urlscan.io logo urlscan.io
SecurityTrails logo

www.xtra.com.my Open in urlscan Pro
2606:4700:4400::ac40:9694  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.xtra.com.my/
Effective URL: https://www.xtra.com.my/
Submission: On January 18 via manual from MY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 11 countries across 60 domains to perform 429 HTTP transactions. The main IP is 2606:4700:4400::ac40:9694, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xtra.com.my.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2023. Valid for: a year.
This is the only time www.xtra.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 85 2606:4700:440... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
3 65.9.66.122 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.206.23.103 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
3 63.34.68.125 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:264... 16509 (AMAZON-02)
2 18.245.60.76 16509 (AMAZON-02)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
7 2606:4700:7::... 13335 (CLOUDFLAR...)
4 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::714 54113 (FASTLY)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
36 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.34 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 141.95.98.65 16276 (OVH)
4 20.114.190.119 8075 (MICROSOFT...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 142.250.181.230 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.98.64.218 396982 (GOOGLE-CL...)
8 2a00:1450:400... 15169 (GOOGLE)
5 2a02:2638:3::12 44788 (ASN-CRITE...)
3 34.87.4.75 396982 (GOOGLE-CL...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
4 28 142.250.186.162 15169 (GOOGLE)
2 35.71.131.137 16509 (AMAZON-02)
3 3 2a05:d018:d29... 16509 (AMAZON-02)
4 4 37.157.6.237 198622 (ADFORM)
2 2 51.89.9.251 16276 (OVH)
3 6 23.32.185.35 16625 (AKAMAI-AS)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 151.101.66.49 54113 (FASTLY)
2 2 18.158.149.85 16509 (AMAZON-02)
2 2 178.250.1.9 44788 (ASN-CRITE...)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 35.244.174.68 15169 (GOOGLE)
1 34.160.236.64 396982 (GOOGLE-CL...)
1 1 35.186.193.173 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 98.98.134.242 21859 (ZEN-ECN)
1 1 35.190.0.66 15169 (GOOGLE)
5 2a02:2638:d::c 44788 (ASN-CRITE...)
5 178.250.1.6 44788 (ASN-CRITE...)
2 2 52.57.164.72 16509 (AMAZON-02)
67 2a02:2638:3::10 44788 (ASN-CRITE...)
6 2a02:2638:3::1a 44788 (ASN-CRITE...)
2 2606:4700:7::... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 52.20.105.140 14618 (AMAZON-AES)
10 151.101.2.217 54113 (FASTLY)
429 70
85    2606:4700:4400::ac40:9694 (United States)

ASN13335 (CLOUDFLARENET, US)
www.xtra.com.my
media.xtra.com.my
4    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
17    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
2    2606:4700:4400::6812:233f (United States)

ASN13335 (CLOUDFLARENET, US)
ad.mediaprimaplus.com.my
heartbeat.mediaprimaplus.com.my
1    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2606:4700:4400::ac40:97e6 (United States)

ASN13335 (CLOUDFLARENET, US)
oauthjs.revmedia.my
3    2606:4700:4400::6812:241a (United States)

ASN13335 (CLOUDFLARENET, US)
pcto.revmedia.my
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    23.206.23.103 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-23-103.deploy.static.akamaitechnologies.com
s7.addthis.com
4    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
20    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
3    63.34.68.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-68-125.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:2646:2c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    18.245.60.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-76.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a03:2880:f013:d:face:b00c:0:3 (Helsinki, Finland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)
xtramy.api.useinsider.com
locationv2.api.useinsider.com
assets.api.useinsider.com
eitri.api.useinsider.com
wp-log.api.useinsider.com
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2606:4700:20::ac43:4ac2 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.skypack.dev
3    2606:4700:4400::6812:2587 (United States)

ASN13335 (CLOUDFLARENET, US)
api.tonton.com.my
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
script.google.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
script.googleusercontent.com
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
36    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2250:ea00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
1    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
www.googleadservices.com
8    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
4    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
1    2a03:2880:f113:81:face:b00c:0:25de (Helsinki, Finland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
17    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
8    2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
5    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    34.87.4.75 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 75.4.87.34.bc.googleusercontent.com
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
28    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2a05:d018:d29:3601:fa46:4bf7:11fd:dd50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
6    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
4    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    18.158.149.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-149-85.eu-central-1.compute.amazonaws.com
d.agkn.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
5    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
5    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    52.57.164.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-164-72.eu-central-1.compute.amazonaws.com
pm.w55c.net
67    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
6    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)
segment.api.useinsider.com
hit.api.useinsider.com
2    2606:4700:4400::6812:27d0 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.revid.my
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    52.20.105.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-105-140.compute-1.amazonaws.com
ping.chartbeat.net
10    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
headend-api.tonton.com.my
Apex Domain
Subdomains		 Transfer
109 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386
csm.eu.criteo.net — Cisco Umbrella Rank: 8850
1 MB
85 xtra.com.my
www.xtra.com.my
media.xtra.com.my
3 MB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
274 KB
36 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
346 KB
20 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
ads.eu.criteo.com — Cisco Umbrella Rank: 8778
dis.criteo.com — Cisco Umbrella Rank: 608
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15704
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462
266 KB
13 tonton.com.my
api.tonton.com.my
headend-api.tonton.com.my
511 KB
13 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2616
script.google.com — Cisco Umbrella Rank: 9173
www.google.com — Cisco Umbrella Rank: 2
2 KB
9 useinsider.com
xtramy.api.useinsider.com
segment.api.useinsider.com — Cisco Umbrella Rank: 21022
locationv2.api.useinsider.com — Cisco Umbrella Rank: 22437
assets.api.useinsider.com — Cisco Umbrella Rank: 31863
eitri.api.useinsider.com — Cisco Umbrella Rank: 29156
hit.api.useinsider.com — Cisco Umbrella Rank: 18208
wp-log.api.useinsider.com — Cisco Umbrella Rank: 18084
80 KB
8 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 93
133 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
x.clarity.ms — Cisco Umbrella Rank: 7993
c.clarity.ms — Cisco Umbrella Rank: 1351
28 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
419 KB
6 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1376
1 KB
6 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
43 KB
5 skypack.dev
cdn.skypack.dev — Cisco Umbrella Rank: 35469
41 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3445
413 B
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
297 KB
4 revmedia.my
oauthjs.revmedia.my — Cisco Umbrella Rank: 586667
pcto.revmedia.my — Cisco Umbrella Rank: 190328
96 KB
4 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2998
124 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
1 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
2 KB
3 elastic-cloud.com
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com Failed
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1736
google-bidout-d.openx.net — Cisco Umbrella Rank: 1735
791 B
3 google.de
www.google.de — Cisco Umbrella Rank: 6518
578 B
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1685
mab.chartbeat.com — Cisco Umbrella Rank: 2582
26 KB
2 revid.my
hb.revid.my — Cisco Umbrella Rank: 176314
462 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
2 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
374 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
r.turn.com — Cisco Umbrella Rank: 4167
869 B
2 agkn.com
d.agkn.com — Cisco Umbrella Rank: 776
2 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
887 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
297 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
29 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
91 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
3 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
9 KB
2 mediaprimaplus.com.my
ad.mediaprimaplus.com.my — Cisco Umbrella Rank: 190109
heartbeat.mediaprimaplus.com.my — Cisco Umbrella Rank: 172460
46 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
9 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1396
201 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 247
762 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5893
558 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
463 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 7224
667 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1375
204 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 738
98 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
27 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948
3 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1299
5 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 googleusercontent.com
script.googleusercontent.com — Cisco Umbrella Rank: 44816
886 B
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 3470
361 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
30 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 867
20 KB
0 myundi.com.my Failed
exclusive.myundi.com.my Failed
429 60
Domain Requested by
67 imageproxy.eu.criteo.net ads.eu.criteo.com
50 www.xtra.com.my 4 redirects www.xtra.com.my
unpkg.com
36 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
35 media.xtra.com.my www.xtra.com.my
28 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
17 tpc.googlesyndication.com www.xtra.com.my
e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
17 pagead2.googlesyndication.com www.xtra.com.my
pagead2.googlesyndication.com
e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
unpkg.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
10 headend-api.tonton.com.my
8 i.ytimg.com www.xtra.com.my
8 www.google.com www.xtra.com.my
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 www.googletagservices.com www.xtra.com.my
e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 csm.eu.criteo.net ads.eu.criteo.com
6 sync.teads.tv 3 redirects googleads.g.doubleclick.net
5 cat.nl3.eu.criteo.com ads.eu.criteo.com
5 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
5 ads.eu.criteo.com googleads.g.doubleclick.net
5 cdn.skypack.dev www.xtra.com.my
4 dclk-match.dotomi.com googleads.g.doubleclick.net
4 c1.adform.net 4 redirects
4 x.clarity.ms unpkg.com
4 region1.analytics.google.com www.googletagmanager.com
4 www.google-analytics.com www.googletagmanager.com
unpkg.com
4 securepubads.g.doubleclick.net www.googletagservices.com
unpkg.com
4 www.googletagmanager.com www.xtra.com.my
www.googletagmanager.com
4 stackpath.bootstrapcdn.com www.xtra.com.my
stackpath.bootstrapcdn.com
3 sync-tm.everesttech.net 3 redirects
3 pr-bh.ybp.yahoo.com 3 redirects
3 media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com unpkg.com
3 api.tonton.com.my unpkg.com
3 www.google.de www.xtra.com.my
3 stats.g.doubleclick.net www.googletagmanager.com
unpkg.com
3 bcp.crwdcntrl.net unpkg.com
tags.crwdcntrl.net
3 pcto.revmedia.my www.xtra.com.my
3 tags.crwdcntrl.net www.xtra.com.my
www.googletagmanager.com
securepubads.g.doubleclick.net
2 c.clarity.ms 1 redirects
2 hb.revid.my unpkg.com
2 wp-log.api.useinsider.com www.xtra.com.my
2 pm.w55c.net 2 redirects
2 pixel-sync.sitescout.com googleads.g.doubleclick.net
2 dis.criteo.com 2 redirects
2 d.agkn.com 2 redirects
2 onetag-sys.com 2 redirects
2 match.adsrvr.org googleads.g.doubleclick.net
2 um.simpli.fi 2 redirects
2 ad.doubleclick.net www.xtra.com.my
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects www.xtra.com.my
2 e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 xtramy.api.useinsider.com www.googletagmanager.com
xtramy.api.useinsider.com
2 connect.facebook.net www.xtra.com.my
connect.facebook.net
2 www.clarity.ms www.xtra.com.my
www.clarity.ms
2 sb.scorecardresearch.com www.xtra.com.my
2 static.chartbeat.com www.googletagmanager.com
www.xtra.com.my
2 cdn.jsdelivr.net www.xtra.com.my
securepubads.g.doubleclick.net
2 cdnjs.cloudflare.com www.xtra.com.my
1 ping.chartbeat.net
1 c.bing.com 1 redirects
1 hit.api.useinsider.com unpkg.com
1 eitri.api.useinsider.com xtramy.api.useinsider.com
1 assets.api.useinsider.com xtramy.api.useinsider.com
1 locationv2.api.useinsider.com unpkg.com
1 segment.api.useinsider.com unpkg.com
1 ads.travelaudience.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 ius.ctnsnet.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 id.rlcdn.com googleads.g.doubleclick.net
1 r.turn.com googleads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 s0.2mdn.net e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
1 mug.criteo.com www.xtra.com.my
1 www.facebook.com www.xtra.com.my
1 id5-sync.com unpkg.com
1 www.googleadservices.com unpkg.com
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 mab.chartbeat.com unpkg.com
1 script.googleusercontent.com www.xtra.com.my
1 script.google.com 1 redirects
1 heartbeat.mediaprimaplus.com.my www.googletagmanager.com
1 s7.addthis.com www.xtra.com.my
1 code.jquery.com www.xtra.com.my
1 oauthjs.revmedia.my www.xtra.com.my
1 unpkg.com www.xtra.com.my
1 ad.mediaprimaplus.com.my www.xtra.com.my
0 exclusive.myundi.com.my Failed www.xtra.com.my
429 93
Subject Issuer Validity Valid
xtra.com.my
Cloudflare Inc ECC CA-3		 2023-07-11 -
2024-07-10		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
mediaprimaplus.com.my
Cloudflare Inc ECC CA-3		 2023-07-01 -
2024-06-30		 a year crt.sh
revmedia.my
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-09 -
2024-12-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-27 -
2024-01-25		 3 months crt.sh
useinsider.com
Cloudflare Inc ECC CA-3		 2023-12-05 -
2024-12-04		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
skypack.dev
GTS CA 1P5		 2023-12-02 -
2024-03-01		 3 months crt.sh
tonton.com.my
Cloudflare Inc ECC CA-3		 2023-07-11 -
2024-07-10		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.asia-southeast1.gcp.elastic-cloud.com
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.sitescout.com
GeoTrust TLS RSA CA G1		 2024-01-15 -
2025-02-01		 a year crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-08 -
2024-03-03		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-03 -
2024-02-28		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-21		 3 months crt.sh
revid.my
Cloudflare Inc ECC CA-3		 2023-12-31 -
2024-12-30		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.tonton.com.my
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-04 -
2024-12-05		 a year crt.sh

This page contains 28 frames:

Primary Page: https://www.xtra.com.my/
Frame ID: 5A9D6615891BD21377F6C3AA59363A48
Requests: 200 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/zrt_lookup_fy2021.html
Frame ID: 5678AAF6E90013B94C79D76F14DCF355
Requests: 1 HTTP requests in this frame

Frame: https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 051A849962131A62CFB7752ED995FDB3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&adk=1812271804&adf=3025194257&lmt=1705554077&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fwww.xtra.com.my%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554380501&bpp=5&bdt=470&idt=286&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6657886990256&frm=20&pv=2&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=298
Frame ID: 625C30DAF55AE70A82BED4E8C7D17E02
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.xtra.com.my
Frame ID: F9ACDE3BFD5667EAB99CBEC9E96DA496
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Frame ID: C4524A4A9D5A1C0C63F66CF87ADE1FA2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Frame ID: 7093825635353F34DB954A6867FE2FB5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Frame ID: 0BA288919E3B9474B5FCF3895DDB0211
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Frame ID: C6283613B30EBF4A393115942484BCB7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Frame ID: DA3F634B3AFDB38B1A510F7FBAE017BA
Requests: 8 HTTP requests in this frame

Frame: https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 12C35827A4EE758CE7C0A5A57094A5F6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLqlkwEQsZGUARiHwez7ATAB&v=APEucNVh5_mO-Ompi3GidHz7FjI-oNd44OPE_nim8rHpkYGWaR-dRgqz_nZhjWo3AAKrOETOB6zvsHuYbNgac9pd74sNrqRBMQ
Frame ID: FCDCD6F6EBBFA64F88E7CE51286D8FF2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 668792605B27FF7954A0E80F9871BB99
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A55AB6785EEC88ECBD3D790D9D6CEFA5
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Frame ID: B617E2701067BF18D4DAEF693189C386
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E53690435B387F8877060D823DBF4DE9
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Frame ID: 837AA35CD3FE6F2E3E320FDD877606AC
Requests: 28 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 176B3F9A75D1CFB9926D4D4C868D93B8
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Frame ID: 09F9640BA52848BF247E94439C407EB0
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DAD00412B965606C36E117BAC6DA4542
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Frame ID: DBED4BD7F7754DD942E775C5B7F78121
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 97185C583CFA3BFEE6669B457A360FC1
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Frame ID: CA4552E5D4971DDEDC047F26B2FFBF6B
Requests: 36 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 825423541978B9C2C93532878DDB4D0F
Requests: 9 HTTP requests in this frame

Frame: https://xtramy.api.useinsider.com/worker-new.html
Frame ID: 7F59FFC94EBBA4351F58BD7B4FCDB6FE
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=7269/rand=894549618/pv=y/ug=%23OpR%23101615%23Tonton%20Extra%20%3A%20Article%20Title%20%3A%20XTRA%20-/int=%23OpR%2378253%23www.xtra.com.my%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: 64023A88398FF6141DE5A829034AE9E5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B9E061FA888CB9A06E20088BF955B69C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E66618A24E22912A0C84553DA403161B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

XTRA -

Page URL History Show full URLs

  1. http://www.xtra.com.my/ HTTP 301
    https://www.xtra.com.my/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • api\.useinsider\.\w+/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

