb0d7bdcac2da7402e126ad96a388ce507fa972b741323a5a40ea65df2076b8d
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c310df3404878646e835f4719964541fe1065b29abfa796e301b1e2dd41a6c71
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c781f6ec5143fb960fae654381b5d467b71081bcbcac6b62bac28071d20ef791
c7e4b9e66c40919b3b1d6fb39b80b40efffaf5027a81f3471929cb44925271b8
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d6cddb0acb8765d10d69cd416b80ae7c8a9cb35333f4569c4aac932c2e396ea9
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d8254941c31678787346d958d0efcded555e6cdf43c9d30b581f77cf9ae9f0bd
d8d14de23b9826b91d7c588169a80a11c162e3a3fea4c0731487337f445efbc8
d92761b8e8329fc86fac6fac223bf29d70f3510467a7d951372661427dda9a04
daa7f6c4967dd58a6697f0a3a0705834d5ae4a75f4eff02682451d0d82474018
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1a2f08f4a405582f426262ad6fb10e8843a93bb4cb458a20e3466e0d5b2d937
e22154d4794686c8c5195e975abd63c4ff7ad42d8712e8e589a272c78c110180
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dfe31c9a1176ec6dd88c64bbba94cd47d42f31d37ae6f2c35539d5b0b81f6e
e50c53670346d11fd2f4be0909d96d5f9d6fbf1560552cefd9a5e29b38773cc6
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e9ab8ba933e5f1910ed0ce119436ca0f06703bd2e9f6ee0ec9513d2115baffa0
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3706b87941d3ad9cb475e7a2a33307e9bd988226b81eb3c4e43e684c1d721ce
f52d737df458888643eccb2af914b9f26faab334a15fab6da9ecfa7282ea76d8
f69fa757fca82ffa06f59a98a7a7d3640ea96f0fa6655a5db8255953f0b935cc
f6b5044cfdbf0d2d36814fbc517f7d1e48a83a10bd6d27ba6706dca074f06bc9
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

payroll.my Open in urlscan Pro 13.113.144.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

222 Requests

95 %HTTPS

71 %IPv6

18 Domains

26 Subdomains

24 IPs

4 Countries

3670 kBTransfer

11275 kBSize

16 Cookies

21 Outgoing links

Page URL History

Redirected requests

222 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

payroll.my Open in urlscan Pro
13.113.144.31 Public Scan

Screenshot
Live screenshot

Full Image

222
Requests

95 %
HTTPS

71 %
IPv6

18
Domains

26
Subdomains

24
IPs

4
Countries

3670 kB
Transfer

11275 kB
Size

16
Cookies

222 HTTP transactions
6 data transactions