urlscan.io logo urlscan.io
SecurityTrails logo

tracking.pos.com.my Open in urlscan Pro
23.73.207.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tracking.pos.com.my/
Effective URL: https://tracking.pos.com.my/
Submission: On April 27 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 2 countries across 13 domains to perform 84 HTTP transactions. The main IP is 23.73.207.13, located in Ashburn, United States and belongs to AKAMAI-ASN1, NL. The main domain is tracking.pos.com.my.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 29th 2023. Valid for: a year.
This is the only time tracking.pos.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 23.73.207.13 20940 (AKAMAI-ASN1)
3 142.251.111.97 15169 (GOOGLE)
2 23.220.132.139 16625 (AKAMAI-AS)
3 142.251.163.113 15169 (GOOGLE)
6 104.19.148.8 13335 (CLOUDFLAR...)
4 31.13.66.19 32934 (FACEBOOK)
4 23.205.107.16 20940 (AKAMAI-ASN1)
1 23.62.164.139 16625 (AKAMAI-AS)
2 142.251.16.101 15169 (GOOGLE)
2 142.251.111.155 15169 (GOOGLE)
3 142.251.16.94 15169 (GOOGLE)
1 172.253.115.156 15169 (GOOGLE)
2 142.251.163.104 15169 (GOOGLE)
6 157.240.229.35 32934 (FACEBOOK)
1 3.161.213.112 16509 (AMAZON-02)
1 3.162.3.18 16509 (AMAZON-02)
7 3.19.35.199 16509 (AMAZON-02)
4 23.205.104.20 20940 (AKAMAI-ASN1)
1 3.162.3.104 ()
84 20
25    23.73.207.13 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-73-207-13.deploy.static.akamaitechnologies.com
tracking.pos.com.my
3    142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net
www.googletagmanager.com
2    23.220.132.139 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-132-139.deploy.static.akamaitechnologies.com
s.go-mpulse.net
68794910.akstat.io
3    142.251.163.113 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f113.1e100.net
www.google-analytics.com
6    104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
4    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
4    23.205.107.16 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-107-16.deploy.static.akamaitechnologies.com
cdn-akamai.mookie1.com
1    23.62.164.139 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-164-139.deploy.static.akamaitechnologies.com
c.go-mpulse.net
2    142.251.16.101 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f101.1e100.net
analytics.google.com
2    142.251.111.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net
stats.g.doubleclick.net
3    142.251.16.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
www.google.ca
1    172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
googleads.g.doubleclick.net
2    142.251.163.104 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f104.1e100.net
www.google.com
6    157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com
www.facebook.com
1    3.161.213.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-112.yul62.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    3.162.3.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-18.yul62.r.cloudfront.net
assets-tracking.crazyegg.com
7    3.19.35.199 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-35-199.us-east-2.compute.amazonaws.com
tracking.crazyegg.com
4    23.205.104.20 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-104-20.deploy.static.akamaitechnologies.com
toolassets.haptikapi.com
1    3.162.3.104 (None, )

ASN- ()
singapore.haptikapi.com
Apex Domain
Subdomains		 Transfer
25 pos.com.my
tracking.pos.com.my
695 KB
15 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2396
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5021
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5037
tracking.crazyegg.com — Cisco Umbrella Rank: 4204
75 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
444 B
5 haptikapi.com
toolassets.haptikapi.com — Cisco Umbrella Rank: 146444
singapore.haptikapi.com Failed
176 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 145
www.google.com — Cisco Umbrella Rank: 2
438 B
4 mookie1.com
cdn-akamai.mookie1.com — Cisco Umbrella Rank: 27328
10 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
78 KB
3 google.ca
www.google.ca — Cisco Umbrella Rank: 9881
190 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
282 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1378
c.go-mpulse.net — Cisco Umbrella Rank: 625
50 KB
1 akstat.io
68794910.akstat.io — Cisco Umbrella Rank: 21641
229 B
84 13
Domain Requested by
25 tracking.pos.com.my tracking.pos.com.my
7 tracking.crazyegg.com tracking.pos.com.my
6 www.facebook.com tracking.pos.com.my
6 script.crazyegg.com www.googletagmanager.com
tracking.pos.com.my
script.crazyegg.com
4 toolassets.haptikapi.com tracking.pos.com.my
toolassets.haptikapi.com
4 cdn-akamai.mookie1.com www.googletagmanager.com
cdn-akamai.mookie1.com
4 connect.facebook.net tracking.pos.com.my
connect.facebook.net
3 www.google.ca tracking.pos.com.my
3 www.google-analytics.com www.googletagmanager.com
tracking.pos.com.my
3 www.googletagmanager.com tracking.pos.com.my
www.googletagmanager.com
2 www.google.com tracking.pos.com.my
2 stats.g.doubleclick.net www.googletagmanager.com
tracking.pos.com.my
2 analytics.google.com www.googletagmanager.com
1 singapore.haptikapi.com tracking.pos.com.my
1 68794910.akstat.io s.go-mpulse.net
1 assets-tracking.crazyegg.com tracking.pos.com.my
1 pagestates-tracking.crazyegg.com tracking.pos.com.my
1 googleads.g.doubleclick.net www.googletagmanager.com
1 c.go-mpulse.net tracking.pos.com.my
1 s.go-mpulse.net tracking.pos.com.my
84 20
Subject Issuer Validity Valid
*.pos.com.my
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-29 -
2025-01-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-06 -
2025-03-06		 a year crt.sh
script.crazyegg.com
E1		 2024-04-05 -
2024-07-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-04 -
2024-05-04		 3 months crt.sh
ak-dvsan01.mookie1.com
R3		 2024-03-18 -
2024-06-16		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2023-05-28 -
2024-06-26		 a year crt.sh
toolassets.haptikapi.com
R3		 2024-04-04 -
2024-07-03		 3 months crt.sh
*.haptikapi.com
Go Daddy Secure Certificate Authority - G2		 2023-07-14 -
2024-07-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://tracking.pos.com.my/
Frame ID: 56293CAFB658AF98E4FFAEF24553A2A3
Requests: 80 HTTP requests in this frame

Frame: https://cdn-akamai.mookie1.com/html/x71.html
Frame ID: 9BA65AFB0B831EC03C1183DD079456C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pos Malaysia | Live Parcel Tracking | Real-time Delivery Status

Page URL History Show full URLs

  1. http://tracking.pos.com.my/ HTTP 307
    https://tracking.pos.com.my/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

84
Requests

93 %
HTTPS

0 %
IPv6

13
Domains

20
Subdomains

20
IPs

2
Countries

1390 kB
Transfer

4717 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tracking.pos.com.my/ HTTP 307
    https://tracking.pos.com.my/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tracking.pos.com.my/
Redirect Chain
  • http://tracking.pos.com.my/
  • https://tracking.pos.com.my/
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2c426977a2cdeb47bbed0d392d03d2241a11d2b8f41a2c3924c12bdc487bf0af
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
akamai-grn
0.8d9b3e17.1714215843.93df2ed3
alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
3579
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
content-type
text/html
date
Sat, 27 Apr 2024 11:04:04 GMT
etag
"e49-6161e4e9ce900"
expires
Sat, 27 Apr 2024 11:04:04 GMT
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
pragma
no-cache
referrer-policy
same-origin
server-timing
cdn-cache; desc=MISS edge; dur=702 origin; dur=106 ak_p; desc="1714215843684_389979021_2480877267_80791_9586_15_35_255";dur=1
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 3657 0 pmb=mRUM,1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