429
Requests

92 %
HTTPS

59 %
IPv6

60
Domains

93
Subdomains

70
IPs

11
Countries

7924 kB
Transfer

13051 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.xtra.com.my/ HTTP 301
    https://www.xtra.com.my/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://www.xtra.com.my/wp-content/uploads/2020/03/instagram-2.png HTTP 301
  • https://media.xtra.com.my/2020/03/instagram-2.png
Request Chain 97
  • https://www.xtra.com.my/wp-content/uploads/2020/03/twitter-2.png HTTP 301
  • https://media.xtra.com.my/2020/03/twitter-2.png
Request Chain 98
  • https://www.xtra.com.my/wp-content/uploads/2020/03/facebook-1.png HTTP 301
  • https://media.xtra.com.my/2020/03/facebook-1.png
Request Chain 105
  • https://script.google.com/macros/s/AKfycbxQJ4akLbRv2osfW6I9BE0UvbnrUEn9LVkX8zA4ciTIelJI_7xcLaGUN8Zyr3pIjcGCjw/exec?action=read HTTP 302
  • https://script.googleusercontent.com/macros/echo?user_content_key=bhOAbmzTbJdCvQW1awbuuNpz07qbj8bKo3S_TN1zErAQtMgM4iyD1W7yDeUOUzedoRbShDImtbGFkk_MS8eENGesZ7f_e-Qem5_BxDlH2jW0nuo2oDemN9CCS2h10ox_1xSncGQajx_ryfhECjZEnDcE1vWxR5s88BL6ScpUvyRURBfKAVMtrV4F03P06YLqwPRpL_JvUW3c96-bkXV1bJ9Gy9gG0XAYpQBVQViaDaT9iesBiJU6YowSkkEPQmtTfXdnmwNvazc&lib=M9Sa-6GXqmeawfa43t4zwbbpH_7uij9rM
Request Chain 133
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xtra.com.my%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xtra.com.my%2F&rid=esp&cc=1
Request Chain 151
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=xtra.com.my&sn=ChromeSyncframe&so=0&topUrl=www.xtra.com.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=EifJJnxGWkY4Vi9NR2NseFhSRm9VT0tCSVZHbnlkYjVqd1EvN0VzNWVKZkFtL0lza2ppNGdiVGVZTWN3cVJXb1BnYm1Xai9lT2g5WGdjSXVRK1ZUVERYMzYzYmYrSnJNZG9iN1pLN2xodGpKMVRPQ3FraDAzVTNMUlpxb0ppT1FpeWlyZVdJbEdOS0NMUGkwbXJ6YjUvOW9xK3NYTTAwaXhUQzZDeUYwTHBJdkM0dUJSVkJRUDBFWGxCUWNiZ0dWWVpZVFJGUXF0WHl1VUY2MXhRbmRjQ2hRbEt3enBoOXFHU1ZVYWNGR2hDbE1takRFTkN1TkpvMUFRSGlMZHE3SnhTVHhRc0RveFpzM1g2Nitra0V2ejMxK25maUI4SFBueWVmZjkwaDZSaVY2N1ZXMD18&cppv=2
Request Chain 202
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJVlhwh80oxejJybLAWqiQ0&google_cver=1&google_push=AXcoOmQ972oh6nUposiKD7HIBeXo2wNN7uhLpiAsO8s51UbkZtmPT7pCY4FgFHsfMs9gES7NvDJDf3BjB5aGvRZXqyXaCL0u728vROn9Ayd8aDnrKVutadQTNISD-t4K6JkZzveMmbMk97csW85_qxZEBesYc5k&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ972oh6nUposiKD7HIBeXo2wNN7uhLpiAsO8s51UbkZtmPT7pCY4FgFHsfMs9gES7NvDJDf3BjB5aGvRZXqyXaCL0u728vROn9Ayd8aDnrKVutadQTNISD-t4K6JkZzveMmbMk97csW85_qxZEBesYc5k%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJVlhwh80oxejJybLAWqiQ0&google_cver=1&google_push=AXcoOmQ972oh6nUposiKD7HIBeXo2wNN7uhLpiAsO8s51UbkZtmPT7pCY4FgFHsfMs9gES7NvDJDf3BjB5aGvRZXqyXaCL0u728vROn9Ayd8aDnrKVutadQTNISD-t4K6JkZzveMmbMk97csW85_qxZEBesYc5k&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ972oh6nUposiKD7HIBeXo2wNN7uhLpiAsO8s51UbkZtmPT7pCY4FgFHsfMs9gES7NvDJDf3BjB5aGvRZXqyXaCL0u728vROn9Ayd8aDnrKVutadQTNISD-t4K6JkZzveMmbMk97csW85_qxZEBesYc5k%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 203
  • https://um.simpli.fi/gp_match?google_gid=CAESEI32yBO6eCQfx4UNipvaIi0&google_cver=1&google_push=AXcoOmSnAwIxp1m1hGz8Pb77L8-RmYSqqIxYLzRguQNHrcgT253m6uJCFKzi8CWpyLZ5pUfqbSb8j6mdO7_-cAS-I7sKhK3Uhn1gzQW6wPp37dZDGU0M1zP2U9Qeqmi5_-pIMl5jUf1iwsvy0dBAecjU8y90v4c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D077D9D8C464332943F3770F1E82A3D&google_push=AXcoOmSnAwIxp1m1hGz8Pb77L8-RmYSqqIxYLzRguQNHrcgT253m6uJCFKzi8CWpyLZ5pUfqbSb8j6mdO7_-cAS-I7sKhK3Uhn1gzQW6wPp37dZDGU0M1zP2U9Qeqmi5_-pIMl5jUf1iwsvy0dBAecjU8y90v4c
Request Chain 205
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIQdDQKK2gS0nMr5C4ieAw0&google_cver=1&google_push=AXcoOmTTHMZPh__DmD-_7FGAvF-gMs5Hyf5NLOYmFj7Tr_IMBgdDYkDHkiCDV11bUR6ivxrkYIgYPHUY-OGfdqJkACr3VeyRatavwBlPJdtXNIFyd_E5dVxozb5Cln0jaETYTNuSxcblHoDAA3rqGQLxaQu-Qw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTTHMZPh__DmD-_7FGAvF-gMs5Hyf5NLOYmFj7Tr_IMBgdDYkDHkiCDV11bUR6ivxrkYIgYPHUY-OGfdqJkACr3VeyRatavwBlPJdtXNIFyd_E5dVxozb5Cln0jaETYTNuSxcblHoDAA3rqGQLxaQu-Qw&google_hm=eS1BSXFxVXlGRTJwSFROcms0R1gzYzdBZlJXWmhxUXRGTH5B
Request Chain 206
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGbEYp5Iq0ShcMWGe0J1wsU&google_cver=1&google_push=AXcoOmRPCuK8njSg6Wx2tFsytcRIq9uVIhs_9GkSb8JWDujpgciQF8WeLYZhJa5dBY2ncyRAkf6xNPmGJ0yIvFXso8dDoCZFlQR92jDmP7AKtDY7_nG-wtqJDyJiT_NM-7199kBXSGMD9QeQEk1vTBh7XcZDyZU HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGbEYp5Iq0ShcMWGe0J1wsU&google_cver=1&google_push=AXcoOmRPCuK8njSg6Wx2tFsytcRIq9uVIhs_9GkSb8JWDujpgciQF8WeLYZhJa5dBY2ncyRAkf6xNPmGJ0yIvFXso8dDoCZFlQR92jDmP7AKtDY7_nG-wtqJDyJiT_NM-7199kBXSGMD9QeQEk1vTBh7XcZDyZU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjkxMTg5NzEzMDc2NTUzMDE4Mw&google_push=AXcoOmRPCuK8njSg6Wx2tFsytcRIq9uVIhs_9GkSb8JWDujpgciQF8WeLYZhJa5dBY2ncyRAkf6xNPmGJ0yIvFXso8dDoCZFlQR92jDmP7AKtDY7_nG-wtqJDyJiT_NM-7199kBXSGMD9QeQEk1vTBh7XcZDyZU
Request Chain 207
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELY4AeJ6yJcrszDq1zga9sw&google_cver=1&google_push=AXcoOmQpfN3OE2frv3QkTkkUxT6AYvpXzc0RplkW9BbVdVqryPhDcHsSLXqsaUwZ0Bv1lRgpCHL9x-WGTy4BizAWS4NIK9UpxZH_NwjMZvx9Jah4GiRMS5XoQzIvEze5A5M4hz5vxIhhWkrW1uBK7dG2IBSbFVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpfN3OE2frv3QkTkkUxT6AYvpXzc0RplkW9BbVdVqryPhDcHsSLXqsaUwZ0Bv1lRgpCHL9x-WGTy4BizAWS4NIK9UpxZH_NwjMZvx9Jah4GiRMS5XoQzIvEze5A5M4hz5vxIhhWkrW1uBK7dG2IBSbFVs
Request Chain 208
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGzVwSmGl-pwZRFLQr24sSE&google_cver=1&google_push=AXcoOmSmhno8xZRTT2aZbSdnILkRuI_7PdBJvLsBJHLRIOsND8vmO7r6FEUsSEx3BZyz9q9uDceJO5GYKLJln70Us0BKJvsGuN8O2tznteWDBExKDpraI3isMykLp97N9BdzMoVoEhRlIUe0ljZJ6TwPe1doNac9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSmhno8xZRTT2aZbSdnILkRuI_7PdBJvLsBJHLRIOsND8vmO7r6FEUsSEx3BZyz9q9uDceJO5GYKLJln70Us0BKJvsGuN8O2tznteWDBExKDpraI3isMykLp97N9BdzMoVoEhRlIUe0ljZJ6TwPe1doNac9 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 212
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECb4Irz_cE1mL5vgn_NQ_kM&google_cver=1&google_push=AXcoOmSzwpoL6aIwLXZ4broP5grp0FyVaq_rrTRAs2jz7B0SQCSVZXAP9o_XZyAtXM5BOMEffjC6mPPgVzJFNA_oEx17ltHkv-P4KVG63GyETuQ7PqW99aN8JY3U834ooI72CrUQ_9mIMctdQwJMsATzK6CaQRI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECb4Irz_cE1mL5vgn_NQ_kM&google_push=AXcoOmSzwpoL6aIwLXZ4broP5grp0FyVaq_rrTRAs2jz7B0SQCSVZXAP9o_XZyAtXM5BOMEffjC6mPPgVzJFNA_oEx17ltHkv-P4KVG63GyETuQ7PqW99aN8JY3U834ooI72CrUQ_9mIMctdQwJMsATzK6CaQRI
Request Chain 213
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENIFDkMpCTxpFJzxT3hErns&google_cver=1&google_push=AXcoOmQoxFzQnV4XZksnPQSrLNO1WZbcqf-ncmj94kjQ9LgxcJ1stHEMaYoRyE2AQMxDhPbEWSK6GFbXqrSYyyWpZXc88FFuApAt9AkV5EqtV2N7jS08_40Bp46n9VclT-9Fx1TyVr9_ZcnSAyR_nLR9eNoEraM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQoxFzQnV4XZksnPQSrLNO1WZbcqf-ncmj94kjQ9LgxcJ1stHEMaYoRyE2AQMxDhPbEWSK6GFbXqrSYyyWpZXc88FFuApAt9AkV5EqtV2N7jS08_40Bp46n9VclT-9Fx1TyVr9_ZcnSAyR_nLR9eNoEraM&google_hm=Q0FFU0VOSUZEa01wQ1R4cEZKenhUM2hFcm5z
Request Chain 214
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENaiwqtgrYSnwmoGGww0VM0&google_cver=1&google_push=AXcoOmRdzJy1rlHdq9RoG2jKFUW8TPH_x5oRI0KgTuwW5ZDzRaNhXHu0Hp52p50h_rdYRFYhr-EyraxtlHYpvXbDSnX_OQi_Ko9HJVKuvT14Qdjm7U5YbPbF4FN61LgsfZ9rMed1edXMreToCj-2Mb2XNK-49-s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRdzJy1rlHdq9RoG2jKFUW8TPH_x5oRI0KgTuwW5ZDzRaNhXHu0Hp52p50h_rdYRFYhr-EyraxtlHYpvXbDSnX_OQi_Ko9HJVKuvT14Qdjm7U5YbPbF4FN61LgsfZ9rMed1edXMreToCj-2Mb2XNK-49-s&google_hm=eS1yY1ExNmJCRTJwR3ZFQ1NZLm11bFdES1dPaG9SMERqV35B
Request Chain 215
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSJyoMRch0e1nR16Dp6fzaTjUs22C33suVfdbcZNE1xS-6Hl0w4qJ2Q-3ze5RhORvscG0Qub06LH_vs6bugRfYbsyWdWDhkOFlbgWKsCN-ySjAjoVAV0HI32dSWyae2OOk7q6-kmRqxWZNVVkWKN85zHYM&google_gid=CAESEN0IOi0Zf-l-8ODWFBNhQD4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pQ1jzSpMYruSKpQUOwdfD5qJwXaFzv3l_seshg&google_push=AXcoOmSJyoMRch0e1nR16Dp6fzaTjUs22C33suVfdbcZNE1xS-6Hl0w4qJ2Q-3ze5RhORvscG0Qub06LH_vs6bugRfYbsyWdWDhkOFlbgWKsCN-ySjAjoVAV0HI32dSWyae2OOk7q6-kmRqxWZNVVkWKN85zHYM
Request Chain 216
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMgH2itirmJBRkYnWgApZj8&google_cver=1&google_push=AXcoOmSgvdxxAjEUJ17HXoTJ02CupJBZvYRUSC2WrgGsuZE350sASSnrkxOmWtrNrPUCXinA9AP5XXPSkVKA-H5sNgk9VxyooQx4epU5WAmd2KYZgHebnvulpdvKryuPRTA0I5VHifVJLwli3c6g0yMUTGbkbWg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMgH2itirmJBRkYnWgApZj8&google_cver=1&google_push=AXcoOmSgvdxxAjEUJ17HXoTJ02CupJBZvYRUSC2WrgGsuZE350sASSnrkxOmWtrNrPUCXinA9AP5XXPSkVKA-H5sNgk9VxyooQx4epU5WAmd2KYZgHebnvulpdvKryuPRTA0I5VHifVJLwli3c6g0yMUTGbkbWg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMwNDY5MDMzMDY4ODA2MzI2OA&google_push=AXcoOmSgvdxxAjEUJ17HXoTJ02CupJBZvYRUSC2WrgGsuZE350sASSnrkxOmWtrNrPUCXinA9AP5XXPSkVKA-H5sNgk9VxyooQx4epU5WAmd2KYZgHebnvulpdvKryuPRTA0I5VHifVJLwli3c6g0yMUTGbkbWg
Request Chain 217
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEP0x-5EmFWi3G-dpUuRLaHI&google_cver=1&google_push=AXcoOmRRlmuzlVIFfC-H6UtBM7BB-Go1Z569HhX8zxl57InvTz8uaIyfLbmluf6E-5rw8kULH-K4K88mgjoakcPhbT69KA5EtuxA1V9LCPmdKl9T45MYl2ig71-glJk1dpPhEk8a-Rno_myR8UDGIya0Wl-7zaln HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRRlmuzlVIFfC-H6UtBM7BB-Go1Z569HhX8zxl57InvTz8uaIyfLbmluf6E-5rw8kULH-K4K88mgjoakcPhbT69KA5EtuxA1V9LCPmdKl9T45MYl2ig71-glJk1dpPhEk8a-Rno_myR8UDGIya0Wl-7zaln HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 226
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEbWyrTRBFxZhzv3hZ0M23o&google_cver=1&google_push=AXcoOmQs8UTEtTm-9aeqTF_795ns-uckHpAahi3qBraoxbIsvnULwW_EXH55SbEMYZCu9_Du65xUOR2sVaQ5_IJuQjbT6vVLYxj2BU-wy9bXhDCcT3pt8-Vxx5Xtij4fwJn25kCphDnkC4nVYSV05_2jtRyuwsM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzU3NzcxMDE5NzQ3MzMxOTQxNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG_P_46rT32lH5Xare2KeMQ&google_cver=1
Request Chain 228
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEAWKhxqndIbrCkEsNMuvTOE&google_cver=1&google_push=AXcoOmSjTpqOpTBYWvcYsjgcd7BliXnvJp6yyiLWyTDWZ6FNe_U6ZyzaoQULEK56KFBp81h2VGQu3JUT3VEy4pEFUhvFrDRmKQu3yImBnQQZRuDrnQG5IXyA5EHQjn2fXpMK3af3UNvwJD3BU1yGxcPuSxG9XQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSjTpqOpTBYWvcYsjgcd7BliXnvJp6yyiLWyTDWZ6FNe_U6ZyzaoQULEK56KFBp81h2VGQu3JUT3VEy4pEFUhvFrDRmKQu3yImBnQQZRuDrnQG5IXyA5EHQjn2fXpMK3af3UNvwJD3BU1yGxcPuSxG9XQ&google_hm=Q0FFU0VBV0toeHFuZElickNrRXNOTXV2VE9F
Request Chain 231
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEMElpUROxUowPF6v41wsNRo&google_cver=1&google_push=AXcoOmT94e7BH1eeLXzXB_uh-CbItyEQX6iYEM07DYEVz-xHnJ_a2vQwbIBGGEQVsJV9GYTMYthms87lsGd-WIugE-vFG4QjPt_gehU3R03syNmxhGEeON57q_xFzmKNcADfrFUW1GX6r21zd2rjU_AwENOMl98 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT94e7BH1eeLXzXB_uh-CbItyEQX6iYEM07DYEVz-xHnJ_a2vQwbIBGGEQVsJV9GYTMYthms87lsGd-WIugE-vFG4QjPt_gehU3R03syNmxhGEeON57q_xFzmKNcADfrFUW1GX6r21zd2rjU_AwENOMl98&google_hm=VT-ewPHiQOCRuvcR7k7Bn2Q
Request Chain 232
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEH9aDfE2Nt9i8qVSx82bjoM&google_cver=1&google_push=AXcoOmSEi-Ao8DBigoW9BL0vtXx5e87SHFg3r57TLOEzrRE4FfhY5nLGGf7a3ByO9GQOPn8STwR4J-sig5-VnO0CgjQxV7lBjsFwTXZ4Rb0m7WUcWPlOAu1PEYIJYSmwQVvwKSUkrLfgLQlWq-z7WQH99xGOnJKf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSEi-Ao8DBigoW9BL0vtXx5e87SHFg3r57TLOEzrRE4FfhY5nLGGf7a3ByO9GQOPn8STwR4J-sig5-VnO0CgjQxV7lBjsFwTXZ4Rb0m7WUcWPlOAu1PEYIJYSmwQVvwKSUkrLfgLQlWq-z7WQH99xGOnJKf HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 237
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELX68HNtDLZ0lmVcCes7DNA&google_cver=1&google_push=AXcoOmQ5z51uGhV2Yr6AypIK8yfjPr8zCP4EBgSub4-DPFcgoGtyetjF9FuK1kNLE6W-Yj1O8FAuEZ0PuX5QdSIW27u1DonPzKRiuQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELX68HNtDLZ0lmVcCes7DNA&google_push=AXcoOmQ5z51uGhV2Yr6AypIK8yfjPr8zCP4EBgSub4-DPFcgoGtyetjF9FuK1kNLE6W-Yj1O8FAuEZ0PuX5QdSIW27u1DonPzKRiuQ
Request Chain 240
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELTa9N2fIDWq_LDLn3JedjY&google_cver=1&google_push=AXcoOmSmBHnRIoCOCHjGQIJtpdSTbAAzHy-OA3zzN5TOz_XWx-Fiu6bj6x10HENOqqBoKd3l-R1ZCSG1gFoPRkC8dSku4VE6I9NHFB8 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-lFT1KdIS3MXWPZRO8s2IQ&google_push=AXcoOmSmBHnRIoCOCHjGQIJtpdSTbAAzHy-OA3zzN5TOz_XWx-Fiu6bj6x10HENOqqBoKd3l-R1ZCSG1gFoPRkC8dSku4VE6I9NHFB8
Request Chain 241
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQfbFHnMRyDV611gIrHVrBW_Wruf8MFa-1ht97KvPw4AVrOzRQwovhL4fG6YQ73BwxTH5NQ7UbYAY2qjIbBgwn6072hTAZ0s88&google_gid=CAESEI9Mj8Vj846RD-_MxzIT_eo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pQ1jzSpMYruSKpQUOwdfD5qJwXaFzv3l_seshg&google_push=AXcoOmQfbFHnMRyDV611gIrHVrBW_Wruf8MFa-1ht97KvPw4AVrOzRQwovhL4fG6YQ73BwxTH5NQ7UbYAY2qjIbBgwn6072hTAZ0s88
Request Chain 257
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAEQQpc3nJE7MLYCab2th8M&google_cver=1&google_push=AXcoOmS8ya21Rm3F09xKlBvmXJedbLsIKpRKENswEmhZyn5kN_BcgdfmPZ7MZ6nFwDOMXu4C6UsWMZ8JUJXozjj4rwdDzlzv4sIXdSJdWbdU7wdY4qa9KJ5q4m2KK1PWbn3BGaoxx1K2sjizZrM7ln_wUvFMKkU HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAEQQpc3nJE7MLYCab2th8M&google_cver=1&google_push=AXcoOmS8ya21Rm3F09xKlBvmXJedbLsIKpRKENswEmhZyn5kN_BcgdfmPZ7MZ6nFwDOMXu4C6UsWMZ8JUJXozjj4rwdDzlzv4sIXdSJdWbdU7wdY4qa9KJ5q4m2KK1PWbn3BGaoxx1K2sjizZrM7ln_wUvFMKkU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0lkdHNQazIxUnFrQkQ1&google_gid=CAESEAEQQpc3nJE7MLYCab2th8M&google_cver=1&google_push=AXcoOmS8ya21Rm3F09xKlBvmXJedbLsIKpRKENswEmhZyn5kN_BcgdfmPZ7MZ6nFwDOMXu4C6UsWMZ8JUJXozjj4rwdDzlzv4sIXdSJdWbdU7wdY4qa9KJ5q4m2KK1PWbn3BGaoxx1K2sjizZrM7ln_wUvFMKkU
Request Chain 258
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPvlEuHYZnGkJWAbIlKOTuU&google_cver=1&google_push=AXcoOmRPX6Buu-Sm9ki41vI_WK02ZxExlcWTyH_xfP-gBXp20j1AzLj_jUi5nGLFPY-xQMIU-GkIBe9MnX62Wc_J0mQ3AQmxmMhCdiHnt6AGzUK2QvcR4loT-p47pIcnCdmlfzWbNo-4fFvRoSX6Q59cu_93kr4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPvlEuHYZnGkJWAbIlKOTuU&google_push=AXcoOmRPX6Buu-Sm9ki41vI_WK02ZxExlcWTyH_xfP-gBXp20j1AzLj_jUi5nGLFPY-xQMIU-GkIBe9MnX62Wc_J0mQ3AQmxmMhCdiHnt6AGzUK2QvcR4loT-p47pIcnCdmlfzWbNo-4fFvRoSX6Q59cu_93kr4
Request Chain 259
  • https://um.simpli.fi/gp_match?google_gid=CAESEN20bnLdHVs8ONLg192SADA&google_cver=1&google_push=AXcoOmQ5Sl6sRBLDK-K5hkPMrfgLd8c2dMUX5lR9FtQCh1GDtGUhVkIdgIFGou5ktwzPtzAOud_PYWtBvCRh_YTXYeJNO7HyjJaOPVoAWmilM5hFEgNM-cBlp2yzUYC7eqIPG7r5SSEB_ODN4e8iZgWWo2oV0Cg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D077D9D8C464332943F3770F1E82A3D&google_push=AXcoOmQ5Sl6sRBLDK-K5hkPMrfgLd8c2dMUX5lR9FtQCh1GDtGUhVkIdgIFGou5ktwzPtzAOud_PYWtBvCRh_YTXYeJNO7HyjJaOPVoAWmilM5hFEgNM-cBlp2yzUYC7eqIPG7r5SSEB_ODN4e8iZgWWo2oV0Cg
Request Chain 261
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO7ftZPsGRSd4urwCBwD3GI&google_cver=1&google_push=AXcoOmR8T7QENK2ohL065Mt7NgcUNAZ1oq2_vETXAn_w-bFJ0LanPcS9QyeHklAhZFR0xZzGipRvKdcreBJrzucY5rKbCVMNSfSg87Ymkua0fTQ1btTZfgQ6loY7ExWXxcy42U8wF8g6v-F_y-o49HCrFUneLLw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR8T7QENK2ohL065Mt7NgcUNAZ1oq2_vETXAn_w-bFJ0LanPcS9QyeHklAhZFR0xZzGipRvKdcreBJrzucY5rKbCVMNSfSg87Ymkua0fTQ1btTZfgQ6loY7ExWXxcy42U8wF8g6v-F_y-o49HCrFUneLLw&google_hm=eS1zcGZMdkNCRTJwR3Vmdlk3OF8wRjZ6QmV4czZjZHM2c35B
Request Chain 262
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGOHSE2EGa-9I-JfWmbSi-E&google_cver=1&google_push=AXcoOmQpVx1UxJg6t2ODvBvs6R9fLFGEFwdIVxEEIrEkxMquGAUOSLSl8EEDYLm6dw4zkm6S46WOc9TMJ94jC5HNJuTLxshuQyAIw_1Dajva7auyi5XBCJCL8s4H7VfMrr35HG5HYOR1jKr2Y_oXlRVq7wvjso0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpVx1UxJg6t2ODvBvs6R9fLFGEFwdIVxEEIrEkxMquGAUOSLSl8EEDYLm6dw4zkm6S46WOc9TMJ94jC5HNJuTLxshuQyAIw_1Dajva7auyi5XBCJCL8s4H7VfMrr35HG5HYOR1jKr2Y_oXlRVq7wvjso0
Request Chain 392
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3866E7AFBF9642FEB0A22261F565F507&RedC=c.clarity.ms&MXFR=34CC8E7657116F1913419A7C531161C1 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3866E7AFBF9642FEB0A22261F565F507&MUID=13CBBB8E391D653E0261AF84389664B8

429 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xtra.com.my/
Redirect Chain
  • http://www.xtra.com.my/
  • https://www.xtra.com.my/
211 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d2cc473dcbdd44a49bcec25ba1da65e3dfd5886b994a3bf8ec1f7f25c5e0d4f
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=1000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=300
cf-cache-status
HIT
cf-ray
84744eda5f1537d8-FRA
content-encoding
br
content-security-policy
default-src=*
content-type
text/html; charset=UTF-8
date
Thu, 18 Jan 2024 05:06:20 GMT
expires
Thu, 18 Jan 2024 05:11:19 GMT
last-modified
Thu, 18 Jan 2024 05:01:17 GMT
link
<https://www.xtra.com.my/wp-json/>; rel="https://api.w.org/"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=1000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

CF-Cache-Status
HIT
CF-Ray
84744ed919a35bf5-FRA
Cache-Control
public, max-age=300
Connection
keep-alive
Content-Type
text/html
Date
Thu, 18 Jan 2024 05:06:19 GMT
Expires
Thu, 18 Jan 2024 05:11:19 GMT
Location
https://www.xtra.com.my/
Referrer-Policy
strict-origin-when-cross-origin
Server
cloudflare
Strict-Transport-Security
max-age=1000
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 google
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xtra.com.my/
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1078
age
4316138
cdn-cachedat
10/31/2023 19:00:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"7cc40c199d128af6b01e74a28c5900b0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
0e75c7742bbd53b08354fcb5d6585814
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
84744edbeb8a30d6-FRA
cdn-requestpullsuccess
True
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1993046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6zelh4QmbLWK8%2Boee3fTISW8OEYRJz0OUY70GR2ifh9IoD%2BdclcCZgihjYu%2F9GfdHAlNml%2BnJ54chpCeu0z7L1wyx0CK6DFrj25zyOJOsOFZOcRLOegL0n1ofWoBDZqfbiCRfvCKphoh%2FozV5v%2F2CpY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84744edbeec86ab9-FRA
expires
Tue, 07 Jan 2025 05:06:20 GMT
owl.carousel.min.css
www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/owl-carousel/ 		3 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/owl-carousel/owl.carousel.min.css
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:11 GMT
server
cloudflare
etag
W/"626bd30f-b78"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb5fd337d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
style.css
www.xtra.com.my/wp-content/themes/xtra_revamp/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/themes/xtra_revamp/style.css?v1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be83baf7c4f38804cd37efea974311a623129ff8bbe5debf5d1f6f504e59acf
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=11342
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 11:59:11 GMT
server
cloudflare
etag
W/"626bd30f-2c4e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb5fd537d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7290637544752706
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f059a0a14d2493455865cdde3744d313a17b8f98c0687bb45dd987fb2e2ba21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtra.com.my/
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51374
x-xss-protection
0
server
cafe
etag
12792399133577862964
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 05:06:20 GMT
style.min.css
www.xtra.com.my/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:12 GMT
server
cloudflare
etag
W/"626bd310-13abe"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb5fd737d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
lightning-tag-public.css
www.xtra.com.my/wp-content/plugins/lightning-tag/public/css/ 		0
80 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/lightning-tag/public/css/lightning-tag-public.css?ver=1.0.0
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=98
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 11:59:10 GMT
server
cloudflare
etag
"626bd30e-62"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
84744edb5fd837d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
pagenavi-css.css
www.xtra.com.my/wp-content/plugins/wp-pagenavi/ 		237 B
341 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=374
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 11:59:10 GMT
server
cloudflare
etag
W/"626bd30e-176"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb5fda37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
style.css
www.xtra.com.my/wp-content/uploads/maxmegamenu/ 		78 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/uploads/maxmegamenu/style.css?ver=79b545
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a35d6396695959c491cda13773c44ae21f5e39f7c5aaed7e3d930474907e7ae
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=90260
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 05 Mar 2021 08:37:56 GMT
server
cloudflare
etag
W/"6041ede4-16094"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb5fdb37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
dashicons.min.css
www.xtra.com.my/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-includes/css/dashicons.min.css?ver=5.8
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:12 GMT
server
cloudflare
etag
W/"626bd310-e688"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb5fdd37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
genericons.css
www.xtra.com.my/wp-content/plugins/megamenu-pro/icons/genericons/genericons/ 		25 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c078330507ba1bedaa58f6cca210a4f93b69b4051cdea575eea5327238011fce
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=27524
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 11:59:10 GMT
server
cloudflare
etag
W/"626bd30e-6b84"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb5fdf37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
font-awesome.min.css
www.xtra.com.my/wp-content/plugins/megamenu-pro/icons/fontawesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=2.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:10 GMT
server
cloudflare
etag
W/"626bd30e-7918"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb5fe037d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
all.min.css
www.xtra.com.my/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f77a13c6e6d3adce340a06f37c55054d9cdd48cb1d9347943749592a2a565e
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:10 GMT
server
cloudflare
etag
W/"626bd30e-d81d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb5fe137d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
jquery-ui.structure.min.css
www.xtra.com.my/wp-content/plugins/tag-groups/assets/css/ 		2 KB
882 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/tag-groups/assets/css/jquery-ui.structure.min.css?ver=1.44.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd385518e7dbb2f357a724c3124f34ae124e847fbc3677e5250f73d3067d033
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:10 GMT
server
cloudflare
etag
W/"626bd30e-92b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb980737d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
jquery-ui.theme.min.css
www.xtra.com.my/wp-content/plugins/tag-groups/assets/css/delta/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/tag-groups/assets/css/delta/jquery-ui.theme.min.css?ver=1.44.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1a3621ae845f4e2bed7b65fd2387a926d79561d712faaca627a32ae2911232
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 17 Jun 2022 02:14:55 GMT
server
cloudflare
etag
W/"62abe39f-582e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb980837d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
frontend.min.css
www.xtra.com.my/wp-content/plugins/tag-groups/assets/css/ 		1 KB
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/tag-groups/assets/css/frontend.min.css?ver=1.44.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f01a25d36de0a8d3afc3349a22416fa9a7c0c75399d2b5717b1272aa91d349ae
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 17 Jun 2022 02:14:55 GMT
server
cloudflare
etag
W/"62abe39f-50f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb980937d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
wpp.css
www.xtra.com.my/wp-content/plugins/wordpress-popular-posts/assets/css/ 		438 B
331 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.1.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=1672
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 16 Jun 2023 08:29:23 GMT
server
cloudflare
etag
W/"648c1d63-688"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb980a37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
addthis_wordpress_public.min.css
www.xtra.com.my/wp-content/plugins/addthis/frontend/build/ 		587 B
538 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.8
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:09 GMT
server
cloudflare
etag
W/"626bd30d-24b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb980b37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
jquery.min.js
www.xtra.com.my/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:12 GMT
server
cloudflare
etag
W/"626bd310-15db1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb980e37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
jquery-migrate.min.js
www.xtra.com.my/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:12 GMT
server
cloudflare
etag
W/"626bd310-2bd8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb980f37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
lightning-tag-public.js
www.xtra.com.my/wp-content/plugins/lightning-tag/public/js/ 		2 KB
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/lightning-tag/public/js/lightning-tag-public.js?ver=1.0.0
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d95d3cdc9ee4fb8d5ddda1ff447ed267b87e5ffbe4eb4637ef46b29d6c1f84
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=2243
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 11:59:10 GMT
server
cloudflare
etag
W/"626bd30e-8c3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981037d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/7269/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/7269/lt.min.js?ver=5.8
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57548ac045c29fdafb107af4ddb88551505202d72d9a5b2fe6da9f6a0cf6bae5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 08:42:41 GMT
content-encoding
gzip
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified
Mon, 18 Sep 2023 05:20:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
73420
x-amz-server-side-encryption
AES256
etag
W/"2482751bbdd41b0d85e53efc5a45af7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
i1AHbDvWqhKtn8didOzfA0ZD0HFZVHWPw86QbCGEunDo5dtJMJe7iA==
frontend.min.js
www.xtra.com.my/wp-content/plugins/tag-groups/assets/js/ 		574 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/tag-groups/assets/js/frontend.min.js?ver=1.44.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c191cf63432e396755d88afe56a26b745eef47b2eefcfadb7f0424b823777c6
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 17 Jun 2022 02:14:54 GMT
server
cloudflare
etag
W/"62abe39e-23e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981137d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
wpp.min.js
www.xtra.com.my/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 16 Jun 2023 08:29:23 GMT
server
cloudflare
etag
W/"648c1d63-bd7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981237d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
style.css
www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/style.css
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc0dbe8740c60bb1d4ff87e26edef798c6585a6f63dd16ff45336e923c82ce74
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=21171
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Wed, 01 Nov 2023 02:37:46 GMT
server
cloudflare
etag
W/"6541b9fa-52b3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb980c37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
styleguide.css
www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/ 		6 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/styleguide.css
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
778a9fc5bb31da800289fda49c19cf37364b39f8a42cc2e4ab7e312d302eb07e
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=10633
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 11:59:11 GMT
server
cloudflare
etag
W/"626bd30f-2989"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84744edb980d37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
revac.min.js
ad.mediaprimaplus.com.my/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mediaprimaplus.com.my/revac.min.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:233f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e233b50793fa7439ab4d682ca26652341687d50278fc435f4878706812c2dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-guploader-uploadid
ABPtcPq-fDNVfM5TMeUTBBxoxB89S5ZR7VLetB89qk-AEOMgKgQe3k-4vAjCYxpuj6Ko1E5ssTxmCNAW8ZnfaFw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 01:26:29 GMT
server
cloudflare
etag
W/"4c588091328575df9aa141fec9b135ea"
x-frame-options
SAMEORIGIN
x-goog-generation
1651195589942021
content-type
application/javascript
x-goog-hash
crc32c=5ZKxvw==, md5=TFiAkTKFdd+aoUH+ybE16g==
cache-control
no-store
x-goog-stored-content-length
19219
cf-ray
84744edd787971bb-FRA
expires
Fri, 17 Jan 2025 05:06:20 GMT
elastic-apm-rum.umd.min.js
unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a572de592a0e3abc43227fee637abc8367628fb98eed4a35982a2be6a5ea8c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xtra.com.my/
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
4238656
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGF53EYS9SFPJQX0KQW466QN-fra
server
cloudflare
etag
W/"e6c5-/9BUvuWqLuyh6WbAdjVZWIIeVZs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84744edbeaec4d76-FRA
main.min.js
oauthjs.revmedia.my/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oauthjs.revmedia.my/main.min.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e04261953be1e436b94f5def88ea6b2bf5b505b2b7a20481b6802c88a21fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-guploader-uploadid
ABPtcPo9R7v1clncRtSvk25J_eLGwb9hAHpEjU0m7-21NTJYaFMJvdTGyueeq4i7yFJAxKzwjtahvO172g
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 01 Nov 2023 01:05:19 GMT
server
cloudflare
etag
W/"b733b7c58cbc01f9763ecc29115f0304"
vary
Accept-Encoding
x-goog-generation
1698800719814476
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=/uuoww==, md5=tzO3xYy8Afl2PswpEV8DBA==
cache-control
public, max-age=31536000
x-goog-stored-content-length
146295
x-frame-options
SAMEORIGIN
cf-ray
84744edc5aa403ec-FRA
expires
Fri, 17 Jan 2025 05:06:20 GMT
sto.js
pcto.revmedia.my/2024/01/xtra/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pcto.revmedia.my/2024/01/xtra/sto.js?v1.2
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:241a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e600cb67c14e4654304b251afdca6c1c5581fd31aa9d792424a7980ac93b9dee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xtra.com.my/
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-guploader-uploadid
ABPtcPqXrQy8vZewTn3FDqZPH_fKngId-tMqxspL89DIhNHYs0BOg1MtwWK_6F_4HrTtKRDdjh5hWWSe7w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 16 Jan 2024 08:19:57 GMT
server
cloudflare
etag
W/"bb5d050153c55d557d170363275d37d1"
vary
Accept-Encoding
x-goog-hash
crc32c=zwv+4A==, md5=u10FAVPFXVV9FwNjJ1030Q==
x-goog-generation
1705393197734819
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
3641
x-frame-options
SAMEORIGIN
cf-ray
84744edc5a3836df-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
sto.css
pcto.revmedia.my/2024/01/xtra/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcto.revmedia.my/2024/01/xtra/sto.css
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:241a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274fc3990c0aee224b66f6c672aa8e380264a026525572a6ae0579555642ac4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-guploader-uploadid
ABPtcPrVFgOopYPhgtpRgDaSOlJsTdkZdMKpKiVaVowCHGK4HvPJG4ZmGLU54Wsc4GjRttfkFFXe7V8eag
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 Jan 2024 07:02:31 GMT
server
cloudflare
etag
W/"37cb40159aab66b6db8ba61b05f7a4a7"
vary
Accept-Encoding
x-goog-generation
1705302151137406
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=j6EJ5w==, md5=N8tAFZqrZrbbi6YbBfekpw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
1334
x-frame-options
SAMEORIGIN
cf-ray
84744edc5f0335f8-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4951763
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-sof1510031-SOF
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705554380.223830,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
23, 1593230
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xtra.com.my/
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4410060
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230043-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puUICP7JrkegC247J%2FYhb1tEgkeb%2FXJCK%2FgSkmV2Nbfxu9Ggqv9gVkkYYA0VQHDsvWzGmQXlf3UHWJ3XBq8dQ77SOXSkD6jWMTLhU7G%2FPVMoX%2FiRKji2VfFZ4x6QMzlsLn7F1eCWauTGSB%2Fv1e8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
84744edbea0b3a84-FRA
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xtra.com.my/
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1075
age
5878473
cdn-cachedat
01/04/2023 07:40:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"61f338f870fcd0ff46362ef109d28533"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
66761294e5b71875b0774a28b1eb54a6
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
84744edbeb8c30d6-FRA
cdn-requestpullsuccess
True
owl.carousel.min.js
www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/owl-carousel/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/owl-carousel/owl.carousel.min.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:11 GMT
server
cloudflare
etag
W/"626bd30f-a70e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981337d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
theme.js
www.xtra.com.my/wp-content/themes/xtra_revamp/assets/js/ 		244 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/js/theme.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9434bd4aeacea087c853ff8b23bae2c2b156b1dcca499953ffbc11bff052802
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=661
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 11:59:11 GMT
server
cloudflare
etag
W/"626bd30f-295"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981437d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
core.min.js
www.xtra.com.my/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:12 GMT
server
cloudflare
etag
W/"626bd310-5133"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981537d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
tabs.min.js
www.xtra.com.my/wp-includes/js/jquery/ui/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d75561e1329acbfb10dd90ae27ac97aac6d6081e89700a8eaba0ae5ab0156c5f
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:12 GMT
server
cloudflare
etag
W/"626bd310-2e8b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981637d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
accordion.min.js
www.xtra.com.my/wp-includes/js/jquery/ui/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
638caa40d39dec20d95e4119187482e3c5939616252d96ded196b05c2e1cfc27
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:12 GMT
server
cloudflare
etag
W/"626bd310-21d7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981737d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
smush-lazy-load.min.js
www.xtra.com.my/wp-content/plugins/wp-smush-pro/app/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.7.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3b9ef807d3988e8ce73d3012e2f19cab12503a411c79719959f42cb8728f566
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:10 GMT
server
cloudflare
etag
W/"626bd30e-210b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981937d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		56 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js?ver=5.8
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.23.103 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-23-103.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Jan 2024 05:06:20 GMT
server
Oracle API Gateway
opc-request-id
/B3D6AB3CA7222F2BA2E3EDE0971577C3/9D4F75AF13F74E94EC8768298190A105
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
hoverIntent.min.js
www.xtra.com.my/wp-includes/js/ 		1 KB
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:12 GMT
server
cloudflare
etag
W/"626bd310-5c8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981a37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
maxmegamenu.js
www.xtra.com.my/wp-content/plugins/megamenu/js/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.6
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c2d44d4ef3f14eefd935acbc3a3a1b8ee462693c9bbbd96eca177b95fd98032
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=30529
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 17 Jun 2022 02:14:54 GMT
server
cloudflare
etag
W/"62abe39e-7741"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981b37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
public.js
www.xtra.com.my/wp-content/plugins/megamenu-pro/assets/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/plugins/megamenu-pro/assets/public.js?ver=2.1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97454fe5bf4c08fcc5193ef40585b8f433c4c3e0e67d18a1247dd38eb4d56a08
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
cf-polished
origSize=22117
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 11:59:10 GMT
server
cloudflare
etag
W/"626bd30e-5665"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981c37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
wp-embed.min.js
www.xtra.com.my/wp-includes/js/ 		1 KB
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
931
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:12 GMT
server
cloudflare
etag
W/"626bd310-592"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edb981d37d8-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
validator.js
cdnjs.cloudflare.com/ajax/libs/1000hz-bootstrap-validator/0.11.9/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/1000hz-bootstrap-validator/0.11.9/validator.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
522a88aa0357c11f0284531a0fc56b634b4150897fb28a9bee6b1a6ae2566557
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4224685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2779
last-modified
Tue, 01 Aug 2023 14:30:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c916ec-adb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJneOkXUZ8Be%2B6Ar6gVYFf6rjzAZ31%2BMkGPJY8k4SfLqlu7nDcAhjFwwsqG%2F0T%2Ft8mSd9mt%2FB5gd1giwoXfqBKfUome8frYaeUGjC3tQcpJlfIWA%2FsG1nGAuLX5mn%2FpQ5%2BqYKCYf%2BOP7F4Pf1Sr2IDa9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84744edbeec96ab9-FRA
expires
Tue, 07 Jan 2025 05:06:20 GMT
js
www.googletagmanager.com/gtag/ 		176 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-71805444-2
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f27360f451c0fd1826de4e342771a14c313b3df558d51bd8d63feb7744d65663
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65337
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Jan 2024 05:06:20 GMT
gtm.js
www.googletagmanager.com/ 		213 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBQP55N
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7115be84295b6f18a4c37c441e57afb53a1a5375b2a8501fab600e75a8661d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75604
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Jan 2024 05:06:20 GMT
gpt.js
www.googletagservices.com/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bab7212aa4415e794f5eabb42c1987580aa7510410c15e0735e7729d935a65b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29864
x-xss-protection
0
server
cafe
etag
437 / 19740 / m202401100101 / config-hash: 3231436403185047581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 05:06:20 GMT
wp-emoji-release.min.js
www.xtra.com.my/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
415
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:12 GMT
server
cloudflare
etag
W/"626bd310-4705"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
84744edcbdb09b71-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
4159291
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b3a57c6aca414a3b87fe0638b631146d
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
84744edd3b85bbb3-FRA
cdn-requestpullsuccess
True
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
data
bcp.crwdcntrl.net/6/ 		60 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.68.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-68-125.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
cdfa911703e5056cdc4a3c3e41d052ad91834c2c2bfe5aefa2825c74b23c94c9

Request headers

Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache
x-server
10.45.17.213
access-control-allow-credentials
true
content-length
60
expires
0
proximanova-semibold-webfont.woff
www.xtra.com.my/wp-content/themes/xtra_revamp/assets/font/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/font/proximanova-semibold-webfont.woff
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2108a98309ea936244b711b68b758be0278500e047a5200d1eca370c65e6f38
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/style.css
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
24600
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:11 GMT
server
cloudflare
etag
"626bd30f-6018"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
84744eddae349b71-FRA
expires
Thu, 18 Jan 2024 05:11:20 GMT
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
5709700
cdn-cachedat
10/31/2023 19:08:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
87a18c927d5021fe90c8670e926dcf87
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
84744eddac9230d6-FRA
cdn-requestpullsuccess
True
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/ 		438 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 21:35:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
27024
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140824
x-xss-protection
0
server
cafe
etag
1760809391848743662
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 16 Jan 2025 21:35:56 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/ 		402 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7290637544752706
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
815ffd14ae0abede175466ce81cee26227f6352b47f382cd5c3d7390fedc5fe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139517
x-xss-protection
0
server
cafe
etag
5848486895478645394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 05:06:20 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/ Frame 5678 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7290637544752706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
49500
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:21:20 GMT
etag
9219409622527106327
expires
Wed, 31 Jan 2024 15:21:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		292 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KM2DDTPDW6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBQP55N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0905ddf565be060c2a80f22440333ee30375d5f3400c54242118338052241919
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97022
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Jan 2024 05:06:20 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBQP55N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Jan 2024 03:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4691
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 18 Jan 2024 05:48:09 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBQP55N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:2c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 19:18:49 GMT
content-encoding
gzip
via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:18:23 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
35251
etag
W/"6583925f-5f13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
hSPzvOADarkhxJetT_S51I4pY0rXOQytAOPZZ07RkhuTxF64RsXJuQ==
expires
Thu, 18 Jan 2024 19:18:49 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 02:10:09 GMT
content-encoding
gzip
via
1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
10572
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
dXFLYftHG06Z5DsXKNhN7YeOuvq4UCZazxRi8O7CCc5ChU0FsOnV9g==
cc_af.js
tags.crwdcntrl.net/c/7269/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/7269/cc_af.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBQP55N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19f56741cc6a31530c12cd5692f84876fc05a4600321bb3e65f275ba7d3966b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 07:13:23 GMT
content-encoding
gzip
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified
Thu, 10 Feb 2022 14:10:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
78778
x-amz-server-side-encryption
AES256
etag
W/"3d21449076df7681e3b8b5a031c7d454"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=86400
x-amz-cf-id
h4KfsfX9w9Osmui9J2m4BYIJ1-NrUIpIVejTMKS-R7_t5Ox0UA6Jrg==
56rz0buk74
www.clarity.ms/tag/ 		650 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/56rz0buk74
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f04b275fa522860f01cfed831fb46464fe9bf64fb8d7556eb4f2218095ef6bc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
-1
date
Thu, 18 Jan 2024 05:06:20 GMT
x-azure-ref
20240118T050620Z-2bg153yv7d2m729asu5fz839as00000000dg000000007v9e
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
fbevents.js
connect.facebook.net/en_US/ 		212 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f013:d:face:b00c:0:3 Helsinki, Finland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 18 Jan 2024 05:06:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
BWa8wGedU/9N6mWkju78nLS0DwDloebUOEwtKVCMjpCYjjTwM2x/GbP+V9e03NKDaV0/+IujWsfsQB/eQVer8Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
heartbeat.min.js
heartbeat.mediaprimaplus.com.my/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heartbeat.mediaprimaplus.com.my/heartbeat.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBQP55N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:233f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
921e931d131b3e5df4cd700f147992c745398d7503938a1e73742fc0642a0a22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-guploader-uploadid
ABPtcPpQXTbjJecHJCD9QiuzEWzwtfXa-ytwA67MT7itAHIvyA481gMmbIS-cO3RUW9zohmrKQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 14 Aug 2023 04:04:50 GMT
server
cloudflare
etag
W/"5f725977c0ffda5b4f37aba4a56c9b6c"
x-frame-options
SAMEORIGIN
x-goog-generation
1691985890041510
content-type
application/javascript
x-goog-hash
crc32c=JcAjSg==, md5=X3JZd8D/2ltPN6ukpWybbA==
cache-control
no-store
x-goog-stored-content-length
112773
cf-ray
84744edeaa6871bb-FRA
expires
Fri, 17 Jan 2025 05:06:21 GMT
ins.js
xtramy.api.useinsider.com/ 		232 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xtramy.api.useinsider.com/ins.js?id=10008578
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBQP55N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dcbecc590feedb5157eaedcf0b898b3db7338d0e2d76a2bd636349e91b8768b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
.AtHjtZr7K8RIhRBssaQNNS3Gv5avuQJ
cf-cache-status
HIT
x-amz-request-id
Z8ZZME7W01NJP7D8
age
2399
content-encoding
br
x-amz-id-2
krfyKkPOt9Z+vxOXjG0CJyW2/rqobSi6eQCLFg+r/xYNHwkMzyFnYGikFAXfgjN0arLDke2hZ2c=
x-xss-protection
1
pragma
public
last-modified
Wed, 17 Jan 2024 12:38:56 GMT
server
cloudflare
etag
W/"be386a90ffe3dcb348dec03286e85146"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
84744edf1c99927a-FRA
expires
Thu, 18 Jan 2024 05:11:20 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KM2DDTPDW6&gtm=45je41a0v9108145860z877064364&_p=1705554380229&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1371778314.1705554381&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705554380&sct=1&seg=0&dl=https%3A%2F%2Fwww.xtra.com.my%2F&dt=XTRA%20-&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&ep.article_author=n%2Fa&ep.publication_date=n%2Fa&ep.publication_time=n%2Fa&ep.pagetype=website&ep.article_id=n%2Fa&ep.site_name=XTRA%20-&ep.modified_date=n%2Fa&ep.modified_time=n%2Fa&tfd=1058
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KM2DDTPDW6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KM2DDTPDW6&cid=1371778314.1705554381&gtm=45je41a0v9108145860z877064364&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KM2DDTPDW6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KM2DDTPDW6&cid=1371778314.1705554381&gtm=45je41a0v9108145860z877064364&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=6498005
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=966308144&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xtra.com.my%2F&ul=en-us&de=UTF-8&dt=XTRA%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1131162038&gjid=1232939111&cid=1371778314.1705554381&tid=UA-71805444-2&_gid=703342959.1705554381&_r=1&_slc=1&gtm=45He41a0n81WBQP55Nv77064364&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=977278215
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
khai-bahar-4.jpg
media.xtra.com.my/2024/01/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/khai-bahar-4.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c1eb8482e22461a701c3fee3060d9de0183f66a348caa3e9892e6058ca745d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
930
cf-polished
origSize=99879, status=vary_header_present
x-guploader-uploadid
ABPtcPrCGjGWqdcgfXgRjYWdh1M0LHhVprdcah61Sk4kVoL6fIx1o8vN1nhdtwfhNiVdlici9KNDQ3B97Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
99131
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Thu, 18 Jan 2024 04:36:48 GMT
server
cloudflare
etag
"3a41619036ddf8b5bb71546e64dc5878"
vary
Origin, Accept-Encoding
x-goog-generation
1705552608817287
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=GyLpdw==, md5=OkFhkDbd+LW7cVRuZNxYeA==
cache-control
public, max-age=14400
x-goog-stored-content-length
99879
accept-ranges
bytes
cf-ray
84744edfca4f37d8-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
Inteam1.jpg
media.xtra.com.my/2024/01/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/Inteam1.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8425d22c7eef338c65de5909e35350e94a6f4428581529c1b4b4b2b0fa6875d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
930
cf-polished
origSize=69286, status=vary_header_present
x-guploader-uploadid
ABPtcPoa5AIje8f67hShbOdZN1Vw9FUpuWG2Cj5swNkJMCgevG4x0EQcuQblyeZwJ5dbTKOOab6Yu7iFgg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
68565
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 21:58:44 GMT
server
cloudflare
etag
"37fc2801c50d24213fe2c6037b69b454"
vary
Origin, Accept-Encoding
x-goog-generation
1705528724774659
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=fWT5xg==, md5=N/woAcUNJCE/4sYDe2m0VA==
cache-control
public, max-age=14400
x-goog-stored-content-length
69286
accept-ranges
bytes
cf-ray
84744edfca4d37d8-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
B18FB90E-99F8-460A-9B50-173C2AEAA612.jpeg
media.xtra.com.my/2024/01/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/B18FB90E-99F8-460A-9B50-173C2AEAA612.jpeg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f68dc2cf53280babc3cca1f0afbc30e61e757591607279464aca620a566c3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
930
cf-polished
origSize=90852, status=vary_header_present
x-guploader-uploadid
ABPtcPpl5-llWfFiKI3gTDSpEreB7aNU40uFHXN_qeSsnfpOs13OFssYUK_sdKTkfPeFWhi3DQ8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
89767
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 13:43:50 GMT
server
cloudflare
etag
"2fc50adaa3d2c2b43049043382e821cb"
vary
Origin, Accept-Encoding
x-goog-generation
1705499030497792
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=K1FPyA==, md5=L8UK2qPSwrQwSQQzgughyw==
cache-control
public, max-age=14400
x-goog-stored-content-length
90852
accept-ranges
bytes
cf-ray
84744edfca4937d8-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
Norman-Hakim.png
media.xtra.com.my/2024/01/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/Norman-Hakim.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1111d9dc18727746a75dc5353cbc834540640617cbb73ac652e743d067f6015d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
930
cf-polished
status=not_needed
x-guploader-uploadid
ABPtcPouyJsHLRmv8_YegHP_fG4I0Xw95TbKrEDvCzLpie1UCaxzBnUX18Wz7D8gpP2XJwlVnnvEf-FgiQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
153933
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 10:25:33 GMT
server
cloudflare
etag
"e895d77efe82afd723fa78cc96b9d1c3"
vary
Origin, Accept-Encoding
x-goog-generation
1705487133424922
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=MqA4jw==, md5=6JXXfv6Cr9cj+njMlrnRww==
cache-control
public, max-age=14400
x-goog-stored-content-length
153933
accept-ranges
bytes
cf-ray
84744edfca4c37d8-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
Agong-Permaisuri-Agong.png
media.xtra.com.my/2024/01/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/Agong-Permaisuri-Agong.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f0fd642c92e61819def788cd12d76e8aecf95a3a00e4d4ef9b84afbcc1e5d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
930
cf-polished
status=not_needed
x-guploader-uploadid
ABPtcPr2zFGR-0YG2GmYIklb5rhJJGJVQG5rzhpJA6wp2rhXgc92M3utTr2jvDXcM3adh1zYirA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
105677
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 08:52:47 GMT
server
cloudflare
etag
"5813366534b140234090e7cb19684b58"
vary
Origin, Accept-Encoding
x-goog-generation
1705481567517644
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=jo1SSA==, md5=WBM2ZTSxQCNAkOfLGWhLWA==
cache-control
public, max-age=14400
x-goog-stored-content-length
105677
accept-ranges
bytes
cf-ray
84744edfca4b37d8-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
253773-featured-300x175.png
www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/253773-featured-300x175.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b4379be6c753a393d775e2ea0a32f217b95df9bf779ed6f2401d06df8855b71
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=103487
content-disposition
inline; filename="253773-featured-300x175.webp"
alt-svc
h3=":443"; ma=86400
content-length
69866
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 07:52:37 GMT
server
cloudflare
etag
"65a78745-1943f"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
84744edf9f269b71-FRA
expires
Sat, 17 Feb 2024 05:06:20 GMT
253869-featured-300x175.png
www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/253869-featured-300x175.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af621d3904e2ad51595be79fbc99669954c1e13a13a8bd12fd18fb325cea7357
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
EXPIRED
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=97077
content-disposition
inline; filename="253869-featured-300x175.webp"
alt-svc
h3=":443"; ma=86400
content-length
68336
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 12:08:40 GMT
server
cloudflare
etag
"65a7c348-17b35"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
84744edf9f279b71-FRA
expires
Sat, 17 Feb 2024 05:06:21 GMT
253884-featured-300x175.png
www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/253884-featured-300x175.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85800324821387ae57cec44b39b9c97793017da3102d141abf239923a7b3ff6a
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=122101
content-disposition
inline; filename="253884-featured-300x175.webp"
alt-svc
h3=":443"; ma=86400
content-length
80890
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 23:26:23 GMT
server
cloudflare
etag
"65a8621f-1dcf5"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
84744edf9f289b71-FRA
expires
Sat, 17 Feb 2024 05:06:21 GMT
253683-featured-300x175.png
www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/253683-featured-300x175.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
589495a64138f0fcec8f7bd8cb1839ab5ae92f3d004527df76107f92ce7ae029
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
EXPIRED
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=102745
content-disposition
inline; filename="253683-featured-300x175.webp"
alt-svc
h3=":443"; ma=86400
content-length
66018
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 07:56:23 GMT
server
cloudflare
etag
"65a78827-19159"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
84744edf9f299b71-FRA
expires
Sat, 17 Feb 2024 05:06:21 GMT
251101-featured-300x175.png
www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/251101-featured-300x175.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096b02a998e7dff832f5549ea526d8b461f14ffd0d7edcc1e243d8746d820967
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=86338
content-disposition
inline; filename="251101-featured-300x175.webp"
alt-svc
h3=":443"; ma=86400
content-length
56886
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 07:52:41 GMT
server
cloudflare
etag
"65a78749-15142"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
84744edf9f2c9b71-FRA
expires
Sat, 17 Feb 2024 05:06:21 GMT
253127-featured-300x175.png
www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/253127-featured-300x175.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
630dac4972c6784638330e3c706032ab649e5e219c8599e10cd614d8f4c54cf0
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=104271
content-disposition
inline; filename="253127-featured-300x175.webp"
alt-svc
h3=":443"; ma=86400
content-length
69438
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 07:56:26 GMT
server
cloudflare
etag
"65a7882a-1974f"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
84744edf9f2d9b71-FRA
expires
Sat, 17 Feb 2024 05:06:21 GMT
253313-featured-300x175.jpg
www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/253313-featured-300x175.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
479091ca5d41cbf7186f5c9afa65d7cb64b772138f90ca4a26131a3aa8602072
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
cf-polished
origSize=14897
alt-svc
h3=":443"; ma=86400
content-length
13975
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 07:56:27 GMT
server
cloudflare
etag
"65a7882b-3a31"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
84744edf9f2e9b71-FRA
expires
Sat, 17 Feb 2024 05:06:21 GMT
253255-featured-300x175.png
www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/253255-featured-300x175.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2961eb64d208756d4436899faa496f9ecec8c1a2d7d7571db4c122b7507cfb30
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=125568
content-disposition
inline; filename="253255-featured-300x175.webp"
alt-svc
h3=":443"; ma=86400
content-length
82136
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 07:56:29 GMT
server
cloudflare
etag
"65a7882d-1ea80"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
84744edf9f309b71-FRA
expires
Sat, 17 Feb 2024 05:06:21 GMT
252746-featured-300x175.png
www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtra.com.my/wp-content/uploads/wordpress-popular-posts/252746-featured-300x175.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3152fadc277d967f622b91151289201fd08526b55baa667d683dccc4da60250e
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-security-policy
default-src=*
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=105302
content-disposition
inline; filename="252746-featured-300x175.webp"
alt-svc
h3=":443"; ma=86400
content-length
69772
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 07:52:56 GMT
server
cloudflare
etag
"65a78758-19b56"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
84744edf9f319b71-FRA
expires
Sat, 17 Feb 2024 05:06:21 GMT
Untitled-design-16.png
media.xtra.com.my/2024/01/ 		872 KB
874 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/Untitled-design-16.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0649a00dad6af4a0014e343e7d17a7f4984ebef0f547ae7cc35e12d15fb6304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
930
cf-polished
origSize=1017384, status=vary_header_present
x-guploader-uploadid
ABPtcPosDf1bk3yQ2hztK8EXADD-YLg6_3IArl8BZNKW9huv1C1GzavQLYN4UkcY-aerdgYqXBXWPLAeCw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
893361
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 10 Jan 2024 08:51:49 GMT
server
cloudflare
etag
"745fb7e5513ec9e81cf9762fa92521ae"
vary
Origin, Accept-Encoding
x-goog-generation
1704876709073785
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=XcdlDA==, md5=dF+35VE+yegc+XYvqSUhrg==
cache-control
public, max-age=14400
x-goog-stored-content-length
1017384
accept-ranges
bytes
cf-ray
84744edfca5137d8-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
farishairis2407.jpg
media.xtra.com.my/2023/07/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2023/07/farishairis2407.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f8929cd63d071002ed17a9a3fe38fab0d397b4d99ec4818eb7abc71bc88f4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origSize=128319, status=vary_header_present
x-guploader-uploadid
ABPtcPqEUsZQS9W_KG9SyHDJCiFPpJAKthZeONzqiK3cvkbKlWJr7JVvkRQMhLv5U0PT8oubku49vZd0nDCPRQz0ek_9_Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
128070
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 24 Jul 2023 05:08:44 GMT
server
cloudflare
etag
"fcaa8b649a28605f9d87e9ffbd0bcca8"
vary
Origin, Accept-Encoding
x-goog-generation
1690175324543765
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=3CSV9w==, md5=/KqLZJooYF+dh+n/vQvMqA==
cache-control
public, max-age=14400
x-goog-stored-content-length
128319
accept-ranges
bytes
cf-ray
84744ee02f7b9b71-FRA
expires
Thu, 18 Jan 2024 09:06:21 GMT
ryanbakery1307.jpg
media.xtra.com.my/2023/07/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2023/07/ryanbakery1307.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e398fb91ecf10737fbeb78d00f35deca8ef2a37ca842b735ca13f8ebb17b7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origSize=84610, status=vary_header_present
x-guploader-uploadid
ABPtcPprNjoDqzBqqk6Kij5j8WNOf6PcbDR7LY9UE6k0OToj2NTzXmimwnPleY_FKIZsSzB1gE0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
83695
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Thu, 13 Jul 2023 05:18:52 GMT
server
cloudflare
etag
"e54e0969b56c12cc79f280f7db02e5cb"
vary
Origin, Accept-Encoding
x-goog-generation
1689225532689842
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=Q9bK+A==, md5=5U4JabVsEsx58oD32wLlyw==
cache-control
public, max-age=14400
x-goog-stored-content-length
84610
accept-ranges
bytes
cf-ray
84744ee02f7e9b71-FRA
expires
Thu, 18 Jan 2024 09:06:21 GMT
fazura2006.jpg
media.xtra.com.my/2023/06/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2023/06/fazura2006.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
264476b16bf8e29c3463bfa310dbafb1ce6e8a288dd472ac99bb336f199b9e8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origSize=103301, status=vary_header_present
x-guploader-uploadid
ABPtcPq9PNZrLCh38h1Nm8gXslolAGKeum7lHth7zrqVqJg2IRzVusNU74gS2tGNrddtq-crJIWozGGFuA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
102831
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Jun 2023 03:32:08 GMT
server
cloudflare
etag
"3dd9974df9498a67c4ef3ada3dc7df5b"
vary
Origin, Accept-Encoding
x-goog-generation
1687231928550235
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=TP8yMQ==, md5=PdmXTflJimfE7zraPcffWw==
cache-control
public, max-age=14400
x-goog-stored-content-length
103301
accept-ranges
bytes
cf-ray
84744ee02f809b71-FRA
expires
Thu, 18 Jan 2024 09:06:21 GMT
Untitled-design-18.png
media.xtra.com.my/2024/01/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/Untitled-design-18.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ede72419ce8cb92c79cf3cf02c7dea540a320dc1ab74b6b8523503f2c9b303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
x-guploader-uploadid
ABPtcPq-XDGRMZnSPJurL_cfVSbMEyYNeftfC2vK_Vxik602LoQi5oMrSXMBs9f3hvaCa932Yc8JSy8PPw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
228371
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Tue, 16 Jan 2024 04:19:59 GMT
server
cloudflare
etag
"a7e6ac5c059f8f7737173763d59f3b0d"
vary
Origin, Accept-Encoding
x-goog-generation
1705378799154659
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=vdf5fw==, md5=p+asXAWfj3c3Fzdj1Z87DQ==
cache-control
public, max-age=14400
x-goog-stored-content-length
228371
accept-ranges
bytes
cf-ray
84744ee02f829b71-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
tyBSHTMF-Untitled-design-12.png
media.xtra.com.my/2024/01/ 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/tyBSHTMF-Untitled-design-12.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e87d7ef2d6dfdac8ccdb583cb5b61bd5e184491ffcfea17095ee0f8f0f20bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
x-guploader-uploadid
ABPtcPrRhOUG5VYQQ_m7PfDvPFXFmNlVSnHMRTBvMQyep0Z5LE7oSfbH8C01ODog-JbDR9XH3EXld85iJcs60NwSiWrxJA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
183514
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 08 Jan 2024 02:17:09 GMT
server
cloudflare
etag
"faef7413c84c10e31e6d8f180a95f879"
vary
Origin, Accept-Encoding
x-goog-generation
1704680229167080
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=S6CQBg==, md5=+u90E8hMEOMebY8YCpX4eQ==
cache-control
public, max-age=14400
x-goog-stored-content-length
183514
accept-ranges
bytes
cf-ray
84744ee02f849b71-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
Untitled-design-11.png
media.xtra.com.my/2024/01/ 		234 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/Untitled-design-11.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec30f1f2cd0f3af363facf9654b5a4089880dd8f2715671dfe4b389cbacc8cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
x-guploader-uploadid
ABPtcPoF3spVo0XCrSZg5ls7PVLYz93vY4Fc2QGALsK8XK1bX7zdov4KU09JEcp6VyQZcRJLZc0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
239177
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 08 Jan 2024 01:54:12 GMT
server
cloudflare
etag
"38c1de6f96a136ade5b8fdb231359d21"
vary
Origin, Accept-Encoding
x-goog-generation
1704678852390322
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=Bhqovg==, md5=OMHeb5ahNq3luP2yMTWdIQ==
cache-control
public, max-age=14400
x-goog-stored-content-length
239177
accept-ranges
bytes
cf-ray
84744ee02f859b71-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
proximanova-bold-webfont.woff
www.xtra.com.my/wp-content/themes/xtra_revamp/assets/font/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/font/proximanova-bold-webfont.woff
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2123e5ea1ef093069cf54eee5341feb955d2451f4f91bfabc085a54cfbdf57c8
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xtra.com.my/wp-content/themes/xtra_revamp/assets/css/style.css
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
age
415
alt-svc
h3=":443"; ma=86400
content-length
24504
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 29 Apr 2022 11:59:11 GMT
server
cloudflare
etag
"626bd30f-5fb8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
84744edf9f339b71-FRA
expires
Thu, 18 Jan 2024 05:11:20 GMT
Draggable.js
cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/ 		465 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/Draggable.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256de1accbccc4ffee65cf0ae6ddda99d1a056e669ddb390c959b942df9a5358