Location
https://tracking.pos.com.my/
Non-Authoritative-Reason
HttpsUpgrades
styles.19513bb9b36508efccf3.css
tracking.pos.com.my/ 		393 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/styles.19513bb9b36508efccf3.css
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
69e1068116a434a9496cc68299a87e17a1180df65ec3222d6c26bba06f50e396
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215844.93df3497
server-timing
cdn-cache; desc=HIT, edge; dur=618, ak_p; desc="1714215844633_389979021_2480878743_63006_11982_18_0_255";dur=1
alt-svc
h3=":443"; ma=93600
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"625c1-6161e4e9ce900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:06 GMT
runtime.50687d00fdfd9ecb0c75.js
tracking.pos.com.my/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/runtime.50687d00fdfd9ecb0c75.js
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2a17f25a7ad1e6cdc84822b0c7fd3485ceecb82714f36412283413b12e33d635
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215844.93df3498
server-timing
cdn-cache; desc=HIT, edge; dur=639, ak_p; desc="1714215844620_389979021_2480878744_64100_10778_19_0_146";dur=1
alt-svc
h3=":443"; ma=93600
content-length
1179
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"918-6161e4e9ce900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:05 GMT
polyfills.1295405d975330be9341.js
tracking.pos.com.my/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
98a53a23b25a29423beaf41d6badea7bab68b7b0d42cbda14df6f1c3c836251b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215845.93df3897
server-timing
cdn-cache; desc=HIT, edge; dur=44, ak_p; desc="1714215844652_389979021_2480879767_4366_10750_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
11644
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"8599-6161e4e9ce900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:05 GMT
scripts.ca747695745ec4c5db65.js
tracking.pos.com.my/ 		220 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/scripts.ca747695745ec4c5db65.js
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
da4595f5f1a53e3f6828b4b66ec0515915e4af2195723d3393ee4f438147fa11
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215845.93df3c43
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714215845927_389979021_2480880707_40_11175_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"36f2d-6161e4e9ce900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:06 GMT
main.4f22f284a3c21242399e.js
tracking.pos.com.my/ 		1 MB
307 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/main.4f22f284a3c21242399e.js
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4855e475c6939ad634080cfc1906e96b24661960a63e71fcd2c65d2f1045ac95
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215846.93df3fa3
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714215846506_389979021_2480881571_36_9717_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"11cb54-6161e4e9ce900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:06 GMT
gtm.js
www.googletagmanager.com/ 		351 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MF5HPS2
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
32cfe3f708994d50fe971a141c28e69838b501fa471bffb756761bd5324cc1cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107453
x-xss-protection
0
last-modified
Sat, 27 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Apr 2024 11:04:06 GMT
3XTRN-LXQAG-CXH9Y-U7J7B-2HETH
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/3XTRN-LXQAG-CXH9Y-U7J7B-2HETH
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.132.139 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:06 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Tue, 16 Apr 2024 01:32:50 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
GothamRegular.woff2
tracking.pos.com.my/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/assets/fonts/GothamRegular.woff2
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/styles.19513bb9b36508efccf3.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ea20f86c7f036f6a03f3e3d2fa0bbf8b807289b9f7e7d06201292d57640132cc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/styles.19513bb9b36508efccf3.css
Origin
https://tracking.pos.com.my
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:07 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215846.93df4103
server-timing
cdn-cache; desc=MISS, edge; dur=749, origin; dur=144, ak_p; desc="1714215846733_389979021_2480881923_89294_9223_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
10844
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"2a5c-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:07 GMT
js
www.googletagmanager.com/gtag/ 		298 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R4WN4KNEN5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF5HPS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
91e9657dda294e05e223f1833f00654d8b0464e514e188bf8c03e6fc6faffd06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102417
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Apr 2024 11:04:06 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF5HPS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.113 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 27 Apr 2024 10:28:45 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2121
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 27 Apr 2024 12:28:45 GMT
destination
www.googletagmanager.com/gtag/ 		209 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-723093664&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF5HPS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
adce10190495b0be90f29920b801656254a50a137b69c60941bc5832042b978d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78022
x-xss-protection
0
last-modified
Sat, 27 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Apr 2024 11:04:06 GMT
5582.js
script.crazyegg.com/pages/scripts/0114/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0114/5582.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF5HPS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946f61970ed0a02c3fd2d2b1ccbfbb4518b6bfa3babf1ddb460814742efbb543

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
249657
cf-polished
origSize=6112
ce-version
11.5.202
cf-bgj
minify
last-modified
Wed, 24 Apr 2024 13:43:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
87ae54737e0836b2-YYZ
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 27 Apr 2024 11:04:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
8A9QzybhbK5RTkV8gFOeEIAEw0DGY4JPtKNb/xTlyF0qDpeRHZOjvqWNz1bTM/kVvGlNfY4N0HJxx2/4aTaOyA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
LightningBolt.js
cdn-akamai.mookie1.com/LB/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-akamai.mookie1.com/LB/LightningBolt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF5HPS2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.16 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-107-16.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6a046bdd86f5e97c4f2e768ec9b65f840031054fd1f36c76e1cf3ef0c082c601

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 27 Apr 2024 11:04:06 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
5927
Last-Modified
Tue, 21 Sep 2021 13:59:42 GMT
Server
AkamaiNetStorage
ETag
"d005b405f172d9f9087c24487df33e29:1632232782.946885"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Sun, 28 Apr 2024 11:04:06 GMT
config.json
c.go-mpulse.net/api/ 		614 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=3XTRN-LXQAG-CXH9Y-U7J7B-2HETH&d=tracking.pos.com.my&t=5714053&v=1.720.0&sl=0&si=a476a9cc-ed9a-4528-9dea-2a9ee19221a4-sclles&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=1011991
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.164.139 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77abe75c563b20e40cfb437e99e5aa70307c87a033867525c83e93e4854569f3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 27 Apr 2024 11:04:07 GMT
cache-control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
614
content-type
application/json
collect
analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R4WN4KNEN5&gtm=45je44o0v893770286z8832974946za200&_p=1714215844625&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=2058522120.1714215847&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714215847&sct=1&seg=0&dl=https%3A%2F%2Ftracking.pos.com.my%2F&dt=Pos%20Malaysia%20%7C%20Live%20Parcel%20Tracking%20%7C%20Real-time%20Delivery%20Status&en=page_view&_fv=1&_nsi=1&_ss=1&ep.visitor_source_event=NA&up.visitor_source=NA&tfd=3434
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R4WN4KNEN5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 11:04:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tracking.pos.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R4WN4KNEN5&cid=2058522120.1714215847&gtm=45je44o0v893770286z8832974946za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R4WN4KNEN5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 11:04:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tracking.pos.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R4WN4KNEN5&cid=2058522120.1714215847&gtm=45je44o0v893770286z8832974946za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=584358541
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 11:04:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/723093664/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/723093664/?random=1714215847060&cv=11&fst=1714215847060&bg=ffffff&guid=ON&async=1&gtm=45be44o0z8832974946za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftracking.pos.com.my%2F&hn=www.googleadservices.com&frm=0&tiba=Pos%20Malaysia%20%7C%20Live%20Parcel%20Tracking%20%7C%20Real-time%20Delivery%20Status&npa=0&pscdl=noapi&auid=1344426420.1714215847&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-723093664&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
1188898868c695e2abbd54b30d40fa308663ee8855ee629b86c2d7f8c73d8b77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 11:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1437
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
tracking.pos.com.my/assets/i18n/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/assets/i18n/en.json?v=1714215847126
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b3792589406c0724db2c767e9e8b3ef3e16f05ea7168a944cd645f2a83d429cd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://tracking.pos.com.my/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215847.93df4356
server-timing
cdn-cache; desc=MISS, edge; dur=662, origin; dur=22, ak_p; desc="1714215847145_389979021_2480882518_68422_11929_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
4526
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"36c1-6161e4e9ce900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:08 GMT
1.9cf6e5457e74049cd078.js
tracking.pos.com.my/ 		323 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/1.9cf6e5457e74049cd078.js
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/runtime.50687d00fdfd9ecb0c75.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
230e1df7a21d7585b81233297cb109f8761a8d2bffb05643f4f37a7fbbedfc45
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215847.93df4364
server-timing
cdn-cache; desc=MISS, edge; dur=667, origin; dur=12, ak_p; desc="1714215847158_389979021_2480882532_67885_10702_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"50b9c-6161e4e9ce900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:09 GMT
5.4a00550e0081b87d9a99.js
tracking.pos.com.my/ 		73 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/5.4a00550e0081b87d9a99.js
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/runtime.50687d00fdfd9ecb0c75.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e57ed2a65e26d28816d33d37b4a7d3be797c227fcc58375f770a6a45c0602a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215847.93df4365
server-timing
cdn-cache; desc=MISS, edge; dur=719, origin; dur=43, ak_p; desc="1714215847169_389979021_2480882533_76113_10441_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
17413
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"1225c-6161e4e9ce900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:08 GMT
tracking.pos.com.my.json
script.crazyegg.com/pages/data-scripts/0114/5582/site/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0114/5582/site/tracking.pos.com.my.json?t=1
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae75b78fd2e672bb67dd58b41b487f07ca48836640a76ed11ee39e8c6af3528