Request headers

Referer
https://pcto.revmedia.my/
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E%2F682KQydQAgUzi3Dbz1Lb6RvQ8Ao%2BRMAajkVjbVel6IbGlgGSTRXgUOKRzI17uSjJVulhke4IezQcIYhZWpzmApJbfROvpr0TsmOqtG5grOOgILyDusEll1CLntsv3XtRd6urZC%2BWNeQB17Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=31536000
x-import-url
/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/Draggable.js
cf-ray
84744ee039945c62-FRA
alt-svc
h3=":443"; ma=86400
gsap.js
cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/optimized/ 		305 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/optimized/gsap.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b9233c0c01ce219c102432f8da76d92d40bee603d575e238540da05da0ad17c

Request headers

Referer
https://pcto.revmedia.my/
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FrswCI4g3%2FXEEeeRbmC47efXSJI3nsxQm2HFvuQH07h1LfOpEDHKZol4xABdJaI6lLMoErT5Sr3CNMVpewsT5dFULSXT7dntpomZ0SqrrAJ8j05dwm6I6XfNPuBmAVWnCtgrRF%2BvyK3MHkpVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=31536000
x-import-url
/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/optimized/gsap.js
cf-ray
84744ee039925c62-FRA
alt-svc
h3=":443"; ma=86400
instagram-2.png
media.xtra.com.my/2020/03/
Redirect Chain
  • https://www.xtra.com.my/wp-content/uploads/2020/03/instagram-2.png
  • https://media.xtra.com.my/2020/03/instagram-2.png
560 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2020/03/instagram-2.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e01c687abadb8e1a8528b106ba9a557bf45cc48ffb4368579fcc03936be5048b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1585206255
cf-polished
origSize=1783, status=vary_header_present
x-guploader-uploadid
ABPtcPqezBe3Z4SbSJSkQvazpW0JqsiRdONV7sHaUTb8oPnTbUxI9IpfUXA6krYDIe1STrwVYG4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
560
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 15 Aug 2022 02:04:59 GMT
server
cloudflare
etag
"1a50dda7d77c7ee9e7c7964c40678838"
vary
Origin, Accept-Encoding
x-goog-generation
1660529099101654
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=lBvT+w==, md5=GlDdp9d8funnx5ZMQGeIOA==
cache-control
public, max-age=14400
x-goog-stored-content-length
1783
accept-ranges
bytes
cf-ray
84744ee08fbd9b71-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT

Redirect headers

date
Thu, 18 Jan 2024 05:06:20 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
location
https://media.xtra.com.my/2020/03/instagram-2.png
cache-control
max-age=3600
cf-ray
84744edfbf449b71-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Thu, 18 Jan 2024 06:06:20 GMT
twitter-2.png
media.xtra.com.my/2020/03/
Redirect Chain
  • https://www.xtra.com.my/wp-content/uploads/2020/03/twitter-2.png
  • https://media.xtra.com.my/2020/03/twitter-2.png
388 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2020/03/twitter-2.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ed248cd26774bf8f5deaf78d58087e66af646973c8adb242549b6bb5388000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1585206265
cf-polished
origSize=1648, status=vary_header_present
x-guploader-uploadid
ABPtcPrEmJ8kukPfiMA__qcj4zRtI_ROuQymbYgBfpBHSx-P7L1-h3hxHX76_Bhby-qINz4Cw9l6mSUrjuDcgZsMJ5YNiw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
388
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 15 Aug 2022 02:03:50 GMT
server
cloudflare
etag
"2a5ad11691a25b29a9ae22df4018e9f6"
vary
Origin, Accept-Encoding
x-goog-generation
1660529030070991
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=8uCduA==, md5=KlrRFpGiWympriLfQBjp9g==
cache-control
public, max-age=14400
x-goog-stored-content-length
1648
accept-ranges
bytes
cf-ray
84744ee08fbf9b71-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT

Redirect headers

date
Thu, 18 Jan 2024 05:06:20 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
location
https://media.xtra.com.my/2020/03/twitter-2.png
cache-control
max-age=3600
cf-ray
84744edfbf459b71-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Thu, 18 Jan 2024 06:06:20 GMT
facebook-1.png
media.xtra.com.my/2020/03/
Redirect Chain
  • https://www.xtra.com.my/wp-content/uploads/2020/03/facebook-1.png
  • https://media.xtra.com.my/2020/03/facebook-1.png
194 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2020/03/facebook-1.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6687c45fd1f31595ff764dad6635e47a52b29db413972a004ee60467bad988d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1585206276
cf-polished
origSize=1310, status=vary_header_present
x-guploader-uploadid
ABPtcPqj7n0GddMhq0uXMdOGdWG5rgjjIqo40ZyBRCg1tLDdnwVT5Q78Re9YFvPEcFnSIfmp6Vs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
194
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 15 Aug 2022 02:04:29 GMT
server
cloudflare
etag
"76e205342b495fd89a974f204ffd39b1"
vary
Origin, Accept-Encoding
x-goog-generation
1660529069894914
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=4Uu1vA==, md5=duIFNCtJX9ial08gT/05sQ==
cache-control
public, max-age=14400
x-goog-stored-content-length
1310
accept-ranges
bytes
cf-ray
84744ee08fc19b71-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT

Redirect headers

date
Thu, 18 Jan 2024 05:06:20 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
location
https://media.xtra.com.my/2020/03/facebook-1.png
cache-control
max-age=3600
cf-ray
84744edfbf469b71-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Thu, 18 Jan 2024 06:06:20 GMT
UEZKk2D1-ELEMENTS.png
media.xtra.com.my/2023/04/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2023/04/UEZKk2D1-ELEMENTS.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9a02736a1f20143465dac4d5dc9434be27127c454901fef138129faa1e8875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
x-guploader-uploadid
ABPtcPpsuKcyXLCpZ8zO0zQjdHXi5jCbIA-prUhJxiDSfgYiblx8S8TskEef16Pn0PE6ZRcAzpE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1199
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Thu, 20 Apr 2023 01:20:36 GMT
server
cloudflare
etag
"7f93bb8caa0674e511a6917b0ecbaf01"
vary
Origin, Accept-Encoding
x-goog-generation
1681953636020497
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=Yov59g==, md5=f5O7jKoGdOURppF7DsuvAQ==
cache-control
public, max-age=14400
x-goog-stored-content-length
1199
accept-ranges
bytes
cf-ray
84744ee02f869b71-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
xtra_logo.png
media.xtra.com.my/2023/06/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2023/06/xtra_logo.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
765e7c90f89e39cfd2d8c9436caf442c3358c85ad8ff6d0d5ffe13dc027c9fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
x-guploader-uploadid
ABPtcPrmd4nCYrvrl4Ijx7rNk8mjTNg1DtEQvHj8nHKM21k_1ecafCeHVVGa4WfzkUfwR5Yl4sA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3399
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 12 Jun 2023 12:02:34 GMT
server
cloudflare
etag
"a77e591151b50c6686fb63d1b3e92f4e"
vary
Origin, Accept-Encoding
x-goog-generation
1686571354447337
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=7M80nQ==, md5=p35ZEVG1DGaG+2PRs+kvTg==
cache-control
public, max-age=14400
x-goog-stored-content-length
3399
accept-ranges
bytes
cf-ray
84744ee02f879b71-FRA
expires
Thu, 18 Jan 2024 09:06:20 GMT
malay-drama
api.tonton.com.my/api/video/genre/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.tonton.com.my/api/video/genre/malay-drama
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2587 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e63dca0bccfdf8f1df6c58a3752d898c7a63f7543239d553d3128285550038a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Jan 2024 04:54:47 GMT
server
cloudflare
x-ratelimit-remaining
59
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.xtra.com.my
cache-control
public, max-age=300
x-ratelimit-limit
60
cf-ray
84744ee06d95901c-FRA
x-frame-options
SAMEORIGIN
expires
Thu, 18 Jan 2024 05:11:21 GMT
program_menarik
www.xtra.com.my/wp-json/wp/v2/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.xtra.com.my/wp-json/wp/v2/program_menarik
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a428f06763ba3f25baea95edeb6f3abe9a5e9c484cf8acadc29c2e1a86889d
Security Headers
Name Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.xtra.com.my/
X-Requested-With
XMLHttpRequest
traceparent
00-8569d97371d0084ed3857a3682dcc8cb-dee2b10491a101a9-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
content-security-policy
default-src=*
cf-cache-status
HIT
x-content-type-options
nosniff
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Jan 2024 05:03:51 GMT
server
cloudflare
x-wp-totalpages
1
allow
GET
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
x-frame-options
SAMEORIGIN
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
public, max-age=300
x-wp-total
6
x-robots-tag
noindex
link
<https://www.xtra.com.my/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
84744edfbf489b71-FRA
expires
Thu, 18 Jan 2024 05:11:20 GMT
buletin-utama-2023
api.tonton.com.my/api/video/playlist/ 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.tonton.com.my/api/video/playlist/buletin-utama-2023?1705554077
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2587 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d696bbfeadc510faaf25576c8739957aad8871da90b0de819e42a009b200280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Jan 2024 05:01:20 GMT
server
cloudflare
x-ratelimit-remaining
58
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.xtra.com.my
cache-control
public, max-age=300
x-ratelimit-limit
60
cf-ray
84744ee06d96901c-FRA
x-frame-options
SAMEORIGIN
expires
Thu, 18 Jan 2024 05:11:21 GMT
2023-full-episode
api.tonton.com.my/api/video/playlist/ 		43 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.tonton.com.my/api/video/playlist/2023-full-episode?1705554077
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2587 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e17b4a5facd2b7c10a9a42d1c8d4fef7003ddb0cf06bc40d85ec8039276e5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Jan 2024 05:01:21 GMT
server
cloudflare
x-ratelimit-remaining
59
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.xtra.com.my
cache-control
public, max-age=300
x-ratelimit-limit
60
cf-ray
84744ee06d97901c-FRA
x-frame-options
SAMEORIGIN
expires
Thu, 18 Jan 2024 05:11:21 GMT
echo
script.googleusercontent.com/macros/
Redirect Chain
  • https://script.google.com/macros/s/AKfycbxQJ4akLbRv2osfW6I9BE0UvbnrUEn9LVkX8zA4ciTIelJI_7xcLaGUN8Zyr3pIjcGCjw/exec?action=read
  • https://script.googleusercontent.com/macros/echo?user_content_key=bhOAbmzTbJdCvQW1awbuuNpz07qbj8bKo3S_TN1zErAQtMgM4iyD1W7yDeUOUzedoRbShDImtbGFkk_MS8eENGesZ7f_e-Qem5_BxDlH2jW0nuo2oDemN9CCS2h10ox_1xS...
2 KB
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.googleusercontent.com/macros/echo?user_content_key=bhOAbmzTbJdCvQW1awbuuNpz07qbj8bKo3S_TN1zErAQtMgM4iyD1W7yDeUOUzedoRbShDImtbGFkk_MS8eENGesZ7f_e-Qem5_BxDlH2jW0nuo2oDemN9CCS2h10ox_1xSncGQajx_ryfhECjZEnDcE1vWxR5s88BL6ScpUvyRURBfKAVMtrV4F03P06YLqwPRpL_JvUW3c96-bkXV1bJ9Gy9gG0XAYpQBVQViaDaT9iesBiJU6YowSkkEPQmtTfXdnmwNvazc&lib=M9Sa-6GXqmeawfa43t4zwbbpH_7uij9rM
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ea257c39c1244f7aaa2354d6834e69cb97c0c1db75c202c45603062b38154795
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-gk4sMxa1nSoXbUzosYpD8Q' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://script.googleusercontent.com/macros/echo?user_content_key=bhOAbmzTbJdCvQW1awbuuNpz07qbj8bKo3S_TN1zErAQtMgM4iyD1W7yDeUOUzedoRbShDImtbGFkk_MS8eENGesZ7f_e-Qem5_BxDlH2jW0nuo2oDemN9CCS2h10ox_1xSncGQajx_ryfhECjZEnDcE1vWxR5s88BL6ScpUvyRURBfKAVMtrV4F03P06YLqwPRpL_JvUW3c96-bkXV1bJ9Gy9gG0XAYpQBVQViaDaT9iesBiJU6YowSkkEPQmtTfXdnmwNvazc&lib=M9Sa-6GXqmeawfa43t4zwbbpH_7uij9rM
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
456
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034955&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1705554380739&ns_c=UTF-8&comscorekw=fbia&c7=https%3A%2F%2Fwww.xtra.com.my%2F&c8=XTRA%20-&c9=
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
via
1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
kGhgMWwjG1_dmDJaeh3hLoGBAmkdSAW1xjomjQR2EGP5TzLAjHdQ0A==
x-cache
Miss from cloudfront
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-71805444-2&cid=1371778314.1705554381&jid=1131162038&gjid=1232939111&_gid=703342959.1705554381&_u=YADAAEAAAAAAACAAI~&z=2061606881
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
myundiwidget-bm.js
exclusive.myundi.com.my/myundiwidget-newsticker/ 		0
0
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		153 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=xtra.com.my&domain=xtra.com.my&path=%2F
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ac53dfbb8f4ae4c12eacb1797f392ca48b5386307e5004129352a8a4a47d46ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
122
x-served-by
cache-sof1510036-SOF
x-timer
S1705554381.900856,VS0,VE125
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 16 Jan 2024 05:06:20 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 18:20:42 GMT
content-encoding
gzip
age
1075538
x-guploader-uploadid
ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 04 Jan 2025 18:20:42 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
32454
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84744ee06e15aca4-TXL
expires
Sun, 21 Jan 2024 05:06:20 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 10 Jan 2024 15:13:35 GMT
server
nginx
etag
W/"659eb41f-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Jan 2024 05:06:20 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:ea00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Wed, 17 Jan 2024 09:17:41 GMT
Via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
71320
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
vUNE0Ir-tjzdCljCCqSJ_9at8Eljhy2NKpiEflfWymujeOtUkKIssA==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 05:37:13 GMT
content-encoding
gzip
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
84548
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Xv7H5PJcWRT4EwlF3zLq80VJn4YqbhQF8dTLQIG0V12WLQRNvBXxGg==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
8b549172e9266ce7ad07d44c6172d39b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11936
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230131-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnO9hcBhl5T1m1aonr7cDyRYMUCNAfwRLHc6WXrAf8dilNgsfihr2kdGgk9nLdvd7ggxUiWXsBpPMXUNUGAiKYWGUaQVZFVPiUBLLwtJ3H8VTUYgkVmUHJqBuaBjNlL7zy75XJVhG4pfzJ3EC4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
84744ee03aed6925-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
98V47QQRQBB1H96A
age
1297
etag
W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84744ee0de8f9a00-FRA
x-amz-id-2
LLVA+vqa0Oh0heny89/8P0nfxp+zIdnneOaCpgIwTJSOykl2BIpgwhWBjtwGdEQ0xHXNPNef+1nKJEDhB6C52g==
ads
securepubads.g.doubleclick.net/gampad/ 		543 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2607990086942047&correlator=3858502938015243&eid=31079959%2C44777897&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fif&iu_parts=1009103%2Ctontonextra_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705554380769&lmt=1705554077&adxs=245&adys=148&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.xtra.com.my%2F&vis=1&psz=1140x3292&msz=1x-1&fws=0&ohw=0&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=true&dlt=1705554380031&idt=718&cust_params=site%3Dtontonextra%26section%3Dhomepage%26pos%3Dhomepage%26key%3D%26lotauds%3D&adks=1498173213&frm=20
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
697fc6e78efc50101b89b7dd47ec1e43db00401bec24b1aacdfb88e8830b277f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
267
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		555 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2607990086942047&correlator=3858502938015243&eid=31079959%2C44777897&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fif&iu_parts=1009103%2Ctontonextra_andbeyond_pixel&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705554380774&lmt=1705554077&adxs=245&adys=149&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.xtra.com.my%2F&vis=1&psz=1140x3292&msz=1x-1&fws=0&ohw=0&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=true&dlt=1705554380031&idt=718&cust_params=site%3Dtontonextra%26section%3Dhomepage%26pos%3Dhomepage%26key%3D%26lotauds%3D&adks=1595449507&frm=20
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5084b924bf78a55113b2d5debed92f21e91f7abb68d8a859e7bfba8dee3a9656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		91 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2607990086942047&correlator=3858502938015243&eid=31079959%2C44777897&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fif&iu_parts=1009103%2Ctontonextra_lb&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705554380776&lmt=1705554077&adxs=250&adys=646&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.xtra.com.my%2F&vis=1&psz=1140x3292&msz=1100x0&fws=0&ohw=0&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=true&dlt=1705554380031&idt=718&cust_params=site%3Dtontonextra%26section%3Dhomepage%26pos%3Dhomepage%26key%3D%26lotauds%3D&adks=2031620976&frm=20
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce43f03b56782b3ffd8c77b0747cd1f19b9ca3c65cf6e1f07204d94e085314c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42399
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 051A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:20 GMT
expires
Fri, 17 Jan 2025 05:06:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 625C 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&adk=1812271804&adf=3025194257&lmt=1705554077&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fwww.xtra.com.my%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554380501&bpp=5&bdt=470&idt=286&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6657886990256&frm=20&pv=2&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3799ff2360b5bceac6732a2484468989d2d9d4552a16275241d85f9836fceaf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
831
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Thu, 18 Jan 2024 05:06:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
conversion_async.js
www.googleadservices.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16848
x-xss-protection
0
server
cafe
etag
13310292836814682028
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 05:06:20 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-71805444-2&cid=1371778314.1705554381&jid=1131162038&_u=YADAAEAAAAAAACAAI~&z=1975443083
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-71805444-2&cid=1371778314.1705554381&jid=1131162038&_u=YADAAEAAAAAAACAAI~&z=1975443083
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.68.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-68-125.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b1317f67326ee69fe2476fe7e40f8a7e75297de33f5612152449c530309ec8c9

Request headers

Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache
x-server
10.45.23.223
access-control-allow-credentials
true
content-length
60
expires
0
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/56rz0buk74
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
last-modified
Wed, 17 Jan 2024 09:38:21 GMT
etag
W/"0x8DC17400B6A7365"
vary
Accept-Encoding
x-azure-ref
20240118T050620Z-2bg153yv7d2m729asu5fz839as00000000dg000000007v9v
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5bafff2b-501e-004b-1c2a-49d288000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
gsap.js
cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/optimized/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/optimized/gsap.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b947a3efe23b4827fa6e4f7c6c0364baa2f66d27d0eb8074d5ab36380876e952
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/optimized/gsap.js
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72252
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::sfo1::kbqqv-1705482128981-d3ccc2ffbc08
server
cloudflare
etag
W/"f114-9BlmNMloJV8XaPp0tvFxaV9bubg"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkaCZBfxEZcOhwvaOG6pgWaMMJMjUQ6b13jtXY6BOZcnM6CpBl0w%2FgjpA0Akq3fZ2Ydx%2BrijutKEu3Xp3GxJTignQKKUVfHF5%2B0kHVpRD78spnVFdVeTiMbSXuP%2Fu6o3mnTDAIEpcjOAHupnvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, X-Imports
cache-control
public, max-age=31536000, immutable
cf-ray
84744ee099d35c62-FRA
146628787470804
connect.facebook.net/signals/config/ 		130 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/146628787470804?v=2.9.140&r=stable&domain=www.xtra.com.my
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f013:d:face:b00c:0:3 Helsinki, Finland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
304a42663b6432a8647f20e96751774b911820224ee786d577a81425b868bcf4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 18 Jan 2024 05:06:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
OtHieEMgpUWoNjD+AmpZcBiGEkP7+SmVPJlS83NWEk4CNPgyRrSJ8/H121WlI1UnADyxUdBv+ToUCQsmjkB7gg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
Draggable.js
cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/Draggable.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf85037fd1f04c4684ed0357cf80a71a3c4aa19049bfccdaec678b4b18dc8e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/Draggable.js
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72252
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::sfo1::48gb8-1705482128990-bcfe5b05fdb7
server
cloudflare
x-imports
../unoptimized/utils/matrix.js
etag
W/"7553-dYWEgV2hNUKDhK4RO4C1kpAmsIU"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9nkNBjosh%2BmXu6LeZwCRsrLOD9zvrWvDp8Y30%2Fzy6u%2BB7wG7vz4rrlvrb6ZWox2GFuBGEvsxr8UbvHOg9uxpIHobcQjnTRC4bE%2BOwM9rUC26FTXYZt7IanmH1jX8%2B18C4E90o5CA%2F8mOqR7WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, X-Imports
cache-control
public, max-age=31536000, immutable
cf-ray
84744ee0c9f45c62-FRA
matrix.js
cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/utils/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/utils/matrix.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4ac2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc156f774f770c9969f60f278f977ce3a561b5927bf0acb682f4834e1729c3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/Draggable.js
Origin
https://www.xtra.com.my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72252
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::sfo1::8nwdk-1705482128990-a56eb03e36f2
server
cloudflare
etag
W/"1376-T/OrTzcg3vkKhdJZmnBcCh1Vf3g"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itIrf6WWuw1vy%2Faf9Vb4SzpWWs3ojhPenihqT3hDP3pHYP%2FwiI2OxPFDLE5XXWybXvFwV9Yb0auFp9HBbNddkt%2BhkMad4kASmNPRf6bxvf8iKOHqpwmtd2HiCFi3jYb5BpCHyPn1VowKIXQi3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, X-Imports
cache-control
public, max-age=31536000, immutable
cf-ray
84744ee0c9f55c62-FRA
js
www.googletagmanager.com/gtag/ 		176 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-71805444-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBQP55N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56287867c7750100b089f894be0ca553b5d126d54d9ab9c1a1488e83c489b58d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65342
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Jan 2024 05:06:20 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xtra.com.my%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xtra.com.my%2F&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.xtra.com.my%2F&rid=esp&cc=1
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
d4c468a2f4f47b4cda64d2d1fab4656d83cada21e18593f8e9d0072b885b8760

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-xo94VJH9VCfc/W38n4Eb/s/cCGw"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.xtra.com.my
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.xtra.com.my
location
/esp?url=https%3A%2F%2Fwww.xtra.com.my%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=966308144&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xtra.com.my%2F&ul=en-us&de=UTF-8&dt=XTRA%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=633753935&gjid=1817559714&cid=1371778314.1705554381&tid=UA-71805444-2&_gid=703342959.1705554381&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=2041414300
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-71805444-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Jan 2024 03:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4691
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 18 Jan 2024 05:48:09 GMT
syncframe
gum.criteo.com/ Frame F9AC 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.xtra.com.my
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:20 GMT
server
Kestrel
server-processing-duration-in-ticks
355971
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-71805444-2&cid=1371778314.1705554381&jid=633753935&gjid=1817559714&_gid=703342959.1705554381&_u=aADAAUABAAAAACAAI~&z=630156248
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
xtra-widget.png
pcto.revmedia.my/2024/01/xtra/assets/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pcto.revmedia.my/2024/01/xtra/assets/xtra-widget.png
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:241a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6412e5417cdbd4dca9641435a4ab8170029775179ba86b313265584e4b956e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=79095
x-guploader-uploadid
ABPtcPoW7EbZv_TwByx4QpFn1SjeXM5JHR5A9Wm1U_bfCjEvUrgcaVgrQXD-zBGuOJ_Zgp2zFqNWkqEbFA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="xtra-widget.webp"
alt-svc
h3=":443"; ma=86400
content-length
42978
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 15 Jan 2024 07:02:32 GMT
server
cloudflare
etag
"14dadf484e05823d0f4b2f94b289e430"
vary
Accept
x-goog-generation
1705302152341111
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=PyBU5w==, md5=FNrfSE4Fgj0PSy+UsonkMA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
79095
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
84744ee179aa35f8-FRA
expires
Thu, 18 Jan 2024 09:06:21 GMT
increment
id5-sync.com/api/esp/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.xtra.com.my
date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
ads
googleads.g.doubleclick.net/pagead/ Frame C452 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8047cb955dd5cd8f4f978d1ef9191416f555556f8e54fe200e3e542b267dea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16552
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Thu, 18 Jan 2024 05:06:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7093 		39 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e537ac22ee6a69102008c0a506777c13b6dd65a593e4ca1cc769c1a0330646b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16999
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Thu, 18 Jan 2024 05:06:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0BA2 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
faa160d275c7cf1b40190c8388ab96dc2791c0de4b80b8b84479ee3f1b64e3c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16865
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Thu, 18 Jan 2024 05:06:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C628 		39 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3785275738631da398e9f63d787b1c4e5962c28598b120a75faba54ce124084b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16998
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Thu, 18 Jan 2024 05:06:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DA3F 		39 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad7e0a948ed63a452e64937355c5007aebe6bd7df62919d5f56753179c6efd39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16937
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Thu, 18 Jan 2024 05:06:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-71805444-2&cid=1371778314.1705554381&jid=633753935&_u=aADAAUABAAAAACAAI~&z=1368630832
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-71805444-2&cid=1371778314.1705554381&jid=633753935&_u=aADAAUABAAAAACAAI~&z=1368630832
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
x.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.xtra.com.my
Date
Thu, 18 Jan 2024 05:06:21 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=146628787470804&ev=PageView&dl=https%3A%2F%2Fwww.xtra.com.my%2F&rl=&if=false&ts=1705554381123&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.2.1705554381122.1105592613&ler=empty&it=1705554380888&coo=false&rqm=GET
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f113:81:face:b00c:0:25de Helsinki, Finland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 18 Jan 2024 05:06:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
container.html
e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 12C3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:20 GMT
expires
Fri, 17 Jan 2025 05:06:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KM2DDTPDW6&gtm=45je41a0v9108145860&_p=1705554380229&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1371778314.1705554381&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705554380&sct=1&seg=0&dl=https%3A%2F%2Fwww.xtra.com.my%2F&dt=XTRA%20-&en=scroll&ep.article_author=n%2Fa&ep.publication_date=n%2Fa&ep.publication_time=n%2Fa&ep.pagetype=website&ep.article_id=n%2Fa&ep.site_name=XTRA%20-&ep.modified_date=n%2Fa&ep.modified_time=n%2Fa&epn.percent_scrolled=90&_et=5&tfd=1581
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KM2DDTPDW6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame F9AC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=xtra.com.my&sn=ChromeSyncframe&so=0&topUrl=www.xtra.com.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=EifJJnxGWkY4Vi9NR2NseFhSRm9VT0tCSVZHbnlkYjVqd1EvN0VzNWVKZkFtL0lza2ppNGdiVGVZTWN3cVJXb1BnYm1Xai9lT2g5WGdjSXVRK1ZUVERYMzYzYmYrSnJNZG9iN1pLN2xodGpKMVRPQ3FraDAzVTNMUlpxb0...
433 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=EifJJnxGWkY4Vi9NR2NseFhSRm9VT0tCSVZHbnlkYjVqd1EvN0VzNWVKZkFtL0lza2ppNGdiVGVZTWN3cVJXb1BnYm1Xai9lT2g5WGdjSXVRK1ZUVERYMzYzYmYrSnJNZG9iN1pLN2xodGpKMVRPQ3FraDAzVTNMUlpxb0ppT1FpeWlyZVdJbEdOS0NMUGkwbXJ6YjUvOW9xK3NYTTAwaXhUQzZDeUYwTHBJdkM0dUJSVkJRUDBFWGxCUWNiZ0dWWVpZVFJGUXF0WHl1VUY2MXhRbmRjQ2hRbEt3enBoOXFHU1ZVYWNGR2hDbE1takRFTkN1TkpvMUFRSGlMZHE3SnhTVHhRc0RveFpzM1g2Nitra0V2ejMxK25maUI4SFBueWVmZjkwaDZSaVY2N1ZXMD18&cppv=2
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
15e498c6a0d7a1eaaf98a994ed70c9980792328cb3d6fa4b22a8f94acf0ed55f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1220932
expires
0

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=EifJJnxGWkY4Vi9NR2NseFhSRm9VT0tCSVZHbnlkYjVqd1EvN0VzNWVKZkFtL0lza2ppNGdiVGVZTWN3cVJXb1BnYm1Xai9lT2g5WGdjSXVRK1ZUVERYMzYzYmYrSnJNZG9iN1pLN2xodGpKMVRPQ3FraDAzVTNMUlpxb0ppT1FpeWlyZVdJbEdOS0NMUGkwbXJ6YjUvOW9xK3NYTTAwaXhUQzZDeUYwTHBJdkM0dUJSVkJRUDBFWGxCUWNiZ0dWWVpZVFJGUXF0WHl1VUY2MXhRbmRjQ2hRbEt3enBoOXFHU1ZVYWNGR2hDbE1takRFTkN1TkpvMUFRSGlMZHE3SnhTVHhRc0RveFpzM1g2Nitra0V2ejMxK25maUI4SFBueWVmZjkwaDZSaVY2N1ZXMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
286987
content-length
0
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame FCDC 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLqlkwEQsZGUARiHwez7ATAB&v=APEucNVh5_mO-Ompi3GidHz7FjI-oNd44OPE_nim8rHpkYGWaR-dRgqz_nZhjWo3AAKrOETOB6zvsHuYbNgac9pd74sNrqRBMQ
Requested by
Host: e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
URL: https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Thu, 18 Jan 2024 05:06:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/ Frame 12C3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/abg_lite_fy2021.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:30:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
45334
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:30:47 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/ Frame 12C3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:01:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
43508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 17:01:13 GMT
view
ad.doubleclick.net/pcs/ Frame 12C3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstz3187LqJj7lyphSrLQhskramZMMFWL8klibxdK0LjNTacXSlGFpnMmaqDYQaXSJ5TuE-gNsnsuFFAax5np4-9VPeovquQ-yaPo_ghK2CrO8HcaDFG5p9TyYk6SKHLP-G0Ay1kJOA8D1KJroHiNYFVFqQnybTKr_njVR5u92SU3PppNVNvibQXM46JBpYSSSpdfIA8bMXBzhdNf5Assmk5H-Z4uB00Z5IKp5FLco66Bcltp7F9o9_jIJy0zRbTNLcHomK8rlLMtJ2aVVUf7GcK1s4yHPGEWnmHJ5kNnhjeNcWeFAhdok3dTWmpxt1WKfH4eBvhlXSgDTml4ke24z78mjg9dl95xZa_KXl2s6OCsvWYzI78hsr9_q6flvgiVEnBWJGK77WwQPwsxjqBJKTJFnrEsffClPzpVTQq7nZXojsCT7N_duaTp-a-jMsoeJUCBiAgnU6b-rzMJ2PCsh7Oh1XhtY1Cwsa8ExZlyiSJmjCayA1qUSGzamhk_kwjjNHcapviMUfI88dPf4E0EuLLWkQl8aOGLvzlqBQa4-re9DSiAFOR9tKDrf6MxF4mT8oA3M6BVxa6bfPhVLNAuDcC-xsoLHOlErGwJyrUo4wYlH7YuEASaTHU8L1nk9WNt-8re_pGnIpO-WGp3gxZluwbA_dKLKRHMz8suNsAEOAXJHTO1yYURGxTC4b7F6Ur__9xFDHlaXZogec2VqGXGJ4GW6Z1UX1Nd4LSWZ8nSmUjG1V8jB_lOND74xeFb2sbXd403lAqoswYvqufQKxX0RK37kNo0fO0ENxhH7Boo7kwaipj4ADE3FQhYVtyhuEFzo9-O2VxtxdeQPilRlz3B6TD1qf0ulNsJYa1UJKBJOOqX9wv2AAjVtDNwVdGz4OwIMhotGffCJF3dH6AVIDLNSyn4d-utizcKW2LGwF2xfORej6RnYWWLdUlF6mKmhCoLctiLOWjUd4vSBgPHa2HQWQ-hr4qp59F5G51wkb_TSv789ww1VAH4hBm60Qr1k0sr32DA6sOhIjqG8KrFkxNrT2N2wssHJp43RykBPRSBZZsvNWlk8BOgz-xhjT5j6kcmkGdn-tjXmQ_FxRlKSYq1RY2-ALLandFCoHCQT-gdJkMn-9-D1tBlPB7K-Q3L2AY-ZLOa62tEXZtjVO4i_-cUGmG8Vz8usBgY20st2uS2sDb0laxMrBCFPnV5FiV73keBTqdl7Y-0yNCmtDoy2y3eUMNFFlbLIVDvE3r3atRPIorRbU6aV-n7AjcPdwxVIxtg76mGY11Qi3iQd8Q8JPaF2zL1E_qGxDZ_NxlDaiRNgcCbxN2KKA0edPe-KcstemnZ-9ep5UuLofho3rqlpq08HeUVC6JjSxAD8tqJl9Jom4&sai=AMfl-YQAQTcyrGMO7QgLhyYzAznS733OlmgljbybpjjJmoq_eq8BzUlPb4WfFuqmao8VErbjR_41ew-3-YSbNuZo7cwZ0RohShmdYLPyocfxqgs7cLxCVjlc7kHGKT19zYAXXkD_UMaXEj3eWoe1Mp091stmX7JargtGd1Jwx8a_6DgzUEs--ZtlT6h7Z1bpL1b1BUxN_7FGA0AnTFk3kGeBMUNlgZI_Fcskht4brXgvLzrj1rciTUJmTKEpUdx9Zv6H4c50WYD_LMNjT_V8Ls8xvdbaSDXz4lLASS4s2rhVCEnMScbp_e9RI9FERDCwkO67Bvd-ysSRywEp7zuEVjkKegeXIbBkE4kJtazAKlSSJdDbgUXste2IL2u5Sm9iUKMPd5jOyGIDnfgUfNGTZ7c7bbelXFaAGGKvp_sMir0dVZYICgDhzzjmeiAEhSI5ampiuM7vvJUU0QlFNhZLde3Yk4hW2ULFVU5pYIaCqYEZ89SnO_odrnMtiSsmSV2PqRP_6mLxUQ&sig=Cg0ArKJSzLx9by7fyeQmEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tb25kYXkuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240117.18023&arae=0&ftch=1&adurl=
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 18 Jan 2024 05:06:21 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 12C3 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
95888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 12C3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js
Requested by
Host: e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
URL: https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 12C3 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
URL: https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 12C3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Drunu1_AO-rrd1nw8Vup7nTTniSKncjaOWE15yNxDMB2FLrplYuKku2VlO8zgWGh6LpVplotl_khVKqgIkFVX-8rOsVl3yYBXfpjpQtq7-I5vOLJM
Requested by
Host: e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
URL: https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 12C3 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
URL: https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 05:06:21 GMT
14941544616314442853
s0.2mdn.net/simgad/ Frame 12C3 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14941544616314442853
Requested by
Host: e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
URL: https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0701fb457892efb3a755ffe6ce3e0b2958da20a104e446e6ad88062fc531e2d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 01:02:39 GMT
date
Wed, 17 Jan 2024 01:02:39 GMT
x-content-type-options
nosniff
age
101022
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27348
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 09:46:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 12C3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59935adce14ab051753aa9a90e642a24383485a0e1e990007634c5f0549b3c40