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
249345
ce-version
11.5.202
content-length
1720
last-modified
Wed, 24 Apr 2024 13:48:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87ae5474ecb136b0-YYZ
mapping.js
cdn-akamai.mookie1.com/adv/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-akamai.mookie1.com/adv/mapping.js
Requested by
Host: cdn-akamai.mookie1.com
URL: https://cdn-akamai.mookie1.com/LB/LightningBolt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.16 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-107-16.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ea649124f3e2ef08d7ec00eda84e5180940d00c7e9bdb23914d6cb655ce58284

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 27 Apr 2024 11:04:07 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
2112
Last-Modified
Thu, 28 Mar 2024 17:10:55 GMT
Server
AkamaiNetStorage
ETag
"d7aa696a075cd53e47957c0ad09ef1ea:1711645855.397046"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Sun, 28 Apr 2024 11:04:07 GMT
x71.html
cdn-akamai.mookie1.com/html/ Frame 9BA6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-akamai.mookie1.com/html/x71.html
Requested by
Host: cdn-akamai.mookie1.com
URL: https://cdn-akamai.mookie1.com/LB/LightningBolt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.16 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-107-16.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Sat, 27 Apr 2024 11:04:07 GMT
ETag
"d41d8cd98f00b204e9800998ecf8427e:1696473098.155049"
Last-Modified
Thu, 05 Oct 2023 02:31:38 GMT
Server
AkamaiNetStorage
collect
www.google-analytics.com/j/ 		4 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1861553571&t=pageview&_s=1&dl=https%3A%2F%2Ftracking.pos.com.my%2F&ul=en-ca&de=UTF-8&dt=Pos%20Malaysia%20%7C%20Live%20Parcel%20Tracking%20%7C%20Real-time%20Delivery%20Status&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2023534868&gjid=1102476207&cid=2058522120.1714215847&tid=UA-20566710-1&_gid=313098780.1714215847&_r=1&_slc=1&gtm=45He44o0n81MF5HPS2v832974946za200&gcd=13l3l3l3l1&dma=0&z=909263994
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.113 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 11:04:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tracking.pos.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1861553571&t=pageview&_s=1&dl=https%3A%2F%2Ftracking.pos.com.my%2F&ul=en-ca&de=UTF-8&dt=Pos%20Malaysia%20%7C%20Live%20Parcel%20Tracking%20%7C%20Real-time%20Delivery%20Status&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=2058522120.1714215847&tid=UA-20566710-1&_gid=313098780.1714215847&gtm=45He44o0n81MF5HPS2v832974946za200&gcd=13l3l3l3l1&dma=0&z=36717708
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.113 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 05:25:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20297
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2291995661118109
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2291995661118109?v=2.9.154&r=stable&domain=tracking.pos.com.my&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
267e3680e38a4ed0949dd2a4cc931be915bd09213abe383e2e6300f219305d3d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 27 Apr 2024 11:04:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=62, mss=1380, tbw=63261, tp=-1, tpl=-1, uplat=40, ullat=0
pragma
public
x-fb-debug
+CuCmFuQerDzSKt3cr003UYpaUsfmafHkmDd2Tv1+no4yicWDaEF25WmFNPdsj/Iccnz9Nacm+UlMCUyuzSf5A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
6735f9594d6bb8a4f1fe56c6b3e21cf5.js
script.crazyegg.com/pages/versioned/common-scripts/ 		94 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0114/5582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d69e3303757e223cc0fd92ec05e7f0eb6ca17c61c857cf273f19d181ad2afd47