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6687 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
115933
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame A55A 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Thu, 18 Jan 2024 05:06:21 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
ad.doubleclick.net/pcs/ Frame 12C3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstz3187LqJj7lyphSrLQhskramZMMFWL8klibxdK0LjNTacXSlGFpnMmaqDYQaXSJ5TuE-gNsnsuFFAax5np4-9VPeovquQ-yaPo_ghK2CrO8HcaDFG5p9TyYk6SKHLP-G0Ay1kJOA8D1KJroHiNYFVFqQnybTKr_njVR5u92SU3PppNVNvibQXM46JBpYSSSpdfIA8bMXBzhdNf5Assmk5H-Z4uB00Z5IKp5FLco66Bcltp7F9o9_jIJy0zRbTNLcHomK8rlLMtJ2aVVUf7GcK1s4yHPGEWnmHJ5kNnhjeNcWeFAhdok3dTWmpxt1WKfH4eBvhlXSgDTml4ke24z78mjg9dl95xZa_KXl2s6OCsvWYzI78hsr9_q6flvgiVEnBWJGK77WwQPwsxjqBJKTJFnrEsffClPzpVTQq7nZXojsCT7N_duaTp-a-jMsoeJUCBiAgnU6b-rzMJ2PCsh7Oh1XhtY1Cwsa8ExZlyiSJmjCayA1qUSGzamhk_kwjjNHcapviMUfI88dPf4E0EuLLWkQl8aOGLvzlqBQa4-re9DSiAFOR9tKDrf6MxF4mT8oA3M6BVxa6bfPhVLNAuDcC-xsoLHOlErGwJyrUo4wYlH7YuEASaTHU8L1nk9WNt-8re_pGnIpO-WGp3gxZluwbA_dKLKRHMz8suNsAEOAXJHTO1yYURGxTC4b7F6Ur__9xFDHlaXZogec2VqGXGJ4GW6Z1UX1Nd4LSWZ8nSmUjG1V8jB_lOND74xeFb2sbXd403lAqoswYvqufQKxX0RK37kNo0fO0ENxhH7Boo7kwaipj4ADE3FQhYVtyhuEFzo9-O2VxtxdeQPilRlz3B6TD1qf0ulNsJYa1UJKBJOOqX9wv2AAjVtDNwVdGz4OwIMhotGffCJF3dH6AVIDLNSyn4d-utizcKW2LGwF2xfORej6RnYWWLdUlF6mKmhCoLctiLOWjUd4vSBgPHa2HQWQ-hr4qp59F5G51wkb_TSv789ww1VAH4hBm60Qr1k0sr32DA6sOhIjqG8KrFkxNrT2N2wssHJp43RykBPRSBZZsvNWlk8BOgz-xhjT5j6kcmkGdn-tjXmQ_FxRlKSYq1RY2-ALLandFCoHCQT-gdJkMn-9-D1tBlPB7K-Q3L2AY-ZLOa62tEXZtjVO4i_-cUGmG8Vz8usBgY20st2uS2sDb0laxMrBCFPnV5FiV73keBTqdl7Y-0yNCmtDoy2y3eUMNFFlbLIVDvE3r3atRPIorRbU6aV-n7AjcPdwxVIxtg76mGY11Qi3iQd8Q8JPaF2zL1E_qGxDZ_NxlDaiRNgcCbxN2KKA0edPe-KcstemnZ-9ep5UuLofho3rqlpq08HeUVC6JjSxAD8tqJl9Jom4&sai=AMfl-YQAQTcyrGMO7QgLhyYzAznS733OlmgljbybpjjJmoq_eq8BzUlPb4WfFuqmao8VErbjR_41ew-3-YSbNuZo7cwZ0RohShmdYLPyocfxqgs7cLxCVjlc7kHGKT19zYAXXkD_UMaXEj3eWoe1Mp091stmX7JargtGd1Jwx8a_6DgzUEs--ZtlT6h7Z1bpL1b1BUxN_7FGA0AnTFk3kGeBMUNlgZI_Fcskht4brXgvLzrj1rciTUJmTKEpUdx9Zv6H4c50WYD_LMNjT_V8Ls8xvdbaSDXz4lLASS4s2rhVCEnMScbp_e9RI9FERDCwkO67Bvd-ysSRywEp7zuEVjkKegeXIbBkE4kJtazAKlSSJdDbgUXste2IL2u5Sm9iUKMPd5jOyGIDnfgUfNGTZ7c7bbelXFaAGGKvp_sMir0dVZYICgDhzzjmeiAEhSI5ampiuM7vvJUU0QlFNhZLde3Yk4hW2ULFVU5pYIaCqYEZ89SnO_odrnMtiSsmSV2PqRP_6mLxUQ&sig=Cg0ArKJSzLx9by7fyeQmEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tb25kYXkuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=204&vt=11&dtpt=203&dett=2&cstd=0&cisv=r20240117.18023&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
mqdefault.jpg
i.ytimg.com/vi/-h9E6fj6H9Y/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/-h9E6fj6H9Y/mqdefault.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49723d7242b430364fbeeb5bb1a649b21e70d753cec1a852c492f3b95b36d497
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 03:20:41 GMT
x-content-type-options
nosniff
age
6340
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16661
x-xss-protection
0
server
sffe
etag
"1704034198"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 18 Jan 2024 05:20:41 GMT
mqdefault.jpg
i.ytimg.com/vi/VaqQElWsW4s/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/VaqQElWsW4s/mqdefault.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f428c56db3bdf5dfc36a724bcf670f41139ef25f3aaf2fa024167542e3250145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15644
x-xss-protection
0
server
sffe
etag
"1703947352"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 18 Jan 2024 07:06:21 GMT
mqdefault.jpg
i.ytimg.com/vi/moH4MDW8cmc/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/moH4MDW8cmc/mqdefault.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2433f355ba323c3da4df823842ffe5718b04ed1e7b6d28d663d41fb75f3af28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 03:20:41 GMT
x-content-type-options
nosniff
age
6340
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15490
x-xss-protection
0
server
sffe
etag
"1703862169"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 18 Jan 2024 05:20:41 GMT
mqdefault.jpg
i.ytimg.com/vi/6oyCEGcZnds/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/6oyCEGcZnds/mqdefault.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea02e74f4cc0978541ab277012e20cbcdd10680e144ef461bdc1bf81f95b7a03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 03:20:41 GMT
x-content-type-options
nosniff
age
6340
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18645
x-xss-protection
0
server
sffe
etag
"1703771386"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 18 Jan 2024 05:20:41 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 6687 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
43026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 17:09:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 7093 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 7093 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
l
www.google.com/ads/measurement/ Frame 7093 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSL190__LqPfOh75F59mDqmTNV9Sg8nXMd43gn92UmKnaK9Cmgtw5lxmMb65_hudpL1NQvrAyRcelLmTx330tQZsr6Kfg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7093 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 05:06:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame C628 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame C628 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
l
www.google.com/ads/measurement/ Frame C628 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2ohxh8PYAAw10IeOA7OoQ0A6k3OTmF_9b64p0LHY8FzHWCIkjpWY0lhIGIhmfpzGnag6n6S7N5EvdlRtgo0FDfNL5FA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C628 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 05:06:21 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame B617 		155 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
43c56843151414b32608f082f9269dbc49bb7d389b6f968a1ae0631ae3f29669
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=I3zJxcLXDn3xTmCLVv6Y5rrx64g0g_wZ9dqC4WUDZGbMQEgLoD0ewos7LCeL4F3BxTgJFlr5lUH29FukMDe6bZ1sxUmi4iq9q-uCZOvKSaKBphSmyhd_B7dbMTK3-XYz7Zxdr75ydZM7cMWMp9nuM1tJUvDif1S838ZKYImWLUGudQVuKTbNeue0OdweaXN2Q1C1pdCOA1-ENHJ4vAisbKp18ZduWUbqGaPlbneiHqFRewEq6OmG8ZDLKbrDq6D0CB3K-g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
52807603
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E536 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Thu, 18 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 837A 		165 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e2acc72b62283535ca4ba468a6f45a0d72763bb912c2fb26f0edee38d51aa48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:20 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=lwNm68LXDn3xTmCLwEgWAPtju0wg4sZDIchddbpTzUJuxbdd-AahxpwMc738kYbAbLmXsp-fQgXV954ngPzFWuM18y3kHetDaiql882cvqdZ-YIWHw4clip9nG_-64lNostJrKbT-1nqWQNUeMlBHxqofrhMO7FW9bOG3bV6QFsd-dX3awQZMOsSr5QDoY0hAGfdr1rjmp5mDvqs9i6QwUnpwJ8yOXvWo-1FcgIR78UuNyEP4wWbORRkQ_FmjXI601zKSQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
55115880
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 176B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Thu, 18 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 0BA2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 0BA2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
l
www.google.com/ads/measurement/ Frame 0BA2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQmoc21wxKcFzulRKl-qHuPjHEhKe8PpIpPvt9TtrZN8fuIjGD5mXJwAAHesjtJLX-cD4bsHhmQWFLXvL4bPoq77Tj-A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0BA2 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 05:06:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame C452 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame C452 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
l
www.google.com/ads/measurement/ Frame C452 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2gU-sIRiv51CrgHfDNDeaLTHk48_R5OSBLd7PeY9DD11L4FCKvqQot8KdV80U8wYWgCr1rNTmzDwoBz9M9xf_vn2aXQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C452 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 05:06:21 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 09F9 		160 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0280629d3ed85528f91027c8c2b3045aebc3f159b25d1f9c997e4b402e5e37c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hkm0K8LXDn3xTmCL0_KSLHZygsO0svHLva-_gKhAoN_heL02cuNIJjA2GopmMDida64Ki7Ja_2gEuhATKvH4NI_tPfxmFpECUbhBeUB5brf6ugfceaJqTc-CFZwzO0WjGM4sBXWwWepv-h-LT3ifTQKmfA0iPpBl7S4_pJRVc2Da4q04o8EOIZ039XRZb8kGATseTJlL7RrqsPuKDKif8iYtnqaDNdrKr9CX7mAw4jil_hSTNpVCZm7TvbU-LPyr-EQ5bg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
54395118
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DAD0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Thu, 18 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame DBED 		147 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7d36ac69026b5b4d0efdcbc8692bfd9d71053787c1aee198a9d9862e08bab12d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=u6g6ncLXDn3xTmCLapHjIxe1lGpwddiX_3rp2dKLtWxRqLigy_lPdCliSMJNryOp3UC4UZUNiOM5jDoWe5Uuk4mD4C6kd4yyALeP__6dWS56sxlfxBXd6NFEZ9415OB0qHPb0_os9AlmYnNh3RS4E87UDjID56ciI_4D6lvEUPswQ9sIzz7es-ZXg6LCB0NlbBNmEe6HNIpj__l4ieIzN0mckZKkMSarpAdTUXnfnsKbv-qEd_V1VlhvL-S1nh-xWC8v2Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
50695944
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9718 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Thu, 18 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mqdefault.jpg
i.ytimg.com/vi/AkFrjKkTpwc/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/AkFrjKkTpwc/mqdefault.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f161f98f185258f4ffad8105ecec6c157ebd0cbb167cbace302eaf8377c203
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 04:50:52 GMT
x-content-type-options
nosniff
age
929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17490
x-xss-protection
0
server
sffe
etag
"1703942786"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 18 Jan 2024 06:50:52 GMT
mqdefault.jpg
i.ytimg.com/vi/ZH5iP70l_Q8/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ZH5iP70l_Q8/mqdefault.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6679c3f99b1adf98fb2a3219971283a30387824afccc722f40f87b9e6c0ee09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 03:20:40 GMT
x-content-type-options
nosniff
age
6341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15434
x-xss-protection
0
server
sffe
etag
"1703857697"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 18 Jan 2024 05:20:40 GMT
mqdefault.jpg
i.ytimg.com/vi/u-yw-xwMjw4/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/u-yw-xwMjw4/mqdefault.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
debc5f552e0c20c75af46dfa773004dc95515cbe1d12b7915a883e33660cddd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 03:20:40 GMT
x-content-type-options
nosniff
age
6341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18497
x-xss-protection
0
server
sffe
etag
"1703769712"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 18 Jan 2024 05:20:40 GMT
mqdefault.jpg
i.ytimg.com/vi/nFcIg6HnmaE/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/nFcIg6HnmaE/mqdefault.jpg
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e24304409ddf347d7e017305d54c2c3036bc4805bf4fa592756bfe77593e93fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 03:20:40 GMT
x-content-type-options
nosniff
age
6341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17286
x-xss-protection
0
server
sffe
etag
"1703684343"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 18 Jan 2024 05:20:40 GMT
truncated
/ Frame 7093 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c5739f2e1346d3f614b7d1f9a9c190ad45af4cd024b68adf7a300f13500691c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
events
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/ 		0
0
events
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.87.4.75 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.4.87.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://www.xtra.com.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length
43
content-type
application/json; charset=UTF-8
date
Thu, 18 Jan 2024 05:06:22 GMT
x-cloud-request-id
j7nq6W3xSSqcXGB4vl0Qow
i.match
s.tribalfusion.com/z/ Frame E536
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJVlhwh80oxejJybLAWqiQ0&google_cver=1&google_push=AXcoOmQ972oh6nUposiKD7HIBeXo2wNN7uhLpiAsO8s51UbkZtmPT7pCY4FgFHsfMs9gES7NvDJDf3BjB5aGvRZXqyXaCL0u728vR...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJVlhwh80oxejJybLAWqiQ0&google_cver=1&google_push=AXcoOmQ972oh6nUposiKD7HIBeXo2wNN7uhLpiAsO8s51UbkZtmPT7pCY4FgFHsfMs9gES7NvDJDf3BjB5aGvRZXqyXaCL0u728...
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJVlhwh80oxejJybLAWqiQ0&google_cver=1&google_push=AXcoOmQ972oh6nUposiKD7HIBeXo2wNN7uhLpiAsO8s51UbkZtmPT7pCY4FgFHsfMs9gES7NvDJDf3BjB5aGvRZXqyXaCL0u728vROn9Ayd8aDnrKVutadQTNISD-t4K6JkZzveMmbMk97csW85_qxZEBesYc5k&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ972oh6nUposiKD7HIBeXo2wNN7uhLpiAsO8s51UbkZtmPT7pCY4FgFHsfMs9gES7NvDJDf3BjB5aGvRZXqyXaCL0u728vROn9Ayd8aDnrKVutadQTNISD-t4K6JkZzveMmbMk97csW85_qxZEBesYc5k%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:22 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84744ee6cdae5d3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
189
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJVlhwh80oxejJybLAWqiQ0&google_cver=1&google_push=AXcoOmQ972oh6nUposiKD7HIBeXo2wNN7uhLpiAsO8s51UbkZtmPT7pCY4FgFHsfMs9gES7NvDJDf3BjB5aGvRZXqyXaCL0u728vROn9Ayd8aDnrKVutadQTNISD-t4K6JkZzveMmbMk97csW85_qxZEBesYc5k&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ972oh6nUposiKD7HIBeXo2wNN7uhLpiAsO8s51UbkZtmPT7pCY4FgFHsfMs9gES7NvDJDf3BjB5aGvRZXqyXaCL0u728vROn9Ayd8aDnrKVutadQTNISD-t4K6JkZzveMmbMk97csW85_qxZEBesYc5k%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84744ee56cfb5d3a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E536
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEI32yBO6eCQfx4UNipvaIi0&google_cver=1&google_push=AXcoOmSnAwIxp1m1hGz8Pb77L8-RmYSqqIxYLzRguQNHrcgT253m6uJCFKzi8CWpyLZ5pUfqbSb8j6mdO7_-cAS-I7sKhK3Uhn1gzQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D077D9D8C464332943F3770F1E82A3D&google_push=AXcoOmSnAwIxp1m1hGz8Pb77L8-RmYSqqIxYLzRguQNHrcgT253m6uJCFKzi8CWpyLZ5pUfqbSb8j6mdO7_-cAS...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D077D9D8C464332943F3770F1E82A3D&google_push=AXcoOmSnAwIxp1m1hGz8Pb77L8-RmYSqqIxYLzRguQNHrcgT253m6uJCFKzi8CWpyLZ5pUfqbSb8j6mdO7_-cAS-I7sKhK3Uhn1gzQW6wPp37dZDGU0M1zP2U9Qeqmi5_-pIMl5jUf1iwsvy0dBAecjU8y90v4c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D077D9D8C464332943F3770F1E82A3D&google_push=AXcoOmSnAwIxp1m1hGz8Pb77L8-RmYSqqIxYLzRguQNHrcgT253m6uJCFKzi8CWpyLZ5pUfqbSb8j6mdO7_-cAS-I7sKhK3Uhn1gzQW6wPp37dZDGU0M1zP2U9Qeqmi5_-pIMl5jUf1iwsvy0dBAecjU8y90v4c
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 17 Jan 2024 05:06:21 GMT
google
match.adsrvr.org/track/cmf/ Frame E536 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGxr_ss83sfTeAHnXGtz4jQ&google_cver=1&google_push=AXcoOmQzyf16oJgH7EoLlbVme8TSvhSCqNonWJhIVjJ08J4awZkgs4FrcCYXtpgwRrvLxdTtmWU7xBGFa4aBDcQ8HQAUPoZ1SqHUv5WbMTIVM6LMeohxAePDQfRXvDLBpPgEaI3-B3sqWT3dVMadlbG7_idXZQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E536
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIQdDQKK2gS0nMr5C4ieAw0&google_cver=1&google_push=AXcoOmTTHMZPh__DmD-_7FGAvF-gMs5Hyf5NLOYmFj7Tr_IMBgdDYkDHkiCDV11bUR6ivxrkYIgYPHUY-OGfdqJkACr3Vey...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTTHMZPh__DmD-_7FGAvF-gMs5Hyf5NLOYmFj7Tr_IMBgdDYkDHkiCDV11bUR6ivxrkYIgYPHUY-OGfdqJkACr3VeyRatavwBlPJdtXNIFyd_E5dVxozb5Cln0jaETYT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTTHMZPh__DmD-_7FGAvF-gMs5Hyf5NLOYmFj7Tr_IMBgdDYkDHkiCDV11bUR6ivxrkYIgYPHUY-OGfdqJkACr3VeyRatavwBlPJdtXNIFyd_E5dVxozb5Cln0jaETYTNuSxcblHoDAA3rqGQLxaQu-Qw&google_hm=eS1BSXFxVXlGRTJwSFROcms0R1gzYzdBZlJXWmhxUXRGTH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTTHMZPh__DmD-_7FGAvF-gMs5Hyf5NLOYmFj7Tr_IMBgdDYkDHkiCDV11bUR6ivxrkYIgYPHUY-OGfdqJkACr3VeyRatavwBlPJdtXNIFyd_E5dVxozb5Cln0jaETYTNuSxcblHoDAA3rqGQLxaQu-Qw&google_hm=eS1BSXFxVXlGRTJwSFROcms0R1gzYzdBZlJXWmhxUXRGTH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame E536
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGbEYp5Iq0ShcMWGe0J1wsU&google_cver=1&google_push=AXcoOmRPCuK8njSg6Wx2tFsytcRIq9uVIhs_9GkSb8JWDujpgciQF8WeLYZhJa5dBY2ncyRAkf6xNPmG...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGbEYp5Iq0ShcMWGe0J1wsU&google_cver=1&google_push=AXcoOmRPCuK8njSg6Wx2tFsytcRIq9uVIhs_9GkSb8JWDujpgciQF8WeLYZhJa5dBY2ncyRAkf6...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjkxMTg5NzEzMDc2NTUzMDE4Mw&google_push=AXcoOmRPCuK8njSg6Wx2tFsytcRIq9uVIhs_9GkSb8JWDujpgciQF8WeLYZhJa5dBY2ncyRAkf6xNP...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjkxMTg5NzEzMDc2NTUzMDE4Mw&google_push=AXcoOmRPCuK8njSg6Wx2tFsytcRIq9uVIhs_9GkSb8JWDujpgciQF8WeLYZhJa5dBY2ncyRAkf6xNPmGJ0yIvFXso8dDoCZFlQR92jDmP7AKtDY7_nG-wtqJDyJiT_NM-7199kBXSGMD9QeQEk1vTBh7XcZDyZU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjkxMTg5NzEzMDc2NTUzMDE4Mw&google_push=AXcoOmRPCuK8njSg6Wx2tFsytcRIq9uVIhs_9GkSb8JWDujpgciQF8WeLYZhJa5dBY2ncyRAkf6xNPmGJ0yIvFXso8dDoCZFlQR92jDmP7AKtDY7_nG-wtqJDyJiT_NM-7199kBXSGMD9QeQEk1vTBh7XcZDyZU
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E536
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELY4AeJ6yJcrszDq1zga9sw&google_cver=1&google_push=AXcoOmQpfN3OE2frv3QkTkkUxT6AYvpXzc0RplkW9BbVdVqryPhDcHsSLXqsaUwZ0Bv1lRgpCHL9x-WGTy4B...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpfN3OE2frv3QkTkkUxT6AYvpXzc0RplkW9BbVdVqryPhDcHsSLXqsaUwZ0Bv1lRgpCHL9x-WGTy4BizAWS4NIK9UpxZH_NwjMZvx9Jah4GiRMS5Xo...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpfN3OE2frv3QkTkkUxT6AYvpXzc0RplkW9BbVdVqryPhDcHsSLXqsaUwZ0Bv1lRgpCHL9x-WGTy4BizAWS4NIK9UpxZH_NwjMZvx9Jah4GiRMS5XoQzIvEze5A5M4hz5vxIhhWkrW1uBK7dG2IBSbFVs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpfN3OE2frv3QkTkkUxT6AYvpXzc0RplkW9BbVdVqryPhDcHsSLXqsaUwZ0Bv1lRgpCHL9x-WGTy4BizAWS4NIK9UpxZH_NwjMZvx9Jah4GiRMS5XoQzIvEze5A5M4hz5vxIhhWkrW1uBK7dG2IBSbFVs
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
report
sync.teads.tv/um/ Frame E536
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGzVwSmGl-pw...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSmhno8xZRTT2aZbSdnILkRuI_7PdBJvLsBJHLRIOsND8vmO7r6FEUsSEx3BZyz9q9uDceJO5GYKLJln70Us0BKJvsGuN8O2tznteWDBExKDpraI...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 18 Jan 2024 05:06:21 GMT
pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E536 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0E5v3HvLqdab4ZYhL924WWpAktNx1jpig3DP53G79L4r9ir_VtZr89hjUEsn2jH6IXbz0fw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame C628 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
226f0a46aff466d696a7000a2793d3276b5e8acf0646aa8980f1a2c1399632e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 176B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMxjAtOabQ3p_92CQX0XFg0&google_cver=1&google_push=AXcoOmS6HJnlFus_QRx8FG3T1VapXFyuGUaGyvj-z2NEHPO_JoxUudxR-c4ZVzfysJfshURsU6aFp9PoNDnCWtR0p-P2hblm7GmmaLl3CIq_rW2PNurmEodBc0MUnPiOynhs3w12cgGJP74dNBDgPnWysechgWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 176B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECb4Irz_cE1mL5vgn_NQ_kM&google_push=AXcoOmSzwpoL6aIwLXZ4broP5grp0FyVaq_rrTRAs2jz7B0SQCSVZXAP9o...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECb4Irz_cE1mL5vgn_NQ_kM&google_push=AXcoOmSzwpoL6aIwLXZ4broP5grp0FyVaq_rrTRAs2jz7B0SQCSVZXAP9o_XZyAtXM5BOMEffjC6mPPgVzJFNA_oEx17ltHkv-P4KVG63GyETuQ7PqW99aN8JY3U834ooI72CrUQ_9mIMctdQwJMsATzK6CaQRI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220021-FRA
pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705554382.714953,VS0,VE99
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECb4Irz_cE1mL5vgn_NQ_kM&google_push=AXcoOmSzwpoL6aIwLXZ4broP5grp0FyVaq_rrTRAs2jz7B0SQCSVZXAP9o_XZyAtXM5BOMEffjC6mPPgVzJFNA_oEx17ltHkv-P4KVG63GyETuQ7PqW99aN8JY3U834ooI72CrUQ_9mIMctdQwJMsATzK6CaQRI
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 176B
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENIFDkMpCTxpFJzxT3hErns&google_cver=1&google_push=AXcoOmQoxFzQnV4XZksnPQSrLNO1WZbcqf-ncmj94kjQ9LgxcJ1stHEMaYoRyE2AQMxDhPbEWSK6GFbXqrSYyyWpZXc88FFuApAt9...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQoxFzQnV4XZksnPQSrLNO1WZbcqf-ncmj94kjQ9LgxcJ1stHEMaYoRyE2AQMxDhPbEWSK6GFbXqrSYyyWpZXc88FFuApAt9AkV5EqtV2N7jS08_40Bp46n9VclT-9F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQoxFzQnV4XZksnPQSrLNO1WZbcqf-ncmj94kjQ9LgxcJ1stHEMaYoRyE2AQMxDhPbEWSK6GFbXqrSYyyWpZXc88FFuApAt9AkV5EqtV2N7jS08_40Bp46n9VclT-9Fx1TyVr9_ZcnSAyR_nLR9eNoEraM&google_hm=Q0FFU0VOSUZEa01wQ1R4cEZKenhUM2hFcm5z
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Jan 2024 05:06:21 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQoxFzQnV4XZksnPQSrLNO1WZbcqf-ncmj94kjQ9LgxcJ1stHEMaYoRyE2AQMxDhPbEWSK6GFbXqrSYyyWpZXc88FFuApAt9AkV5EqtV2N7jS08_40Bp46n9VclT-9Fx1TyVr9_ZcnSAyR_nLR9eNoEraM&google_hm=Q0FFU0VOSUZEa01wQ1R4cEZKenhUM2hFcm5z
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 176B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENaiwqtgrYSnwmoGGww0VM0&google_cver=1&google_push=AXcoOmRdzJy1rlHdq9RoG2jKFUW8TPH_x5oRI0KgTuwW5ZDzRaNhXHu0Hp52p50h_rdYRFYhr-EyraxtlHYpvXbDSnX_OQi...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRdzJy1rlHdq9RoG2jKFUW8TPH_x5oRI0KgTuwW5ZDzRaNhXHu0Hp52p50h_rdYRFYhr-EyraxtlHYpvXbDSnX_OQi_Ko9HJVKuvT14Qdjm7U5YbPbF4FN61LgsfZ9rM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRdzJy1rlHdq9RoG2jKFUW8TPH_x5oRI0KgTuwW5ZDzRaNhXHu0Hp52p50h_rdYRFYhr-EyraxtlHYpvXbDSnX_OQi_Ko9HJVKuvT14Qdjm7U5YbPbF4FN61LgsfZ9rMed1edXMreToCj-2Mb2XNK-49-s&google_hm=eS1yY1ExNmJCRTJwR3ZFQ1NZLm11bFdES1dPaG9SMERqV35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRdzJy1rlHdq9RoG2jKFUW8TPH_x5oRI0KgTuwW5ZDzRaNhXHu0Hp52p50h_rdYRFYhr-EyraxtlHYpvXbDSnX_OQi_Ko9HJVKuvT14Qdjm7U5YbPbF4FN61LgsfZ9rMed1edXMreToCj-2Mb2XNK-49-s&google_hm=eS1yY1ExNmJCRTJwR3ZFQ1NZLm11bFdES1dPaG9SMERqV35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 176B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSJyo...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pQ1jzSpMYruSKpQUOwdfD5qJwXaFzv3l_seshg&google_push=AXcoOmSJyoMRch0e1nR16Dp6fzaTjUs22C33suVfdbcZNE1xS-6Hl0w4qJ2Q-3ze5RhORvscG0Qub06LH_vs...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pQ1jzSpMYruSKpQUOwdfD5qJwXaFzv3l_seshg&google_push=AXcoOmSJyoMRch0e1nR16Dp6fzaTjUs22C33suVfdbcZNE1xS-6Hl0w4qJ2Q-3ze5RhORvscG0Qub06LH_vs6bugRfYbsyWdWDhkOFlbgWKsCN-ySjAjoVAV0HI32dSWyae2OOk7q6-kmRqxWZNVVkWKN85zHYM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pQ1jzSpMYruSKpQUOwdfD5qJwXaFzv3l_seshg&google_push=AXcoOmSJyoMRch0e1nR16Dp6fzaTjUs22C33suVfdbcZNE1xS-6Hl0w4qJ2Q-3ze5RhORvscG0Qub06LH_vs6bugRfYbsyWdWDhkOFlbgWKsCN-ySjAjoVAV0HI32dSWyae2OOk7q6-kmRqxWZNVVkWKN85zHYM
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1189721
content-length
0
expires
Thu, 18 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 176B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMgH2itirmJBRkYnWgApZj8&google_cver=1&google_push=AXcoOmSgvdxxAjEUJ17HXoTJ02CupJBZvYRUSC2WrgGsuZE350sASSnrkxOmWtrNrPUCXinA9AP5XXPS...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMgH2itirmJBRkYnWgApZj8&google_cver=1&google_push=AXcoOmSgvdxxAjEUJ17HXoTJ02CupJBZvYRUSC2WrgGsuZE350sASSnrkxOmWtrNrPUCXinA9AP...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMwNDY5MDMzMDY4ODA2MzI2OA&google_push=AXcoOmSgvdxxAjEUJ17HXoTJ02CupJBZvYRUSC2WrgGsuZE350sASSnrkxOmWtrNrPUCXinA9AP5XX...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMwNDY5MDMzMDY4ODA2MzI2OA&google_push=AXcoOmSgvdxxAjEUJ17HXoTJ02CupJBZvYRUSC2WrgGsuZE350sASSnrkxOmWtrNrPUCXinA9AP5XXPSkVKA-H5sNgk9VxyooQx4epU5WAmd2KYZgHebnvulpdvKryuPRTA0I5VHifVJLwli3c6g0yMUTGbkbWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzMwNDY5MDMzMDY4ODA2MzI2OA&google_push=AXcoOmSgvdxxAjEUJ17HXoTJ02CupJBZvYRUSC2WrgGsuZE350sASSnrkxOmWtrNrPUCXinA9AP5XXPSkVKA-H5sNgk9VxyooQx4epU5WAmd2KYZgHebnvulpdvKryuPRTA0I5VHifVJLwli3c6g0yMUTGbkbWg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame 176B
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEP0x-5EmFWi3...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRRlmuzlVIFfC-H6UtBM7BB-Go1Z569HhX8zxl57InvTz8uaIyfLbmluf6E-5rw8kULH-K4K88mgjoakcPhbT69KA5EtuxA1V9LCPmdKl9T45MYl...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 18 Jan 2024 05:06:21 GMT
pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 176B 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0Nz2-ArUBPiIfKa1wRVQ1Ym8_pzJrsJZ6QgfhIpgg6WrMpNa6RX5jSr88jGueGTJv8rUKMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame DA3F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame DA3F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 16:28:03 GMT
l
www.google.com/ads/measurement/ Frame DA3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6OndtrU7kgGw9EN2uXO1tVckUe1gIU8MYyiiU8kUsrh5GIIIXxjK3nKZNcq4I9t-YAgxC0yX2iz6FuvbIVLGuNkHShA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DA3F 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 05:06:21 GMT
truncated
/ Frame 0BA2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22de215ff4819802558e679dd97f2d580220f34488a6c8b99a7459b2ca480ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
afr.php
ads.eu.criteo.com/delivery/r/ Frame CA45 		174 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4318d06e8c15a589c5cf3667e1fb323b90f9e1adfabd32964154addc816f6013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZwYikcLXDn3xTmCLXAanCTbSEqXeOceJdZw_y9DGwnQwQMhgYpYRCz0W5Qzkbh3qcfQ5RnLKFgU9-OhC_E5SxMLZMFNIakg9IJR8xDpfk6Y2GECqNJNDyU78fbdD2BkN44gBND3Lz-YSVtzAMwLo3h2InVN3B2kwnyk43gJLa4l9AAKPvg7BHNYM9Oa_agcIeRagw6aE3bCbnnwnA2fyFu1TVMVIVaOeZ_mg7Rswlwloo6p9WhGfuh9Lnio"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
54679415
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8254 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Thu, 18 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DAD0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEbWyrTRBFxZhzv3hZ0M23o&google_cver=1&google_push=AXcoOmQs8UTEtTm-9aeqTF_795ns-uckHpAahi3qBraoxbIsvnULwW_EXH55SbEMYZCu9_Du65xUOR2sVaQ5_IJuQjbT6vVLYxj2B...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzU3NzcxMDE5NzQ3MzMxOTQxNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG_P_46rT32lH5Xare2KeMQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG_P_46rT32lH5Xare2KeMQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG_P_46rT32lH5Xare2KeMQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame DAD0 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFzkIObEK70cJjxZeHtSLvg&google_cver=1&google_push=AXcoOmT0ENDq7AePk8FD6KfNMrSeaCFynyi2Y3C0Cb3K3NRhs6nwyjqEbnCy2LFYI0dVAywDbWfQbZnLIwZFRn4Us0DgrKwTZwnBcNeJQu0eUhO0ntEiGluUYMNxhM2MS3sHYI1ho5S2XUNYqQ3IJ1FiaYqxrXA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame DAD0
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEAWKhxqndIbrCkEsNMuvTOE&google_cver=1&google_push=AXcoOmSjTpqOpTBYWvcYsjgcd7BliXnvJp6yyiLWyTDWZ6FNe_U6ZyzaoQULEK56KFBp81h2VGQu3JUT3VEy4pEFUhvFrDRmKQu3y...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSjTpqOpTBYWvcYsjgcd7BliXnvJp6yyiLWyTDWZ6FNe_U6ZyzaoQULEK56KFBp81h2VGQu3JUT3VEy4pEFUhvFrDRmKQu3yImBnQQZRuDrnQG5IXyA5EHQjn2fXpMK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSjTpqOpTBYWvcYsjgcd7BliXnvJp6yyiLWyTDWZ6FNe_U6ZyzaoQULEK56KFBp81h2VGQu3JUT3VEy4pEFUhvFrDRmKQu3yImBnQQZRuDrnQG5IXyA5EHQjn2fXpMK3af3UNvwJD3BU1yGxcPuSxG9XQ&google_hm=Q0FFU0VBV0toeHFuZElickNrRXNOTXV2VE9F
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Jan 2024 05:06:21 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSjTpqOpTBYWvcYsjgcd7BliXnvJp6yyiLWyTDWZ6FNe_U6ZyzaoQULEK56KFBp81h2VGQu3JUT3VEy4pEFUhvFrDRmKQu3yImBnQQZRuDrnQG5IXyA5EHQjn2fXpMK3af3UNvwJD3BU1yGxcPuSxG9XQ&google_hm=Q0FFU0VBV0toeHFuZElickNrRXNOTXV2VE9F
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame DAD0 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTZhwLh2czXPsDE8m9eLQVHUUsuoBSWFazmgKd0VYUoCIfZBS7aWlP8p_iGzD049qxywm3CHALUs_Z-xuXU64nORsf8JF1dRBPGZdScjgt_0ddQH1Y-LCUJ63lnoV5bABDkOp8I3asTHhtutvbehYj4ha4&google_gid=CAESEKj0i3XT9zQG1oGS-9I7BKI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
odr.mookie1.com/t/v2/ Frame DAD0 		42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJTGEmQRvZcPuPBeoUfyBNM&google_push=AXcoOmRDCEZAk94ohzNysYJFWr9cpNxaEYGP-v_phtFFcbLHBdioDVk2fHFNDZUl8_m2JBOR6Rhq6k-tyWZdD93fQADvyFjI7dZOjd2GfqL-3miIqKVWiOaZmeP6KhsUg6dJd2_5Bxz0JkrhaVKRZ05LbRtlJvs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame DAD0
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEMElpUROxUowPF6v41wsNRo&google_cver=1&google_push=AXcoOmT94e7BH1eeLXzXB_uh-CbItyEQX6iYEM07DYEVz-xHnJ_a2vQwbIBGGEQVsJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT94e7BH1eeLXzXB_uh-CbItyEQX6iYEM07DYEVz-xHnJ_a2vQwbIBGGEQVsJV9GYTMYthms87lsGd-WIugE-vFG4QjPt_gehU3R03syNmxhG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT94e7BH1eeLXzXB_uh-CbItyEQX6iYEM07DYEVz-xHnJ_a2vQwbIBGGEQVsJV9GYTMYthms87lsGd-WIugE-vFG4QjPt_gehU3R03syNmxhGEeON57q_xFzmKNcADfrFUW1GX6r21zd2rjU_AwENOMl98&google_hm=VT-ewPHiQOCRuvcR7k7Bn2Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT94e7BH1eeLXzXB_uh-CbItyEQX6iYEM07DYEVz-xHnJ_a2vQwbIBGGEQVsJV9GYTMYthms87lsGd-WIugE-vFG4QjPt_gehU3R03syNmxhGEeON57q_xFzmKNcADfrFUW1GX6r21zd2rjU_AwENOMl98&google_hm=VT-ewPHiQOCRuvcR7k7Bn2Q
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame DAD0
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEH9aDfE2Nt9i...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSEi-Ao8DBigoW9BL0vtXx5e87SHFg3r57TLOEzrRE4FfhY5nLGGf7a3ByO9GQOPn8STwR4J-sig5-VnO0CgjQxV7lBjsFwTXZ4Rb0m7WUcWPlOA...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 18 Jan 2024 05:06:21 GMT
pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DAD0 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdpU7mXC5yd2fXCBAlE6kVUyx3g4llJkHJA79Oz7lGmGntNFyc2k-9aWFDcR3jOkDJq958pZY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame C452 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f341d0cce4233ca3dc0393ae59d721f74140e0755aa4d9e21638511f04468e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 9718 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELXXn_qR2GScSprv0wzx-28&google_cver=1&google_push=AXcoOmQzEnoUshhMd7AshtYN9KrVhWnckdYRDxx_n3JxyhJmI4nQSv3mT_XEVa7vq7TqYmnlKqGNf5MrALxqSxX-omqzHAyF9T_jRA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 9718 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBOafTwqnGgK0Tz73KUvaKk&google_cver=1&google_push=AXcoOmS6pIQGiC-xLH2ckJnF9pMV7EAZROvt6b6A2pIirYFBAf3qa3r9zdoLFRxSvR02w4d1beEjzljD4xHJ70gqZVgidIEJ5-9jotM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 9718
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELX68HNtDLZ0lmVcCes7DNA&google_push=AXcoOmQ5z51uGhV2Yr6AypIK8yfjPr8zCP4EBgSub4-DPFcgoGtyetjF9F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELX68HNtDLZ0lmVcCes7DNA&google_push=AXcoOmQ5z51uGhV2Yr6AypIK8yfjPr8zCP4EBgSub4-DPFcgoGtyetjF9FuK1kNLE6W-Yj1O8FAuEZ0PuX5QdSIW27u1DonPzKRiuQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220021-FRA
pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705554382.714940,VS0,VE94
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELX68HNtDLZ0lmVcCes7DNA&google_push=AXcoOmQ5z51uGhV2Yr6AypIK8yfjPr8zCP4EBgSub4-DPFcgoGtyetjF9FuK1kNLE6W-Yj1O8FAuEZ0PuX5QdSIW27u1DonPzKRiuQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 9718 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEC5bKYwFpNl_KEdMqs2tir4&google_cver=1&google_push=AXcoOmQywAh1TKInuQMupYkZraBAtEjHCIe1R965dJjS49LfcnIxxfBbyF761P4s2q1JyyNWyemCcuaEV_sQiRqoczK3hnjI0JQnQg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9718 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGmoTkYSbCOnseqZ0tap8gU&google_cver=1&google_push=AXcoOmSNYQdSnz9gxbvesg64vxWxlBiC6f26jU2HmGNSgQdHXWi_ygOGWEv9B3TCPBBL0pjODZN4x0sYbwufB5AcjaRrSLmWUAfqk54
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 9718
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELTa9N2fIDWq_LDLn3JedjY&google_cver=1&google_push=AXcoOmSmBHnRIoCOCHjGQIJtpdSTbAAzHy-OA3zzN5TOz_XWx-Fiu6bj6x10HENOqqBoKd3l-R1ZCSG1gFoPRkC8...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-lFT1KdIS3MXWPZRO8s2IQ&google_push=AXcoOmSmBHnRIoCOCHjGQIJtpdSTbAAzHy-OA3zzN5TOz_XWx-Fiu6bj6x10HENOqqBoKd3l-R1ZCSG1gFoPRkC8dSku4VE6I9NHFB8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-lFT1KdIS3MXWPZRO8s2IQ&google_push=AXcoOmSmBHnRIoCOCHjGQIJtpdSTbAAzHy-OA3zzN5TOz_XWx-Fiu6bj6x10HENOqqBoKd3l-R1ZCSG1gFoPRkC8dSku4VE6I9NHFB8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-lFT1KdIS3MXWPZRO8s2IQ&google_push=AXcoOmSmBHnRIoCOCHjGQIJtpdSTbAAzHy-OA3zzN5TOz_XWx-Fiu6bj6x10HENOqqBoKd3l-R1ZCSG1gFoPRkC8dSku4VE6I9NHFB8
x-host
tde-deliveryengine-production-5db7bf8975-r85pf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9718
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQfbF...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pQ1jzSpMYruSKpQUOwdfD5qJwXaFzv3l_seshg&google_push=AXcoOmQfbFHnMRyDV611gIrHVrBW_Wruf8MFa-1ht97KvPw4AVrOzRQwovhL4fG6YQ73BwxTH5NQ7UbYAY2q...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pQ1jzSpMYruSKpQUOwdfD5qJwXaFzv3l_seshg&google_push=AXcoOmQfbFHnMRyDV611gIrHVrBW_Wruf8MFa-1ht97KvPw4AVrOzRQwovhL4fG6YQ73BwxTH5NQ7UbYAY2qjIbBgwn6072hTAZ0s88
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pQ1jzSpMYruSKpQUOwdfD5qJwXaFzv3l_seshg&google_push=AXcoOmQfbFHnMRyDV611gIrHVrBW_Wruf8MFa-1ht97KvPw4AVrOzRQwovhL4fG6YQ73BwxTH5NQ7UbYAY2qjIbBgwn6072hTAZ0s88
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
796982
content-length
0
expires
Thu, 18 Jan 2024 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9718 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IiourCAwEk27G1Ww_KdvTGHQuQSy512ixVCN5zki4lOKTZrKJPP0atw63qpRmVuYjsAknc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame 7093 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTJI4zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTHAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLyba2yNhwMVLLch6PTb_3nhmTfzm0a7RdSDzbB7py2_M9HmhgFHxBkKABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MjkwNjM3NTQ0NzUyNzA2GAA&sigh=ApFsf9OOTqc&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_eFv01VEZKf1BH384ow5E1KPWR2k4KDH8E0dJnzH3jxs3CGWZbHwatgQowb5LigqOY4A5Qij9GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 7093 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k47EGMz6RNYImAKdg2ICAgAAAJkCsN6lkpzMcQOMNrd69AMQzLGoZcl_cO2dz2Um7VMAABIAAAoKQVFVQkR3RVBEdw&wp=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
163078
server
Kestrel
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6687 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BPpzjzLGoZcO-MvWg9u8P9427qA4AAAAAOAHgBAI&bg=!JCelJ2jNAAa8BdJLnAU7ADQBe5WfOFzJDC4pvYcmCgRVFvukCpPCfsZCD8cRXfG22XH2PzJarq0KLRw-Umwc8EoSbWcFAgAAAHlSAAAAAmgBB5kDD1I7o_rVYDU9ec-HsrZU2n1aq2nvcQG0VT5HS0jYVAXFGqGVVwQFZjvKHS3VdpERGV3LtNFtYchKF7f5gSGgN6EzsRVHgugsCp_sgKm4CwFul8aVu0U7qYeEzh9G-UGLKHH8YczrMqgi5oAodly0VZ18yzIA9ZuOr9rWeR22ElouT6iIgW9PZ7kTDXUcEIicrc4Yi4i5C-5caan7_pdpj5hmm22ErbLBqYzQAWVY441zK8y-eFRaSg-2cJntoK4Pmk0-iN0JGxqeKpcpXnNgu-kOAniMrYa7JL7iobL02LkaTdr4ucWZ9pxCI-XfD4y6pKi4pzwq6Dp1fDf8oSOSb0Cz9VI-7wlf7iUYkO3oMb4hDqGX_xx40lq84wK6c6y0xMW5aQ-boU1Blx85YokAYwjtiXKHa1Sl1LpaUy-QnWxIV3k0Bvn6i1gFw2Vnd_Zj6GJJJslRGYQkUIAezEG9UAwynoZ4yebPOmdVQWTZWXrX2VRuzD6BORBkTeDldeyFQw6gsC32V64TzzK3xizx3bWU3Weem4g-mH0Io9mWzi6zashEv4rawXc7SSjOZ78qBt8Flau0RFKpx-ItxPbQsZC_20cOIiu_7xp3YMuWIRzghK9gg9S50ZX67zUU9TbqdYr4o22mgK99sGn7wEp6wOS0YpwJoUQzxLoggL5ZXMNSRaKgi_pZKMBV5IjU9ZCybbrmnfPolOUXrQCnIFUZcqUlzb8SYkYGSQjgV5ezAg8TPLfPys0hrAzL-I43U4L8ZJzczZT_FIXeZhB8xuqhc0sdlYDvwnInGG1xWgnCPOqwPQd90HdnBsENaidkn-1-vGaDyGZRj4RfNGZkeYtkHq3qIzAMozVZ4L9y9BBtHpRssRVPZWex-1pMVFGgEbr8aPtzQ4zP-aHrX9ftbuk9pufjQpO8hj_3gGX03rSbYkzz5iPGl-3GnD0QQHSOc2aDufgu0UyqNJ6leE8ugh8Cah-KKo7kWQ0tjZ-UEiUsbQrpaBggtnPg2OpEVn5UCdO_fTohYAlzBXexPPuQZf9lTw
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DBED 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame DBED 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DBED 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Jan 2025 05:06:21 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DBED 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 12 Jan 2025 05:06:21 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame DBED 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=HBuzS96CE6D-1zVCyUDLT1rTLHSXsr-iILWvlnSQHd2rQHLqlsCTJ7Ag9dIXev6WCH0jfYjkhs05uR9X6ITptZ64TrocElJ5u0DNXvXOAwiwhcJ9_1n5H5hkOujQ9ND9A44KbKNoo1sFzOhGO-JqcFzCt8P-1Ryhr4Am02f1ksmVw5hnZege1ZpLOVA8bcRp29jRgqcPY_jOeC7hse2wRyMvGZ_3MUH5tvLbMquFwEsyL1U_QoiuxaLn70ggA453diYL5lsWwzppb-K6W82_p3BLW9lF2QkIJv3e_wfUwG36ZVznSXl_M8BhXcw58JcwWGLtDYy6g2P_DpenuHDqVc-uWR3cxIyK6tuNWzuQZ0Cydvu-5FTYQhwRX4F54BTDg1H33yie9Mu3m-TXtsnq1S49umS36MQYYIwnN790csish9fU
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2393056
expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C628 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGn_1zbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTHAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhUlPrCrfca4S_iUnyJbGPt5fmjm_egJHFibcnh-ottqkLI252ckCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MjkwNjM3NTQ0NzUyNzA2GAA&sigh=3wHKn2VfKSs&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_Md7Q8VGsqMhi9L7zV0lzhqO2KgszXmHhNiRAZPSja0JsIrNHqWPMOjOD8NpOFE8xYk5708OBGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame C628 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k47EGMz6RNYImAKdg2ICAgAAAJkCsN6lkpzMcQOMNrd69AMQzLGoZX-y3Ujs328yjTIAABIAAAoKQVFVRER3RUJEdw&wp=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=1849281375&pi=t.aa~a.2059122899~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1030&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=5&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
149621
server
Kestrel
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame 0BA2 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CyHYQzbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoExwFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4KQwiepyIHbJXWVGqcFH4XqWCUGhSqUHDv0RhCW68_D4ligzs-CqgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzI5MDYzNzU0NDc1MjcwNhgA&sigh=UQxy---ZrNI&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_p6699SCRoanPSrRUr8QszMgu4HrSgVJHELyggellJwGjkQ9Ht6tms4O6YnKXdyIlZncZ302dGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 0BA2 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k47EGMz6RNYImAKdg2ICAgAAAJkCsN6lkpzMcQOMNrd69AMQzbGoZTa_qzaFxvCElAgAABIAAAoKQVFVRER3RUJEdw&wp=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3391315447&pi=t.aa~a.2059124929~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2860&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
139252
server
Kestrel
content-length
0
truncated
/ Frame DA3F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92f729f856cd253bf7c2b3d428ac9bb0a701c03cf3d20bf214e307868f1bf60e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 8254 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEORoROD9mtSQz0-k_KrAX2s&google_cver=1&google_push=AXcoOmQ8inOOPEDAp2Bwin_xEebM9iGEJjWb36PlGyXJQV1_tX-IMeCv2P1WXmJkBmhuoTphcAonGGpKiJfkcV16o9BkDd1z1-nw4fWzo5n1H6PSZKtWJU7MZxH-JFh15L0iGBoY0jCxFb-zQvqv4itfGqqjgnc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 8254
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAEQQpc3nJE7MLYCab2th8M&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAEQQpc3nJE7MLYCab2th8M&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0lkdHNQazIxUnFrQkQ1&google_gid=CAESEAEQQpc3nJE7MLYCab2th8M&google_cver=1&google_push=AXcoOmS8ya21Rm3F09xKlBvmXJedbLsIKpRKENswEmhZyn5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0lkdHNQazIxUnFrQkQ1&google_gid=CAESEAEQQpc3nJE7MLYCab2th8M&google_cver=1&google_push=AXcoOmS8ya21Rm3F09xKlBvmXJedbLsIKpRKENswEmhZyn5kN_BcgdfmPZ7MZ6nFwDOMXu4C6UsWMZ8JUJXozjj4rwdDzlzv4sIXdSJdWbdU7wdY4qa9KJ5q4m2KK1PWbn3BGaoxx1K2sjizZrM7ln_wUvFMKkU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Jan 2024 05:06:21 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0lkdHNQazIxUnFrQkQ1&google_gid=CAESEAEQQpc3nJE7MLYCab2th8M&google_cver=1&google_push=AXcoOmS8ya21Rm3F09xKlBvmXJedbLsIKpRKENswEmhZyn5kN_BcgdfmPZ7MZ6nFwDOMXu4C6UsWMZ8JUJXozjj4rwdDzlzv4sIXdSJdWbdU7wdY4qa9KJ5q4m2KK1PWbn3BGaoxx1K2sjizZrM7ln_wUvFMKkU
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8254
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPvlEuHYZnGkJWAbIlKOTuU&google_push=AXcoOmRPX6Buu-Sm9ki41vI_WK02ZxExlcWTyH_xfP-gBXp20j1AzLj_jU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPvlEuHYZnGkJWAbIlKOTuU&google_push=AXcoOmRPX6Buu-Sm9ki41vI_WK02ZxExlcWTyH_xfP-gBXp20j1AzLj_jUi5nGLFPY-xQMIU-GkIBe9MnX62Wc_J0mQ3AQmxmMhCdiHnt6AGzUK2QvcR4loT-p47pIcnCdmlfzWbNo-4fFvRoSX6Q59cu_93kr4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220021-FRA
pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705554382.756049,VS0,VE187
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPvlEuHYZnGkJWAbIlKOTuU&google_push=AXcoOmRPX6Buu-Sm9ki41vI_WK02ZxExlcWTyH_xfP-gBXp20j1AzLj_jUi5nGLFPY-xQMIU-GkIBe9MnX62Wc_J0mQ3AQmxmMhCdiHnt6AGzUK2QvcR4loT-p47pIcnCdmlfzWbNo-4fFvRoSX6Q59cu_93kr4
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 8254
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEN20bnLdHVs8ONLg192SADA&google_cver=1&google_push=AXcoOmQ5Sl6sRBLDK-K5hkPMrfgLd8c2dMUX5lR9FtQCh1GDtGUhVkIdgIFGou5ktwzPtzAOud_PYWtBvCRh_YTXYeJNO7HyjJaOPV...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D077D9D8C464332943F3770F1E82A3D&google_push=AXcoOmQ5Sl6sRBLDK-K5hkPMrfgLd8c2dMUX5lR9FtQCh1GDtGUhVkIdgIFGou5ktwzPtzAOud_PYWtBvCRh_YT...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D077D9D8C464332943F3770F1E82A3D&google_push=AXcoOmQ5Sl6sRBLDK-K5hkPMrfgLd8c2dMUX5lR9FtQCh1GDtGUhVkIdgIFGou5ktwzPtzAOud_PYWtBvCRh_YTXYeJNO7HyjJaOPVoAWmilM5hFEgNM-cBlp2yzUYC7eqIPG7r5SSEB_ODN4e8iZgWWo2oV0Cg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1D077D9D8C464332943F3770F1E82A3D&google_push=AXcoOmQ5Sl6sRBLDK-K5hkPMrfgLd8c2dMUX5lR9FtQCh1GDtGUhVkIdgIFGou5ktwzPtzAOud_PYWtBvCRh_YTXYeJNO7HyjJaOPVoAWmilM5hFEgNM-cBlp2yzUYC7eqIPG7r5SSEB_ODN4e8iZgWWo2oV0Cg
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 17 Jan 2024 05:06:21 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8254 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENSsRdbA8oCnI0_8TP311GU&google_cver=1&google_push=AXcoOmSl5_7xQ_argqlUS1zYDF8FoWCzaeqBT2-A3_jF1OTOv8if3uN13YQyZGn-KeAuwqQ4kQmeREP56VmL8gfmCLx4viaSSMcTwC-z7N-ZwM1j1QXdXzMQMNl312VlEXXm--Ow7hZsFrP74WgH_4-lRyqxCig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 8254
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO7ftZPsGRSd4urwCBwD3GI&google_cver=1&google_push=AXcoOmR8T7QENK2ohL065Mt7NgcUNAZ1oq2_vETXAn_w-bFJ0LanPcS9QyeHklAhZFR0xZzGipRvKdcreBJrzucY5rKbCVM...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR8T7QENK2ohL065Mt7NgcUNAZ1oq2_vETXAn_w-bFJ0LanPcS9QyeHklAhZFR0xZzGipRvKdcreBJrzucY5rKbCVMNSfSg87Ymkua0fTQ1btTZfgQ6loY7ExWXxcy42...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR8T7QENK2ohL065Mt7NgcUNAZ1oq2_vETXAn_w-bFJ0LanPcS9QyeHklAhZFR0xZzGipRvKdcreBJrzucY5rKbCVMNSfSg87Ymkua0fTQ1btTZfgQ6loY7ExWXxcy42U8wF8g6v-F_y-o49HCrFUneLLw&google_hm=eS1zcGZMdkNCRTJwR3Vmdlk3OF8wRjZ6QmV4czZjZHM2c35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR8T7QENK2ohL065Mt7NgcUNAZ1oq2_vETXAn_w-bFJ0LanPcS9QyeHklAhZFR0xZzGipRvKdcreBJrzucY5rKbCVMNSfSg87Ymkua0fTQ1btTZfgQ6loY7ExWXxcy42U8wF8g6v-F_y-o49HCrFUneLLw&google_hm=eS1zcGZMdkNCRTJwR3Vmdlk3OF8wRjZ6QmV4czZjZHM2c35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8254
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGOHSE2EGa-9I-JfWmbSi-E&google_cver=1&google_push=AXcoOmQpVx1UxJg6t2ODvBvs6R9fLFGEFwdIVxEEIrEkxMquGAUOSLSl8EEDYLm6dw4zkm6S46WOc9TMJ94j...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpVx1UxJg6t2ODvBvs6R9fLFGEFwdIVxEEIrEkxMquGAUOSLSl8EEDYLm6dw4zkm6S46WOc9TMJ94jC5HNJuTLxshuQyAIw_1Dajva7auyi5XBCJCL...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpVx1UxJg6t2ODvBvs6R9fLFGEFwdIVxEEIrEkxMquGAUOSLSl8EEDYLm6dw4zkm6S46WOc9TMJ94jC5HNJuTLxshuQyAIw_1Dajva7auyi5XBCJCL8s4H7VfMrr35HG5HYOR1jKr2Y_oXlRVq7wvjso0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpVx1UxJg6t2ODvBvs6R9fLFGEFwdIVxEEIrEkxMquGAUOSLSl8EEDYLm6dw4zkm6S46WOc9TMJ94jC5HNJuTLxshuQyAIw_1Dajva7auyi5XBCJCL8s4H7VfMrr35HG5HYOR1jKr2Y_oXlRVq7wvjso0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 8254 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KoIzR-7piPwluTtZj_gfETikG11MJ5dWRFcwRaR188OtE4cQEuYd49Z8W9Cy4E4wvY0Jj3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame DA3F 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5fcuzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTHAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNdlVNFjCBX8Y6v2JgxYn9MI1bYRejT9aBluzdZz3W3nqlfYjhObH2ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MjkwNjM3NTQ0NzUyNzA2GAA&sigh=j8zwAweQT9c&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_viSIsnyYm9IUO9oO2R5gdjDeXV42cvGSQOccGy1pfYuCu2FQbzhO8r3duShmrVry_M71mPgtGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 18 Jan 2024 05:06:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame DA3F 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k47EGLr5RLAJmAKdg2ICAgAAAJkCsN6lkpzMcQOMNrd69AMQzbGoZaZ3ACflsIAhxPcAABIAAAoKQVFVQkR3RUJEdw&wp=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1200x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x280&nras=6&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=5&fsb=1&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
128582
server
Kestrel
content-length
0
animejs.js
static.criteo.net/animejs/ Frame DBED 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
img
imageproxy.eu.criteo.net/img/ Frame DBED 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=498&rid=4&s=sH1skQFj_hdJgNqzYCN12AHp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7db7cedb24e2894f1941c5ed1d69e6bcb1e1e6e85dd1f13022c56e99222258b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
50856
expires
Mon, 06 Jan 2025 01:54:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame DBED 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=800&rid=4&s=6GZ-z3UnPHH7JWpJ_vUFM29H&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
60ed3aa0d99f8b282f785e4f698796a7bf88ecd66bc6e05943dd007eab7a6f45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
16282
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame DBED 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Fri, 02 Feb 2024 13:03:08 GMT
all
csm.eu.criteo.net/ Frame DBED 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=u6g6ncLXDn3xTmCLapHjIxe1lGpwddiX_3rp2dKLtWxRqLigy_lPdCliSMJNryOp3UC4UZUNiOM5jDoWe5Uuk4mD4C6kd4yyALeP__6dWS56sxlfxBXd6NFEZ9415OB0qHPb0_os9AlmYnNh3RS4E87UDjID56ciI_4D6lvEUPswQ9sIzz7es-ZXg6LCB0NlbBNmEe6HNIpj__l4ieIzN0mckZKkMSarpAdTUXnfnsKbv-qEd_V1VlhvL-S1nh-xWC8v2Q&sds=2&rev=90178&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DBED 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DBED 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
worker-new.html
xtramy.api.useinsider.com/ Frame 7F59 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtramy.api.useinsider.com/worker-new.html
Requested by
Host: xtramy.api.useinsider.com
URL: https://xtramy.api.useinsider.com/ins.js?id=10008578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c3d3f8f234c097ceffd6fa4f04eb721a627e0149d07e68125f318b1be1bb841

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
2751
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
84744ee6d8b6927a-FRA
content-encoding
br
content-type
text/html
date
Thu, 18 Jan 2024 05:06:21 GMT
expires
Thu, 01 Feb 2024 05:06:21 GMT
last-modified
Wed, 17 Jan 2024 11:59:24 GMT
server
cloudflare
vary
Accept-Encoding
privacy_small.svg
static.criteo.net/flash/icon/ Frame B617 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame B617 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B617 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Jan 2025 05:06:21 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B617 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 12 Jan 2025 05:06:21 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame B617 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=PZoW7t6CE6D-1zVCyUDLT1rTLHQP5bXa8za7DKevohZSEoCute-9v-9cPY9RpQkyp1uZGTpobW-2wBBcvDj7RB0ELlvIKg8yY2b8_cwRZBgyLtY5V8t_SstSvmxNBy9uvBES4RXAdVl-rSU7Pyn1FGY3hhLr_EO7Y39HlLd-UWzCwrK59CQhodFsSkmnU1Tv_6dkwFIFefm5iUGgqbDsz6nL6HJWZhUbkOl-grMOAu__DUiSoEn4G8QP2tR33IuSvZwqfUr8jZU2QHjnRqnXKgULpXzVUNLxo3anfikmT6kKpxRHO2EXpOFgD6LZwQsAhxBcDXq5_10NpyKCCUB6gTI1hNQhPIdlX6_bABflSLdX_eFETUPj1dGnz9NExtw9OsLonLmmdFELFimmRq4HLLgZ5cONIrgGk0nigE2mL7xi5UkgVHC9Khv_TCbCGMoQuK0jQw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2334503
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 09F9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 09F9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 09F9 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Jan 2025 05:06:21 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 09F9 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 12 Jan 2025 05:06:21 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 09F9 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=s-hOgN6CE6D-1zVCyUDLT1rTLHRkQdjeNTWQaz3pYc193ZMMEW-q4hdvr3DQrNgBlWty5gnyBfvO5JO9rU-fOOQQ9rwVt1-6Bj6O9R-5Pnp_mdhpRdDo63zgzGfdbirBJKsSnRHYIvp4jGro_JXkdZTzhYLDhTokuuN4nCaBaX2ziLUUDwvApL-Fgus1ohPhtGubcHI8vKNgnlJm6qDFJvG4gOHPg1ukqDwITAiIct5gcicON0yB5YGuFBNW4qnbHVWztxr_kWZvOQruX5utGU48PeQEiUlPQS6jAXu-FHzW16zSmOhxSBAt2cK6IFLBM_AFTj66005dxpoLvxBPIUoAO9EGc38zp6zcgRe-WucL1WX_N41X9Ri6Bsl-eLZK5xoPkGeBuLRQDsH2ARM0xi_TtBJQSBVWsZY1LePMlSZoBYSSicBmUuzGZCKFBCihxu2Y1w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2838976
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 837A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 837A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 837A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Jan 2025 05:06:21 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 837A 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 12 Jan 2025 05:06:21 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 837A 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=iX7wEt6CE6D-1zVCyUDLT1rTLHRie4zKd6XTKHET-IWFPd9XjV0lyhGCNkEl9dqqJPbzejHIBmO1tTyBLOyOWRQYsypn3PyI20G9Uhrgu6CLeFvr2t3aMwznd0jexnqG32xAUdQx3SFhv5wZgAw5qQaxSpM3II6yxg9BVw7Wjworl8-VmttkuFG3XpRF3Akm8A5TjPTpsGou4nMjCfkEFrfd4S-yslXFDwPSl4QhJrOZcjkEpkK47MIUW6K5Eh2bEzFCJ_sm46-zOX4OPLJatl8n3zO7dtX3IkEV4jVarjiUfkvvBEuJAGcLg2w9m7Aam85iy8wf4B6Ek8yzDQ2vdo-8tSJdA7nmo94drN8Hkd2raOfo1TpEIEgFtIczhKpqHTxazjdeXV-kffjAD_sz2aReESdXJ9m3ONZ-SWnRmTV0s-T7
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2387210
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame CA45 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame CA45 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame CA45 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 12 Jan 2025 05:06:21 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame CA45 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 12 Jan 2025 05:06:21 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame CA45 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=wN0kGgB3cOPJ_eb1F5zrQD6CbvtdXgQ0br5w1qYxUYcvhZZq00hkTpbRv8OgSQG_5LAx-PM5tDobkpBVGu5r5imZTv85jxRDBiyQo8KOPci513xGQTAnnLCt2Ok-ri6u3AMJHuIk_ow_RLcmx1YnVMeULiiMvo4GOPS1xxxxEMFeGCC5f9tkYCktmKLJlf4qOqPuXZri32fXtHIJLspaAZL-9x1P-25-pOAZXm_k81uqfu6ilgYwMarQGFIR-3_rDsMvw9ZkzntO4GvnLn7bk7i4kfCnaA-vTXIy2mT4--eDU9crZFGvbneEAP7tWXdOAeo4qAw2om-cEGB8bl_Sz5uv1vT5BbkbDbYBb47rvNmrZpVUfHm461yveCLGYUg-Qh1hvyFPgN5Ola2rGWUi0s_0FIocGSmB_uQTO2fJrNxApPwi
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2222560
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame B617 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
animejs.js
static.criteo.net/animejs/ Frame 09F9 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
animejs.js
static.criteo.net/animejs/ Frame 837A 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
animejs.js
static.criteo.net/animejs/ Frame CA45 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
img
imageproxy.eu.criteo.net/img/ Frame B617 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=498&rid=4&s=sH1skQFj_hdJgNqzYCN12AHp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7db7cedb24e2894f1941c5ed1d69e6bcb1e1e6e85dd1f13022c56e99222258b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
50856
expires
Mon, 06 Jan 2025 01:54:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame B617 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=P5mhH5gFjmG1_jQYQfekpmb0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame B617 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=800&rid=4&s=6GZ-z3UnPHH7JWpJ_vUFM29H&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame B617 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Fri, 02 Feb 2024 13:03:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame B617 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=800&rid=4&s=nK4TKOFBzfHIIkA2nAKvp5i6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15494
expires
Sat, 03 Feb 2024 04:35:54 GMT
all
csm.eu.criteo.net/ Frame B617 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=I3zJxcLXDn3xTmCLVv6Y5rrx64g0g_wZ9dqC4WUDZGbMQEgLoD0ewos7LCeL4F3BxTgJFlr5lUH29FukMDe6bZ1sxUmi4iq9q-uCZOvKSaKBphSmyhd_B7dbMTK3-XYz7Zxdr75ydZM7cMWMp9nuM1tJUvDif1S838ZKYImWLUGudQVuKTbNeue0OdweaXN2Q1C1pdCOA1-ENHJ4vAisbKp18ZduWUbqGaPlbneiHqFRewEq6OmG8ZDLKbrDq6D0CB3K-g&sds=2&rev=90178&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B617 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B617 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
img
imageproxy.eu.criteo.net/img/ Frame 09F9 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=498&rid=4&s=sH1skQFj_hdJgNqzYCN12AHp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7db7cedb24e2894f1941c5ed1d69e6bcb1e1e6e85dd1f13022c56e99222258b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
50856
expires
Mon, 06 Jan 2025 01:54:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame 09F9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=P5mhH5gFjmG1_jQYQfekpmb0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame 09F9 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=800&rid=4&s=6GZ-z3UnPHH7JWpJ_vUFM29H&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 09F9 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Fri, 02 Feb 2024 13:03:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 09F9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=800&rid=4&s=nK4TKOFBzfHIIkA2nAKvp5i6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15494
expires
Sat, 03 Feb 2024 04:35:54 GMT
all
csm.eu.criteo.net/ Frame 09F9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=hkm0K8LXDn3xTmCL0_KSLHZygsO0svHLva-_gKhAoN_heL02cuNIJjA2GopmMDida64Ki7Ja_2gEuhATKvH4NI_tPfxmFpECUbhBeUB5brf6ugfceaJqTc-CFZwzO0WjGM4sBXWwWepv-h-LT3ifTQKmfA0iPpBl7S4_pJRVc2Da4q04o8EOIZ039XRZb8kGATseTJlL7RrqsPuKDKif8iYtnqaDNdrKr9CX7mAw4jil_hSTNpVCZm7TvbU-LPyr-EQ5bg&sds=2&rev=90272&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 09F9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 09F9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:21 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=498&rid=4&s=sH1skQFj_hdJgNqzYCN12AHp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7db7cedb24e2894f1941c5ed1d69e6bcb1e1e6e85dd1f13022c56e99222258b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
50856
expires
Mon, 06 Jan 2025 01:54:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=400&rid=4&s=Mk6aCbOMrkhsLsruILQ6XPcB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15494
expires
Sat, 03 Feb 2024 04:35:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=u33XSXyHuVIVHKM5y7bQsqKb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=400&rid=4&s=y6WD4NEI1u8djBjaHxlKjpLy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=jlK4xXIF2hBRwd2TfO2bBhxs&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Fri, 02 Feb 2024 13:03:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=400&rid=4&s=Y7TV4IKYmPwHaoQnJZw2a1ST&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
22540
expires
Sat, 03 Feb 2024 04:28:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F7957_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=bRP7DNbzrF3Hwzw2mOcglj4v&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ade73d875348d5e8ce1cb2a9f5e022f195a1d6ffefd7ce9ff9234104e87b6002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14118
expires
Tue, 06 Feb 2024 10:15:42 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F2200_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=6OORgUOI7KJbx7_gxHpfZNi1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
17770
expires
Sun, 04 Feb 2024 20:24:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=RzvWYVAWiQBN3-EATcf8H9O6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
16076
expires
Fri, 02 Feb 2024 21:55:52 GMT
all
csm.eu.criteo.net/ Frame 837A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lwNm68LXDn3xTmCLwEgWAPtju0wg4sZDIchddbpTzUJuxbdd-AahxpwMc738kYbAbLmXsp-fQgXV954ngPzFWuM18y3kHetDaiql882cvqdZ-YIWHw4clip9nG_-64lNostJrKbT-1nqWQNUeMlBHxqofrhMO7FW9bOG3bV6QFsd-dX3awQZMOsSr5QDoY0hAGfdr1rjmp5mDvqs9i6QwUnpwJ8yOXvWo-1FcgIR78UuNyEP4wWbORRkQ_FmjXI601zKSQ&sds=2&rev=90178&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 837A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:22 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 837A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:22 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=400&rid=4&s=y6WD4NEI1u8djBjaHxlKjpLy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=u33XSXyHuVIVHKM5y7bQsqKb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=400&rid=4&s=Y7TV4IKYmPwHaoQnJZw2a1ST&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
22540
expires
Sat, 03 Feb 2024 04:28:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=jlK4xXIF2hBRwd2TfO2bBhxs&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Fri, 02 Feb 2024 13:03:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=400&rid=4&s=Mk6aCbOMrkhsLsruILQ6XPcB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15494
expires
Sat, 03 Feb 2024 04:35:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F7957_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=bRP7DNbzrF3Hwzw2mOcglj4v&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ade73d875348d5e8ce1cb2a9f5e022f195a1d6ffefd7ce9ff9234104e87b6002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14118
expires
Tue, 06 Feb 2024 10:15:42 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=RzvWYVAWiQBN3-EATcf8H9O6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
16076
expires
Fri, 02 Feb 2024 21:55:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=528&rid=4&s=ivw_bvHA_3V0TvjH4yeRBukD
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
55005
expires
Mon, 06 Jan 2025 04:52:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F18414_102.jpg%3F1680159992_2&v=3&w=400&rid=4&s=goyLgJwy9i0wu1RsMHWguuDt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f7c7cce66953f74b522c42302738a76575ba2ae2214b96a01e07626d0397160c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20754
expires
Mon, 05 Feb 2024 12:28:24 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F8237_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=ZJKmhFR-95Yu-7xidx-HlUNe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
53365de4339f9c2411e9bb1a56364597003ba69684c3d79182cbdb3eb64b6e60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
8508
expires
Fri, 02 Feb 2024 16:16:50 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F11464_102.jpg%3F1637921167_2&v=3&w=400&rid=4&s=4YgzIkTZyZP-3tuHQ0kqK0xl&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b085e3451c5c297d21e6911304fbfc045ec67a38adb9fbf05140c2065d4e8a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15440
expires
Sat, 03 Feb 2024 08:33:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F2%2F7592_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=aIsQe5nT8SWH2w0Ajbt2k8gU&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
43716c457b41ff7af790641d846ee62abf12521f2267a58e7b3f3058f9d43315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
16636
expires
Sat, 03 Feb 2024 06:21:13 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F2%2F11462_102.jpg%3F1637921120_2&v=3&w=400&rid=4&s=v2GLxt4-_qaeqfM9NRcN9tU9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c977074577b6caa6d4122af45c4872d15a35036e9f71ac7573b5fc6747a29f41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
11410
expires
Sat, 03 Feb 2024 09:45:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F8%2F7958_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=hK11PDma7kvAvlKzKOxUv42J&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a7a7014cb3e7f819840aa93f9172df83a58f9fe1dfd9ee588153f7ee3060de0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
2842
expires
Tue, 06 Feb 2024 10:47:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F2206_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=jNlu7LYGjq4H5ubmOm8Bea0a&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a2e5747806978bae9098dc75903a52aafaaa9a4785a59b1f286cbec54dac24aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
9700
expires
Thu, 01 Feb 2024 04:12:55 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F7324_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=vzV1y0aocvKGSYvxLc-5k3mP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
702ecd49a02e24f6a8cd90db757f3da97673e55f9d64a5bd97de20c99921e440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10996
expires
Fri, 02 Feb 2024 20:27:05 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F23360_102.jpg%3F1704443928_2&v=3&w=400&rid=4&s=2WS9nTkGVVwYWuczmL-Leixw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e03559e9ac473c568fff08b9a2b72b3952a3d1341b17fe21c9d83ef7fdc66d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
8986
expires
Thu, 08 Feb 2024 21:30:34 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F2923_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=XFlTiq7X4FAYvc9wULVWRoKT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
53924903261f2374799878e591492cbef5bd9ab50c03780987ec7f809d47a50d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
4230
expires
Fri, 02 Feb 2024 14:00:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2924_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=AQf9DgQR_JKMnsGVJ-1jkHOS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bf08944c2e2a9fea15a39970456f973da7e6ef177bdc53623fb36be8e4eb5220
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
7078
expires
Sat, 03 Feb 2024 08:13:50 GMT
all
csm.eu.criteo.net/ Frame CA45 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZwYikcLXDn3xTmCLXAanCTbSEqXeOceJdZw_y9DGwnQwQMhgYpYRCz0W5Qzkbh3qcfQ5RnLKFgU9-OhC_E5SxMLZMFNIakg9IJR8xDpfk6Y2GECqNJNDyU78fbdD2BkN44gBND3Lz-YSVtzAMwLo3h2InVN3B2kwnyk43gJLa4l9AAKPvg7BHNYM9Oa_agcIeRagw6aE3bCbnnwnA2fyFu1TVMVIVaOeZ_mg7Rswlwloo6p9WhGfuh9Lnio&sds=2&rev=90178&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CA45 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:22 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame CA45 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 12 Jan 2025 05:06:22 GMT
img
imageproxy.eu.criteo.net/img/ Frame DBED 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=498&rid=4&s=sH1skQFj_hdJgNqzYCN12AHp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&u=%7Csu%2Bhjjs%2Fz2oA6%2BvlAHJWV38m3kxa1hdly1YFrejoE7Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluaujhZYSClPcB9qiEHnzi86BnX6JfLJucwoC-ncgmHOmla3oKWXrrAXHyxNAaCGWKHxZnafaY7GntQxDYmdY2DTGDnQNtULbHIpRijHdEZFnaFbNrIMQ-ShxLZk-WHr2fmBilxDEOsNpxbLSbWXq3TeFDTDrk2boBLPurw7Ja6yBtTFNQepknEghW48BIRQvnbWE4mPXKgc3KuHNMjoGQewwwc6H2eSXk2WfhKziEhSSc5DXiYBZOKwmZUFfRTVqAFkZKki5piphZ2L31I4YKtYohO4mvsu-L2JouAOq1ISSie41Ss39iWczOK9k-7YpHRh-JCEqC0igo3Bt_xMitUnf5-rScEUkGtjOaBYl91PdOIoWMNIyARdfc5nT-pmltm0dOQRMtNktCB4025ESF-IMTBRR6mMm_V4Qyz_FQtxMYioVCmwII-s0Q6neJB_pDy_sn7s0CvPS4AD__jMBdNKXuNc1d6AeUMm5eTuskVw76N-1XI-lkA4H3udq0oF0T4-jsbtMy_-AzHoNXYm45fgQevcfTlpqYJgLGjXNlYzUpUCpDeDZ05Ro&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxjS8zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNOtDQk-iWmDqNmQh7ff6I2ZjnUcOE8TG290ta9CEGg_ejaVtCmC40pACABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zfn9c0eGBsCeDal7huRVAkPU4Lg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7db7cedb24e2894f1941c5ed1d69e6bcb1e1e6e85dd1f13022c56e99222258b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
50856
expires
Mon, 06 Jan 2025 01:54:31 GMT
1705554382061a79b0bd29d.3c6193b0
segment.api.useinsider.com/v4/segments/ 		927 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://segment.api.useinsider.com/v4/segments/1705554382061a79b0bd29d.3c6193b0?partnerid=10008578&fields=850a62f6d4233f0773c414bafc4e3e22,32050b2f181fff689237e9c290204f42&
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34df0c67d741f83bf0793fa3cb0cee89c23bec05f386a56cd2d9c738dd7736ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cf-ray
84744ee8fd1b9277-FRA
/
locationv2.api.useinsider.com/ 		241 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://locationv2.api.useinsider.com/?v=2&pId=10008578&
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31bbaa9086f9dd823b3dc2b3aab549701b2400dea0f275f78761af2e1d54900