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Apr 2024 08:41:12 GMT
server
cloudflare
age
250023
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87ae54752fd536b2-YYZ
content-length
31374
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20566710-1&cid=2058522120.1714215847&jid=2023534868&gjid=1102476207&_gid=313098780.1714215847&_u=YADAAEAAAAAAACAAI~&z=847037718
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 27 Apr 2024 11:04:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tracking.pos.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/723093664/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/723093664/?random=1714215847060&cv=11&fst=1714215600000&bg=ffffff&guid=ON&async=1&gtm=45be44o0z8832974946za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftracking.pos.com.my%2F&hn=www.googleadservices.com&frm=0&tiba=Pos%20Malaysia%20%7C%20Live%20Parcel%20Tracking%20%7C%20Real-time%20Delivery%20Status&npa=0&pscdl=noapi&auid=1344426420.1714215847&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq1KS9fehmviVaLHVmS7jb47_rHFzP7g&random=3480618906&rmt_tld=0&ipr=y
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.104 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 11:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/723093664/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/723093664/?random=1714215847060&cv=11&fst=1714215600000&bg=ffffff&guid=ON&async=1&gtm=45be44o0z8832974946za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftracking.pos.com.my%2F&hn=www.googleadservices.com&frm=0&tiba=Pos%20Malaysia%20%7C%20Live%20Parcel%20Tracking%20%7C%20Real-time%20Delivery%20Status&npa=0&pscdl=noapi&auid=1344426420.1714215847&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq1KS9fehmviVaLHVmS7jb47_rHFzP7g&random=3480618906&rmt_tld=1&ipr=y
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 11:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.js
cdn-akamai.mookie1.com/adv/ 		0
540 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-akamai.mookie1.com/adv/default.js
Requested by
Host: cdn-akamai.mookie1.com
URL: https://cdn-akamai.mookie1.com/LB/LightningBolt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.107.16 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-107-16.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 27 Apr 2024 11:04:07 GMT
Last-Modified
Mon, 20 Sep 2021 18:30:27 GMT
Server
AkamaiNetStorage
ETag
"d41d8cd98f00b204e9800998ecf8427e:1632162627.594044"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
0
Expires
Sun, 28 Apr 2024 11:04:07 GMT
1970225759815448
connect.facebook.net/signals/config/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1970225759815448?v=2.9.154&r=stable&domain=tracking.pos.com.my&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
a274b02cd52fe15937e731d6b1ddb3d4ba0ce0c87b7fb7b654ff868ff2f88fb8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 27 Apr 2024 11:04:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=23, mss=1232, tbw=4317, tp=9, tpl=0, uplat=213, ullat=0
pragma
public
x-fb-debug
bPfJj7ikHK+SFI+4NC47H0aOuo+YUZuyEhAs7D+IyRERYxAF3DvUtzTtrimgb+B68CM7doA69Z51UjMFws+0pw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2291995661118109&ev=PageView&dl=https%3A%2F%2Ftracking.pos.com.my%2F&rl=&if=false&ts=1714215847269&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.2.1714215847268.1866652313&ler=empty&cdl=API_unavailable&it=1714215847175&coo=false&rqm=GET
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 27 Apr 2024 11:04:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20566710-1&cid=2058522120.1714215847&jid=2023534868&_u=YADAAEAAAAAAACAAI~&z=516234458
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.104 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 11:04:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20566710-1&cid=2058522120.1714215847&jid=2023534868&_u=YADAAEAAAAAAACAAI~&z=516234458
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 11:04:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking.pos.com.my.json
script.crazyegg.com/pages/data-scripts/0114/5582/sampling/ 		156 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0114/5582/sampling/tracking.pos.com.my.json?t=476171
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7412671804b1fbbc5899f1f404f561cc50ffe025cb37d7b389dbc5a66786df7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
553
ce-version
11.5.202
content-length
147
last-modified
Sat, 27 Apr 2024 10:54:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87ae54758d4a36b0-YYZ
healthcheck
pagestates-tracking.crazyegg.com/ 		19 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-112.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jul 2023 07:07:40 GMT
via
1.1 e9f20e77ad618b3d7de202fce429c5c4.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
age
24465388
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
aZyFlr06khrd4X01602dZzZCQA6G6eMcEbXAZ5RN3o39J9XBuqhDKA==
healthcheck
assets-tracking.crazyegg.com/ 		19 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jul 2023 20:47:31 GMT
via
1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
24588997
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
wrfb39sCsnUtxC1CtGPZI8gr4y2KqG0kca5QfR5FZLRHPMecLjvAJg==
98045826-2bd5-4a93-9d3e-2bceb0ef96c5
https://tracking.pos.com.my/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tracking.pos.com.my/98045826-2bd5-4a93-9d3e-2bceb0ef96c5
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://tracking.pos.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
clock
tracking.crazyegg.com/ 		39 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1714215847409&tk=78dea3eba74de03062f51bd1a286c9ab&s=409082&p=%2F&u=1145582&v=2baf8fe753edc7c2d3f910a47a6c984913fed725&f=tracking.pos.com.my&ul=https%3A%2F%2Ftracking.pos.com.my%2F
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.35.199 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-35-199.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
f9e135690892fd5f25b7c5d2855608c096ab8df2ed113a0b723d38ba1d0a6dfe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 27 Apr 2024 11:04:07 GMT
cache-control
no-store
server
awselb/2.0
content-length
39
content-type
text/plain
693026428716134
connect.facebook.net/signals/config/ 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/693026428716134?v=2.9.154&r=stable&domain=tracking.pos.com.my&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
b243b20107b1040586c0b0773b915dd704fa4400ba73842c49b8d6dad82ba6dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 27 Apr 2024 11:04:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=27, mss=1232, tbw=9405, tp=15, tpl=0, uplat=211, ullat=0
pragma
public
x-fb-debug
TD8LWCjrkFbQpIr+jLuA60I0E2i35ItPtv+//QFrP3IL0ByOceVvaDlhR7stNGdOTHOqzX78aR6gVFSwJFnOBg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1970225759815448&ev=PageView&dl=https%3A%2F%2Ftracking.pos.com.my%2F&rl=&if=false&ts=1714215847527&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.2.1714215847268.1866652313&ler=empty&cdl=API_unavailable&it=1714215847175&coo=false&rqm=GET
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=3136, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 27 Apr 2024 11:04:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
dda53996456118190a640875fa0663b1.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0114/5582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 24 Apr 2024 13:28:30 GMT
server
cloudflare
age
250020
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87ae547769eb36b2-YYZ
content-length
8015
2b9db105-d3d8-4c37-a8e3-baf5aeb22025
https://tracking.pos.com.my/ 		241 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tracking.pos.com.my/2b9db105-d3d8-4c37-a8e3-baf5aeb22025
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d02633239369d04c8812eff65b6c3fad7d08525efd85d2451de2a4bac9f0cfb

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://tracking.pos.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
3662e64da986368bbac2da241549a35b.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/3662e64da986368bbac2da241549a35b.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0114/5582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fc7b35533d223ce9b8820fa8f3afe418a927272c5300f3a01129e40b959365

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 11:04:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 28 Mar 2024 14:28:46 GMT
server
cloudflare
age
250020
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87ae54779a2336b2-YYZ
content-length
30716
v11
tracking.crazyegg.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1145582&st=409082&ss=de22f890-0485-11ef-a6dd-05d101e48ef8&p=05ff2cfad88751e4bd1306685debdccf&tk=78dea3eba74de03062f51bd1a286c9ab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.35.199 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-35-199.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://tracking.pos.com.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods
*
access-control-allow-origin
*
content-length
0
content-type
application/octet-stream
date
Sat, 27 Apr 2024 11:04:07 GMT
server
awselb/2.0
v11
tracking.crazyegg.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1145582&st=409082&ss=de22f890-0485-11ef-a6dd-05d101e48ef8&p=05ff2cfad88751e4bd1306685debdccf&tk=78dea3eba74de03062f51bd1a286c9ab
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.35.199 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-35-199.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/gzip

Response headers

access-control-allow-origin
*
date
Sat, 27 Apr 2024 11:04:07 GMT
server
awselb/2.0
content-length
0
content-type
text/plain
78fbc851-9722-4ca0-a243-6fa9222be493
https://tracking.pos.com.my/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tracking.pos.com.my/78fbc851-9722-4ca0-a243-6fa9222be493
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d372edb49a5ae087d8e451fa0560c2439b3a836c09c9d2a083800e10b190c2f5

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://tracking.pos.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
5451
Content-Type
ab37ba8a-83f9-4fa6-9b9d-ed5eaa64a117
https://tracking.pos.com.my/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tracking.pos.com.my/ab37ba8a-83f9-4fa6-9b9d-ed5eaa64a117
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a996996ec921d516899c0d3df103e5eca5a71cf9afec9c057ae240e11ab7be

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://tracking.pos.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
4517
Content-Type
e34a3eff-9784-4a8a-8f8b-a4ff6cb975be
https://tracking.pos.com.my/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tracking.pos.com.my/e34a3eff-9784-4a8a-8f8b-a4ff6cb975be
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1f285e1fc1c5ca35eda4a8561dc5e7c4c131116f96b52f9c3599597b5bc39a7

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://tracking.pos.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
1604
Content-Type
text/javascript
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=693026428716134&ev=PageView&dl=https%3A%2F%2Ftracking.pos.com.my%2F&rl=&if=false&ts=1714215847784&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.2.1714215847268.1866652313&ler=empty&cdl=API_unavailable&cs_est=true&it=1714215847175&coo=false&rqm=GET
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4315, tp=9, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 27 Apr 2024 11:04:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
icon-chevron-right-white.png
tracking.pos.com.my/assets/images/portal/icon/ 		230 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.pos.com.my/assets/images/portal/icon/icon-chevron-right-white.png
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
48f9277cc17b54baa447d139081217338c217b57b1b821259c22ef34e0178cf3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/tracking
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:09 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df4f4d
server-timing
cdn-cache; desc=MISS, edge; dur=685, origin; dur=22, ak_p; desc="1714215849200_389979021_2480885581_70675_14250_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
230
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"e6-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:09 GMT
GothamMedium.woff2
tracking.pos.com.my/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/assets/fonts/GothamMedium.woff2
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/styles.19513bb9b36508efccf3.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9053688f39a3bead3e306567ba60e7506146259f6af525eab01d6f7d85f3cbfe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/styles.19513bb9b36508efccf3.css
Origin
https://tracking.pos.com.my
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df502d
server-timing
cdn-cache; desc=MISS, edge; dur=785, origin; dur=113, ak_p; desc="1714215849374_389979021_2480885805_89825_10583_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
18780
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"495c-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
Roboto-Regular.e9a9d280f48fac104245.woff2
tracking.pos.com.my/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/Roboto-Regular.e9a9d280f48fac104245.woff2
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/styles.19513bb9b36508efccf3.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/styles.19513bb9b36508efccf3.css
Origin
https://tracking.pos.com.my
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df502e
server-timing
cdn-cache; desc=MISS, edge; dur=720, origin; dur=13, ak_p; desc="1714215849385_389979021_2480885806_73290_12412_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
49236
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"c054-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2291995661118109&ev=PageView&dl=https%3A%2F%2Ftracking.pos.com.my%2Ftracking&rl=&if=false&ts=1714215849158&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.2.1714215847268.1866652313&ler=empty&cdl=API_unavailable&it=1714215847175&coo=false&rqm=GET
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4827, tp=15, tpl=0, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 27 Apr 2024 11:04:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1970225759815448&ev=PageView&dl=https%3A%2F%2Ftracking.pos.com.my%2Ftracking&rl=&if=false&ts=1714215849160&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.2.1714215847268.1866652313&ler=empty&cdl=API_unavailable&it=1714215847175&coo=false&rqm=GET
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=5019, tp=17, tpl=0, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 27 Apr 2024 11:04:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=693026428716134&ev=PageView&dl=https%3A%2F%2Ftracking.pos.com.my%2Ftracking&rl=&if=false&ts=1714215849161&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.2.1714215847268.1866652313&ler=empty&cdl=API_unavailable&cs_est=true&it=1714215847175&coo=false&rqm=GET
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=5163, tp=18, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 27 Apr 2024 11:04:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
pos-malaysia-230117.png
tracking.pos.com.my/assets/images/portal/logo/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.pos.com.my/assets/images/portal/logo/pos-malaysia-230117.png?rand=1231354
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/styles.19513bb9b36508efccf3.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9d0906358a5075a45cecf8c4fb61d3b8eec1250adbbb7a114582b33bf39e2ffb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/styles.19513bb9b36508efccf3.css
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df4f87
server-timing
cdn-cache; desc=MISS, edge; dur=794, origin; dur=12, ak_p; desc="1714215849244_389979021_2480885639_80573_12930_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
9762
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"2622-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
logo-DRB-HiCOM-new.svg
tracking.pos.com.my/assets/images/portal/logo/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.pos.com.my/assets/images/portal/logo/logo-DRB-HiCOM-new.svg?rand=1231354
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e508334acb0c733f2fa34fa921be303e940021d2702e5986dc03b7b45a29cd61
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/tracking
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df4f9a
server-timing
cdn-cache; desc=MISS, edge; dur=781, origin; dur=7, ak_p; desc="1714215849258_389979021_2480885658_78838_12501_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
4415
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"31d6-6161e4e9ce900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
icon-dl-google-play.webp
tracking.pos.com.my/assets/images/portal/icon/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.pos.com.my/assets/images/portal/icon/icon-dl-google-play.webp?rand=1231354
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
68f66becf397e75046d797dce9858f54cfc4410c290b797d68172561564e530b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/tracking
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df4f9b
server-timing
cdn-cache; desc=MISS, edge; dur=887, origin; dur=113, ak_p; desc="1714215849271_389979021_2480885659_99972_11644_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
8470
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"2116-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
icon-dl-appstore.webp
tracking.pos.com.my/assets/images/portal/icon/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.pos.com.my/assets/images/portal/icon/icon-dl-appstore.webp?rand=1231354
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
99cb5954c62bf5b9c48ff807828f4703c249f78cba7b44031bdef97bc804b05b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/tracking
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df4f9c
server-timing
cdn-cache; desc=MISS, edge; dur=756, origin; dur=19, ak_p; desc="1714215849284_389979021_2480885660_77539_12266_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
9590
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"2576-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
icon-dl-appgallery.png
tracking.pos.com.my/assets/images/portal/icon/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.pos.com.my/assets/images/portal/icon/icon-dl-appgallery.png?rand=1231354
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0b0752b78a1ce68679cb3229a26006ed72ab0d94fd78c95f4fbb17df1f194a0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/tracking
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df4f9d
server-timing
cdn-cache; desc=MISS, edge; dur=759, origin; dur=63, ak_p; desc="1714215849296_389979021_2480885661_82208_10740_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
5171
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"1433-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
icon-mc-facebook.webp
tracking.pos.com.my/assets/images/portal/icon/ 		354 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.pos.com.my/assets/images/portal/icon/icon-mc-facebook.webp?r=230927
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32bb079fcb865624bb8106bfda63ffc5d57199110789f8c1d1b0982fcd0be808
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/tracking
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df4f9e
server-timing
cdn-cache; desc=MISS, edge; dur=715, origin; dur=14, ak_p; desc="1714215849307_389979021_2480885662_72892_10346_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
354
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"162-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
icon-mc-twitter.webp
tracking.pos.com.my/assets/images/portal/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.pos.com.my/assets/images/portal/icon/icon-mc-twitter.webp?r=230927
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
49583cd572bbb0ba2953f9402ce5b6fe159c20efb1e95a5e609c293e0b6f401f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/tracking
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df4f9f
server-timing
cdn-cache; desc=MISS, edge; dur=710, origin; dur=25, ak_p; desc="1714215849318_389979021_2480885663_73539_11752_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
1556
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"614-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
icon-mc-instagram.webp
tracking.pos.com.my/assets/images/portal/icon/ 		784 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.pos.com.my/assets/images/portal/icon/icon-mc-instagram.webp?r=230927
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e013db063455cd5412261b6ba01aaa842b9ede0333359b3078ef737b63b09b6e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/tracking
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df4fa0
server-timing
cdn-cache; desc=MISS, edge; dur=746, origin; dur=112, ak_p; desc="1714215849330_389979021_2480885664_85786_10364_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
784
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"310-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
icon-mc-linkedin.webp
tracking.pos.com.my/assets/images/portal/icon/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.pos.com.my/assets/images/portal/icon/icon-mc-linkedin.webp
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
934223aba56456a16a57e1e73efff7a4ea846ae64dea9fd8f0896c7c7167038f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/tracking
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df4fa1
server-timing
cdn-cache; desc=MISS, edge; dur=732, origin; dur=27, ak_p; desc="1714215849341_389979021_2480885665_75814_11253_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
18364
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"47bc-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
icon-mc-tiktok.svg
tracking.pos.com.my/assets/images/portal/icon/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.pos.com.my/assets/images/portal/icon/icon-mc-tiktok.svg?r=230927
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/tracking
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9eaca493f3e11ec1a004d5a2096fe583ec2c6667e114154ed7a463b74ea622fd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/tracking
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df4fa2
server-timing
cdn-cache; desc=MISS, edge; dur=718, origin; dur=5, ak_p; desc="1714215849353_389979021_2480885666_72298_11310_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
4315
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"163f-6161e4e9ce900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
GothamBold.woff2
tracking.pos.com.my/assets/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/assets/fonts/GothamBold.woff2
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/styles.19513bb9b36508efccf3.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b997ecaf208564bfed546efa8ee81dcefcd7376f3e1e52427c852f8ee6a924cb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/styles.19513bb9b36508efccf3.css
Origin
https://tracking.pos.com.my
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:10 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215849.93df502f
server-timing
cdn-cache; desc=MISS, edge; dur=690, origin; dur=28, ak_p; desc="1714215849398_389979021_2480885807_71823_13631_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
14800
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"39d0-6161e4e9ce900"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:10 GMT
v11
tracking.crazyegg.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1145582&st=409082&ss=de22f890-0485-11ef-a6dd-05d101e48ef8&p=05ff2cfad88751e4bd1306685debdccf&tk=78dea3eba74de03062f51bd1a286c9ab
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.35.199 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-35-199.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/gzip

Response headers

access-control-allow-origin
*
date
Sat, 27 Apr 2024 11:04:09 GMT
server
awselb/2.0
content-length
0
content-type
text/plain
v11
tracking.crazyegg.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1145582&st=409082&ss=de22f890-0485-11ef-a6dd-05d101e48ef8&p=15796b0c2b2b3335c4c6d0f5b129b71f&tk=78dea3eba74de03062f51bd1a286c9ab
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.35.199 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-35-199.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/gzip

Response headers

access-control-allow-origin
*
date
Sat, 27 Apr 2024 11:04:09 GMT
server
awselb/2.0
content-length
0
content-type
text/plain
v11
tracking.crazyegg.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1145582&st=409082&ss=de22f890-0485-11ef-a6dd-05d101e48ef8&p=15796b0c2b2b3335c4c6d0f5b129b71f&tk=78dea3eba74de03062f51bd1a286c9ab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.35.199 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-35-199.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://tracking.pos.com.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods
*
access-control-allow-origin
*
content-length
0
content-type
application/octet-stream
date
Sat, 27 Apr 2024 11:04:09 GMT
server
awselb/2.0
loader.js
toolassets.haptikapi.com/platform/javascript-xdk/production/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toolassets.haptikapi.com/platform/javascript-xdk/production/loader.js
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.104.20 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-104-20.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4cb99ba4adfa79197162f3b17a5ddde4698ef1cdb67a9eb3ac4417f0bf0999d5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
oBtsEITXMvzgRgGa0vL7JjAf61Ed4ps8
Content-Encoding
gzip
Date
Sat, 27 Apr 2024 11:04:10 GMT
x-amz-request-id
1PH1KH0NBE0ZMHMW
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
858
x-amz-id-2
jX8DpZLEkVjHBi2bauxmYCxMDW0DY7BDM1Lvo84I1zqb7RVrEuc4tx3fOhypFaSgiHtz0kh3jITBqGvBbdhVog==
Last-Modified
Fri, 26 Apr 2024 09:13:17 GMT
Server
AmazonS3
ETag
"221deb06f3adca195951dca3e504526d"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, max-age=52
Accept-Ranges
bytes
Expires
Sat, 27 Apr 2024 11:05:02 GMT
favicon.ico
tracking.pos.com.my/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tracking.pos.com.my/favicon.ico?r=230215
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.13 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c9edddae51d814dfc7eb80c21a7cace472a526234a10b25cae143855660316a2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tracking.pos.com.my/tracking
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
date
Sat, 27 Apr 2024 11:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
strict-transport-security
max-age=31536000 ; includeSubDomains
akamai-grn
0.8d9b3e17.1714215850.93df58fb
server-timing
cdn-cache; desc=MISS, edge; dur=660, origin; dur=23, ak_p; desc="1714215850853_389979021_2480888059_68338_12631_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
2053
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 15 Apr 2024 08:21:24 GMT
etag
"3c2e-6161e4e9ce900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-robots-tag
none
expires
Sat, 27 Apr 2024 11:04:11 GMT
/
68794910.akstat.io/ 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://68794910.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3XTRN-LXQAG-CXH9Y-U7J7B-2HETH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.132.139 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 11:04:10 GMT
content-type
image/gif
access-control-allow-origin
https://tracking.pos.com.my
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
x-xss-protection
0
expires
Sat, 27 Apr 2024 11:04:10 GMT
commons.js
toolassets.haptikapi.com/platform/javascript-xdk/production/ 		177 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toolassets.haptikapi.com/platform/javascript-xdk/production/commons.js
Requested by
Host: toolassets.haptikapi.com
URL: https://toolassets.haptikapi.com/platform/javascript-xdk/production/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.104.20 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-104-20.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2d8987be79096b986fb2db6504540c6a9372e1599b209acf97fb8a69c952b2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://tracking.pos.com.my
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
DE5WszMiNAchy9vqK5vPx2oswLqIqpSj
Content-Encoding
gzip
Date
Sat, 27 Apr 2024 11:04:11 GMT
x-amz-request-id
G1QM42WM2CRSGC46
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
57904
x-amz-id-2
5j+jsyRR0ZGNJORYyL1NGUJTAKR5MMKHqe1L+tXNCU4zOfdSVP03SHrFNrsfYSAHzV8DvcGnnwk=
Last-Modified
Fri, 26 Apr 2024 09:13:17 GMT
Server
AmazonS3
ETag
"54ff9355f8a39d1f8de500ad91f93e8f"
Access-Control-Max-Age
300
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, max-age=107
Accept-Ranges
bytes
Expires
Sat, 27 Apr 2024 11:05:58 GMT
app.js
toolassets.haptikapi.com/platform/javascript-xdk/production/ 		447 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toolassets.haptikapi.com/platform/javascript-xdk/production/app.js
Requested by
Host: toolassets.haptikapi.com
URL: https://toolassets.haptikapi.com/platform/javascript-xdk/production/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.104.20 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-104-20.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
61095a0a5a51415247fffac1e1152d31e2d7183b26ced183efe8eebf5a31b39e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://tracking.pos.com.my
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
gRogaJ9ZalKVrf3KqDQ8tfG7teR6CE9s
Content-Encoding
gzip
Date
Sat, 27 Apr 2024 11:04:11 GMT
x-amz-request-id
FRME99S56WFX2H13
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
118558
x-amz-id-2
PB6eGBf4L2ioJg7meLxEGA6VwzAYZciG1DSD8e9aaYZGcWX+weylyl6ReydenJurpLdfpCc/jKA=
Last-Modified
Fri, 26 Apr 2024 09:13:16 GMT
Server
AmazonS3
ETag
"eea3b0446d46491140902280eaae2099"
Access-Control-Max-Age
300
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, max-age=173
Accept-Ranges
bytes
Expires
Sat, 27 Apr 2024 11:07:04 GMT
styles.js
toolassets.haptikapi.com/platform/javascript-xdk/production/ 		1 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://toolassets.haptikapi.com/platform/javascript-xdk/production/styles.js
Requested by
Host: toolassets.haptikapi.com
URL: https://toolassets.haptikapi.com/platform/javascript-xdk/production/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.104.20 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-104-20.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c93e51a2b15363154c90da2632e6ea2b170a8b494851e6134e86f17f2f2199be

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://tracking.pos.com.my
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Fgvu3ty9d77BXZTPornuefc4kdS._hT6
Content-Encoding
gzip
Date
Sat, 27 Apr 2024 11:04:11 GMT
x-amz-request-id
GVJF0V39234T2ZJG
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
164
x-amz-id-2
jwNcha1OMdO0oiPXAXWpJK4WOyy7UVlu6/ZSdYee21YvNvgMK4wiUSZaczMr/IPVnOOlgBRhupo=
Last-Modified
Fri, 26 Apr 2024 09:13:17 GMT
Server
AmazonS3
ETag
"fd6210432ee37ee243174fd4c6549e20"
Access-Control-Max-Age
300
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, max-age=175
Accept-Ranges
bytes
Expires
Sat, 27 Apr 2024 11:07:06 GMT
/
singapore.haptikapi.com//api/v8/business/ 		0
0
/
singapore.haptikapi.com//api/v8/business/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://singapore.haptikapi.com//api/v8/business/?client_id=70123dd6a7c3d54af372d991e22fde621fbf2bb0&device_platform=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.104 -, , ASN (),
Reverse DNS
Software
You Should Not Know /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
client-id,content-type,user-id
Access-Control-Request-Method
GET
Origin
https://tracking.pos.com.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization, client-id, user-id, Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, PUT, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
application/octet-stream
date
Sat, 27 Apr 2024 11:04:11 GMT
server
You Should Not Know
via
1.1 fb7b65b8cad8124239a4b25728a84288.cloudfront.net (CloudFront)
x-amz-cf-id
l36QUaau__YcSJvgNd6yA8IA3a45c7IgbT2IQYrjL3BAzvDrBhTisQ==
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
v11
tracking.crazyegg.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1145582&st=409082&ss=de22f890-0485-11ef-a6dd-05d101e48ef8&p=15796b0c2b2b3335c4c6d0f5b129b71f&tk=78dea3eba74de03062f51bd1a286c9ab
Requested by
Host: tracking.pos.com.my
URL: https://tracking.pos.com.my/polyfills.1295405d975330be9341.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.35.199 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-35-199.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/gzip

Response headers

access-control-allow-origin
*
date
Sat, 27 Apr 2024 11:04:11 GMT
server
awselb/2.0
content-length
0
content-type
text/plain
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R4WN4KNEN5&gtm=45je44o0v893770286za200&_p=1714215844625&gcd=13l3l3l3l1&npa=0&dma=0&cid=2058522120.1714215847&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&sid=1714215847&sct=1&seg=0&dl=https%3A%2F%2Ftracking.pos.com.my%2F&dt=Pos%20Malaysia%20%7C%20Live%20Parcel%20Tracking%20%7C%20Real-time%20Delivery%20Status&_s=2&tfd=8449
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R4WN4KNEN5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 11:04:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tracking.pos.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
singapore.haptikapi.com
URL
https://singapore.haptikapi.com//api/v8/business/?client_id=70123dd6a7c3d54af372d991e22fde621fbf2bb0&device_platform=5

Verdicts & Comments Add Verdict or Comment

293 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| initChat function| initialize function| initiateCall string| BOOMR_API_key object| BOOMR object| webpackJsonp function| $localize function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched object| global function| $ function| jQuery function| moment function| Mmenu object| google_tag_manager object| google_tag_data object| __zone_symbol__loadfalse string| GoogleAnalyticsObject function| ga object| __zone_symbol__hashchangefalse object| __zone_symbol__popstatefalse function| fbq function| _fbq string| lbTrans string| lbValue string| lbData function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq object| __zone_symbol__beforeunloadfalse object| __zone_symbol__pagehidefalse object| __zone_symbol__pageshowfalse object| __zone_symbol__DOMContentLoadedfalse function| onYouTubeIframeAPIReady object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| gaGlobal object| GooglebQhCsO object| __zone_symbol__resizefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| URLparser function| getURL function| lh_new function| createCookie function| readCookie function| updateCookie function| eraseCookie function| appendScript function| appendIframe function| loadPixel function| lbLoad function| lbReload function| loadLogger boolean| isLBLoaded boolean| isTealiumLoaded boolean| isInIFrame boolean| isInDebug object| debugType boolean| isInTest string| lbVersion string| newRandom function| tealium_lbReload string| lbURL string| lbIframeURL string| lbRef string| lbTitle object| lbURLtealium string| lbAccount string| lbURLmod boolean| parentIsPermitted object| ASCurWin object| ASurl object| debugCookie undefined| debugQuery string| tealiumURL string| tealiumProfile string| lbURLEncoded string| lbRefEncoded string| lbTitleEncoded string| lbProtocol string| lbHost string| lbRef_host string| lbPath string| lbQuery string| lbAnchor object| hostParts string| lb_url object| lb_val_temp boolean| lbExtRef string| refMedium string| refSource string| refContent string| refTerm string| refCampaign string| refKeyword string| refType string| refEngine string| refAction object| newScript object| scriptElement object| pixel_iframe object| appendElement object| gaplugins object| gaData string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL boolean| load_lb boolean| lbLoaded string| profileID object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| __zone_symbol__loadtrue object| CE_API object| __zone_symbol__pageshowtrue object| __zone_symbol__messagefalse object| __zone_symbol__visibilitychangetrue object| __zone_symbol__beforeunloadtrue object| __zone_symbol__keydowntrue object| __zone_symbol__mousemovetrue object| __zone_symbol__mousedowntrue object| __zone_symbol__scrolltrue object| __zone_symbol__changetrue undefined| cesrk06949960513267561 string| cesrk06949960513267561_path object| __zone_symbol__blurtrue object| __zone_symbol__mouseuptrue object| __zone_symbol__errortrue object| __zone_symbol__unhandledrejectiontrue object| __zone_symbol__submittrue object| __zone_symbol__inputtrue object| __zone_symbol__pagehidetrue number| BOOMR_onload object| haptikInitSettings object| webpackJsonpXDK object| regeneratorRuntime object| __zone_symbol__visibilitychangefalse function| __zone_symbol__ON_PROPERTYbeforeunload object| HaptikSDK object| XDKStats function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

13 Cookies

Domain/Path Name / Value
.pos.com.my/ Name: _gcl_au
Value: 1.1.1344426420.1714215847
.pos.com.my/ Name: _ga
Value: GA1.3.2058522120.1714215847
.pos.com.my/ Name: _gid
Value: GA1.3.313098780.1714215847
.pos.com.my/ Name: _gat_UA-20566710-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pos.com.my/ Name: _fbp
Value: fb.2.1714215847268.1866652313
.pos.com.my/ Name: _ce.irv
Value: new
.pos.com.my/ Name: cebs
Value: 1
.pos.com.my/ Name: _ce.clock_event
Value: 1
.pos.com.my/ Name: _ce.clock_data
Value: 36%2C149.34.249.58%2C1%2Ca16ddaab909d2cf27fce353f26dd2ff2
.pos.com.my/ Name: cebsp_
Value: 2
.pos.com.my/ Name: _ce.s
Value: v~2baf8fe753edc7c2d3f910a47a6c984913fed725~lcw~1714215847681~lva~1714215847323~vpv~0~v11.fs~1~v11.cs~409082~v11.s~de22f890-0485-11ef-a6dd-05d101e48ef8~v11ls~de22f890-0485-11ef-a6dd-05d101e48ef8~v11.sla~1714215847671~v11nv~2~lcw~1714215849586
.pos.com.my/ Name: _ga_R4WN4KNEN5
Value: GS1.1.1714215847.1.1.1714215850.57.0.0

19 Console Messages

Source Level URL
Text
security error URL: https://tracking.pos.com.my/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tracking.pos.com.my/
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
security error URL: https://cdn-akamai.mookie1.com/LB/LightningBolt.js(Line 122)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://cdn-akamai.mookie1.com/LB/LightningBolt.js(Line 122)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
other warning URL: https://tracking.pos.com.my/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/2291995661118109?v=2.9.154&r=stable&domain=tracking.pos.com.my&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://tracking.pos.com.my/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js(Line 1)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js(Line 1)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
security error URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js(Line 1)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js(Line 1)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
worker error URL: https://tracking.pos.com.my/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: https://tracking.pos.com.my/
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
worker error URL: https://tracking.pos.com.my/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: https://tracking.pos.com.my/
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
worker error URL: https://tracking.pos.com.my/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: https://tracking.pos.com.my/
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''
worker error URL: https://tracking.pos.com.my/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: https://tracking.pos.com.my/
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression ''unsafe-inline''

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

68794910.akstat.io
analytics.google.com
assets-tracking.crazyegg.com
c.go-mpulse.net
cdn-akamai.mookie1.com
connect.facebook.net
googleads.g.doubleclick.net
pagestates-tracking.crazyegg.com
s.go-mpulse.net
script.crazyegg.com
singapore.haptikapi.com
stats.g.doubleclick.net
toolassets.haptikapi.com
tracking.crazyegg.com
tracking.pos.com.my
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
singapore.haptikapi.com
104.19.148.8
142.251.111.155
142.251.111.97
142.251.16.101
142.251.16.94
142.251.163.104
142.251.163.113
157.240.229.35
172.253.115.156
23.205.104.20
23.205.107.16
23.220.132.139
23.62.164.139
23.73.207.13
3.161.213.112
3.162.3.104
3.162.3.18
3.19.35.199
31.13.66.19
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
10a996996ec921d516899c0d3df103e5eca5a71cf9afec9c057ae240e11ab7be
1188898868c695e2abbd54b30d40fa308663ee8855ee629b86c2d7f8c73d8b77
230e1df7a21d7585b81233297cb109f8761a8d2bffb05643f4f37a7fbbedfc45
24e57ed2a65e26d28816d33d37b4a7d3be797c227fcc58375f770a6a45c0602a
267e3680e38a4ed0949dd2a4cc931be915bd09213abe383e2e6300f219305d3d
2a17f25a7ad1e6cdc84822b0c7fd3485ceecb82714f36412283413b12e33d635
2c426977a2cdeb47bbed0d392d03d2241a11d2b8f41a2c3924c12bdc487bf0af
31fc7b35533d223ce9b8820fa8f3afe418a927272c5300f3a01129e40b959365
32bb079fcb865624bb8106bfda63ffc5d57199110789f8c1d1b0982fcd0be808
32cfe3f708994d50fe971a141c28e69838b501fa471bffb756761bd5324cc1cd
4855e475c6939ad634080cfc1906e96b24661960a63e71fcd2c65d2f1045ac95
48f9277cc17b54baa447d139081217338c217b57b1b821259c22ef34e0178cf3
49583cd572bbb0ba2953f9402ce5b6fe159c20efb1e95a5e609c293e0b6f401f
4cb99ba4adfa79197162f3b17a5ddde4698ef1cdb67a9eb3ac4417f0bf0999d5
61095a0a5a51415247fffac1e1152d31e2d7183b26ced183efe8eebf5a31b39e
68f66becf397e75046d797dce9858f54cfc4410c290b797d68172561564e530b
69e1068116a434a9496cc68299a87e17a1180df65ec3222d6c26bba06f50e396
6a046bdd86f5e97c4f2e768ec9b65f840031054fd1f36c76e1cf3ef0c082c601
77abe75c563b20e40cfb437e99e5aa70307c87a033867525c83e93e4854569f3
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30
7d02633239369d04c8812eff65b6c3fad7d08525efd85d2451de2a4bac9f0cfb
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
9053688f39a3bead3e306567ba60e7506146259f6af525eab01d6f7d85f3cbfe
91e9657dda294e05e223f1833f00654d8b0464e514e188bf8c03e6fc6faffd06
934223aba56456a16a57e1e73efff7a4ea846ae64dea9fd8f0896c7c7167038f
946f61970ed0a02c3fd2d2b1ccbfbb4518b6bfa3babf1ddb460814742efbb543
98a53a23b25a29423beaf41d6badea7bab68b7b0d42cbda14df6f1c3c836251b
99cb5954c62bf5b9c48ff807828f4703c249f78cba7b44031bdef97bc804b05b
9d0906358a5075a45cecf8c4fb61d3b8eec1250adbbb7a114582b33bf39e2ffb
9eaca493f3e11ec1a004d5a2096fe583ec2c6667e114154ed7a463b74ea622fd
a0b0752b78a1ce68679cb3229a26006ed72ab0d94fd78c95f4fbb17df1f194a0
a274b02cd52fe15937e731d6b1ddb3d4ba0ce0c87b7fb7b654ff868ff2f88fb8
adce10190495b0be90f29920b801656254a50a137b69c60941bc5832042b978d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1f285e1fc1c5ca35eda4a8561dc5e7c4c131116f96b52f9c3599597b5bc39a7
b243b20107b1040586c0b0773b915dd704fa4400ba73842c49b8d6dad82ba6dd
b3792589406c0724db2c767e9e8b3ef3e16f05ea7168a944cd645f2a83d429cd
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b997ecaf208564bfed546efa8ee81dcefcd7376f3e1e52427c852f8ee6a924cb
bae75b78fd2e672bb67dd58b41b487f07ca48836640a76ed11ee39e8c6af3528
c93e51a2b15363154c90da2632e6ea2b170a8b494851e6134e86f17f2f2199be
c9edddae51d814dfc7eb80c21a7cace472a526234a10b25cae143855660316a2
d372edb49a5ae087d8e451fa0560c2439b3a836c09c9d2a083800e10b190c2f5
d69e3303757e223cc0fd92ec05e7f0eb6ca17c61c857cf273f19d181ad2afd47
da2d8987be79096b986fb2db6504540c6a9372e1599b209acf97fb8a69c952b2
da4595f5f1a53e3f6828b4b66ec0515915e4af2195723d3393ee4f438147fa11
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e013db063455cd5412261b6ba01aaa842b9ede0333359b3078ef737b63b09b6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e508334acb0c733f2fa34fa921be303e940021d2702e5986dc03b7b45a29cd61
e7412671804b1fbbc5899f1f404f561cc50ffe025cb37d7b389dbc5a66786df7
ea20f86c7f036f6a03f3e3d2fa0bbf8b807289b9f7e7d06201292d57640132cc
ea649124f3e2ef08d7ec00eda84e5180940d00c7e9bdb23914d6cb655ce58284
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9e135690892fd5f25b7c5d2855608c096ab8df2ed113a0b723d38ba1d0a6dfe