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cf-ray
84744ee8fca003d0-FRA
img
imageproxy.eu.criteo.net/img/ Frame B617 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=498&rid=4&s=sH1skQFj_hdJgNqzYCN12AHp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7db7cedb24e2894f1941c5ed1d69e6bcb1e1e6e85dd1f13022c56e99222258b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
50856
expires
Mon, 06 Jan 2025 01:54:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame B617 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=P5mhH5gFjmG1_jQYQfekpmb0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame B617 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=800&rid=4&s=6GZ-z3UnPHH7JWpJ_vUFM29H&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame B617 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=800&rid=4&s=nK4TKOFBzfHIIkA2nAKvp5i6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15494
expires
Sat, 03 Feb 2024 04:35:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame B617 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACsQsK7IySAAQ0s5P8sBFMfD8s9mwXvA&u=%7Csu%2Bhjjs%2Fz2qmJDgXdyBHTcBE18u%2F33fRoi6%2ByFNZm68%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluavF45V2pcfs83rz5Qw8jXGs3QjphUpHIBqekYE4_1BjIBDsBITpmYiN_knJcNk_b8baB9yXz34ERqBuxc0L0fPfK2tMJgCKX55cXX16yuQBDascblut4FwecZbpkUeUcbLXV0g4NbpWWRa2ppXU5PooAhhMv5o8xTg25BpQMkVRkirCGu11IINEyr5gmTJSwQ8bgf_bis5oGRdXqlL6L1Vr4GilpxMnWwaTtNwyy55GM09rXzEKwOeJ-MN3zm3i-gaMBVRuIbjCYo7jEN1BfZWlxCJFn9uU18OVWnqPKs9PNUVQVNptNbm55J55UVQdjaAbHRmwdMFhhXuoOwjuWop1HBIcSsMWdLANDr_bcxGnG4oJ_hTHtEJaoofKbUxeeYANi_44SPajVy5V4HDYBgt0s1SjvdoHIEwUEuOLHCdJmLbXEosswqna4-TaDg5BJ2OuqBgGpc7kpJjBw14Q9wJXgAqbhn57PHdaNCQDPUiHTLsO4Rd5FMRl5_JXHeElLeKErBahhSatowW33AG9oQKQNfUQtOdJifUcRtwgLpzuevVWltrz68kY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfzg5zbGoZYviCpKZsgez6ZCQB8me0rFc9eqhhogBwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVbrobOKKTMCFg1MpZPMSF3oyP3DmiP2Tj5iWBlhmpwjLyojfyHakVjkerp0FM5mG7S_GlAe-JvjTTdSxzFcK9S8ZhzRuDvAd7BLxO4pqaOOARUPl15Sg8BvG5XVAoUzkmqfoefvibxvGeTnMC_k5o7Wz9nkSHog3Qa0f8p-vv1Ry3IntGYXgU_grXkj4d-lGs1Pg0Q4-ObDgpiNLLybamSFAUkXY_fXc7RElUliP6fLB2xjbWzhx2NbUbZ1z6lW5GJtlJquX7MGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5wJ-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yaJkTjse4D7tWWWQLX8iTJ37a3Q%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Fri, 02 Feb 2024 13:03:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 09F9 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=800&rid=4&s=6GZ-z3UnPHH7JWpJ_vUFM29H&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 09F9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=P5mhH5gFjmG1_jQYQfekpmb0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame 09F9 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=498&rid=4&s=sH1skQFj_hdJgNqzYCN12AHp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7db7cedb24e2894f1941c5ed1d69e6bcb1e1e6e85dd1f13022c56e99222258b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
50856
expires
Mon, 06 Jan 2025 01:54:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame 09F9 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Fri, 02 Feb 2024 13:03:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 09F9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=800&rid=4&s=nK4TKOFBzfHIIkA2nAKvp5i6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACu6YA-S4UAAFR8pSIfxzFcL6ZNYwwaQ&u=%7Csu%2Bhjjs%2Fz2qZaKBdbNlH%2F5sGp%2BTUHy18JglOfbBDRFw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluanyXlyQk1O67lAFBHJfi9dEL-hrQuzHKGnfTnyUxAMDq9I__JeTdGClHEqiu6qh6LKnvnn6S-NAKAkID6_Rwq7CCb3exTfy_BfmGPbG5sWRkHJVWSaC8TuonkNlmEXcwEItfTc-sfjgQYi25ZulpKlSoqKNxGKrIAqQpOnFa8b5CHycqaIntkgfNx6DmSjUosXLAeH0YcZpb7zcG0Nz_lhPUskcYAyzc6L3CYdbi9hz0rWbFv_aZR6tAZNiUZmDmbP8ENvqKdBHICq8BBFCFifZn-v6mYgUTfEFMelnFMwHhQL1JPH4KyMdQLyBf1oReixss0X5N3OM0ji9EKdVfynk-u0tECWvHsYHnXHtpseHB7rnZZjUd4diuHrmklJb29vEtVP5ODZwnB1C2_9498uiiElfZQW2NTq5DGhRv6xHtbH7ZyFeCumjxcLpKC87ppek3BnP-TyZiQwGuNzIINRSUPwPObhSvTVL5aHINvMN-B2fZsIGvvu3-dfM78WTCSxthJZM2F-RcK_M6lfogj9YrxLJ6vylRwqE_7qF6vh2r1QYdYQVBIyDC_B6RksGZvg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6kM-zbGoZab3CpTc5LcP8qOF0AXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MjkwNjM3NTQ0NzUyNzA2yAEJqQI9mh0vtj2yPqgDAcgDAqoEygFP0JJY0sC6DK5qab0WxzVdgKbNNxw2FUD5XgsKBr0CRtjyldZEIA5y9bmhbKQVAnIBusfXkpri4nUEsaXbY0Y6PnipWhZZMYbC79Cgp85E_IoFVxwSwxFLBWpbUrGX5so4EfhMStp5o9Dunqj9PHl7HZhzkTMef1C-DT7koBe1RHFfSYvHBFxvlZY5x76DkjXB8oKiIXd_i8_bFxb0t_XJ4OYyqHjys6b0-7Vhc01nCN6YLksXQIsfjEnZuYNITO7UjrD5J8BDuT5lgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY-syfmJXmgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0mUdHOOJ1ogY-MAfhQ54icGz3HMQ%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15494
expires
Sat, 03 Feb 2024 04:35:54 GMT
collect
x.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.xtra.com.my
Date
Thu, 18 Jan 2024 05:06:22 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
img
imageproxy.eu.criteo.net/img/ Frame 837A 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=498&rid=4&s=sH1skQFj_hdJgNqzYCN12AHp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7db7cedb24e2894f1941c5ed1d69e6bcb1e1e6e85dd1f13022c56e99222258b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
50856
expires
Mon, 06 Jan 2025 01:54:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=400&rid=4&s=Mk6aCbOMrkhsLsruILQ6XPcB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15494
expires
Sat, 03 Feb 2024 04:35:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=jlK4xXIF2hBRwd2TfO2bBhxs&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Fri, 02 Feb 2024 13:03:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=400&rid=4&s=y6WD4NEI1u8djBjaHxlKjpLy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=u33XSXyHuVIVHKM5y7bQsqKb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=RzvWYVAWiQBN3-EATcf8H9O6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
16076
expires
Fri, 02 Feb 2024 21:55:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F7957_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=bRP7DNbzrF3Hwzw2mOcglj4v&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ade73d875348d5e8ce1cb2a9f5e022f195a1d6ffefd7ce9ff9234104e87b6002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14118
expires
Tue, 06 Feb 2024 10:15:42 GMT
img
imageproxy.eu.criteo.net/img/ Frame 837A 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=400&rid=4&s=Y7TV4IKYmPwHaoQnJZw2a1ST&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
22540
expires
Sat, 03 Feb 2024 04:28:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=u33XSXyHuVIVHKM5y7bQsqKb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10070
expires
Fri, 02 Feb 2024 12:26:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=400&rid=4&s=y6WD4NEI1u8djBjaHxlKjpLy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14338
expires
Sat, 03 Feb 2024 04:47:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F7957_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=bRP7DNbzrF3Hwzw2mOcglj4v&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ade73d875348d5e8ce1cb2a9f5e022f195a1d6ffefd7ce9ff9234104e87b6002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
14118
expires
Tue, 06 Feb 2024 10:15:42 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=RzvWYVAWiQBN3-EATcf8H9O6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
16076
expires
Fri, 02 Feb 2024 21:55:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=400&rid=4&s=Mk6aCbOMrkhsLsruILQ6XPcB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
15494
expires
Sat, 03 Feb 2024 04:35:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=400&rid=4&s=Y7TV4IKYmPwHaoQnJZw2a1ST&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
22540
expires
Sat, 03 Feb 2024 04:28:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame CA45 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=jlK4xXIF2hBRwd2TfO2bBhxs&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACyQ0A-RWtAAn8dbpTFi9_Tski-nSr3A&u=%7Csu%2Bhjjs%2Fz2pfxR9X9pfjZDdNvZstqmPcHbgPOKRcg0Y%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK97KbJnG2p_Uy6-LvqfY5rb5rNo03sEOFoKtRynHiKQ_UCf3RRhFOze0cLY27H-zmeAcpDne5BeNWxWXstD4Rm2v-cgrO_QlccYdYglqWuOxS1NaTkMKoTQ2567Zxo3oe82scCw7cTe29cufMsGpEvpbbpiiXc3SDP4yDBNBbGkMTFnR0AXjo1MNcsOJlTlmeKuAwsjRuVNhUYG9CB3LpS1LV6yuNO9r673lEMD1FdjQ-u0nbJG2f6gPUDmqmFpG_YDWBX3tsPl-jba6Uns82ecMKpLw09H7xrrYlNzv3DjVQeKaVDGukoF2GdqFciJXJ80t8a6Qu2xEaYQZkNHn14ZgGUhs9GSGV_0Fje8_qcvhUTZ9FBqJwD9RtYMqVXa1uUDdaPI9ph44pXtJc0Y5Z3rl2qXhyJxm-nBd9jrRs-D-jU7rAACVjBADvKpHWB3NigiIqIIDbzAEZiPnY7EdmbfTkbjnQRm7TzVzwQ7LU2JeRWN8PGP23cF8qiBfSk94iRj3IcwOxJZPwoumeGsDY85U4aB-iLRuuuwkZLtJdVmlH8bs23_GA7UIz-mdg_P9-kP8gGXV8b94hXLXqbvZ802hKnj_juZXQ04&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTtyhzbGoZY2SC62r5LcP9fin-AHJntKxXL2Ol_dwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTKAU_QrfPOB0uWWIlYhQm8x-zgI1TKeSx4ZMliP6EPszKObh4LfVMpoJQLdKgpJy_LZHAY4bR_DPSwKoBWv2xFjK3sqeC0aicYVwn4bgyNslvQRJopL0NPKHS6MjKiX0vivyvwxbaEi1EAkTz6JiVlap9-vRcTLZ9Ti3yj2cOsBFomfoGI45KNECiM8FAfyQVpM9GGngDsZp5ZQ95kfe3ktZNd11FkHqDEIbMJCL_r7l-lh1j_T17Z27jnD_9kaYcIgIVH-vLaTJR9xHGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljC45-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JrdoKTpzmWnEKPrM5ZnjpUg79Lw%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Fri, 02 Feb 2024 13:03:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C452 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtGE4zbGoZbq1CruM5LcP462IsATJntKxXL3plfdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAj2aHS-2PbI-qAMByAMCqgTHAU_QHrVG6Zod0SF7v2lzg4rRiNHgQnWy_Bpm2xf1W4HZ9DomGGRuMjQA6spPnFCL0W2D9ux3A2Y1EnrDu-834HTLY8lqS4IlSBQilDPSl212bYlwzWG4xN9Qrihype6IYyE0I7clcdecTActjmv7lusNo3L05A1g_9Zn2P4ndMxtQ8MnIyWwY5X7l-12nCntm1X5MMgXyIIkAn7EnbfEzqDNeNLxAWgFSAcrSS-h8d5hfZbAW3WO3yk0Q4NnUtO5ndu78ZHWuMeABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirm5-YleaDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MjkwNjM3NTQ0NzUyNzA2GAA&sigh=bXADAl5C97c&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_TGCc3glwWum8XtUDCGGH9q3eidD_DKAiLXwU9na2XzY1NEsmD2aXVXt22h8LTn4HIIutaUp-GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 18 Jan 2024 05:06:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame C452 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k47EGMz6RNYImAKdg2ICAgAAAJkCsN6lkpzMcQOMNrd69AMQzbGoZZcM9HkNntw_SxMAABIAAAoKQVFVQkR3RUJEdw&wp=ZaixzQACmroA-QY7AAIW40Q9fHLAucpp2N2JEg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.113675909~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0&nras=2&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:21 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
135274
server
Kestrel
content-length
0
opt-in-dialog.css
assets.api.useinsider.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.api.useinsider.com/css/opt-in-dialog.css
Requested by
Host: xtramy.api.useinsider.com
URL: https://xtramy.api.useinsider.com/ins.js?id=10008578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
60929
cf-polished
origSize=4371
x-xss-protection
1
pragma
public
cf-bgj
minify
last-modified
Wed, 17 Jan 2024 11:59:24 GMT
server
cloudflare
etag
W/"65a7c11c-1113"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=259200
cf-ray
84744ee90a29927a-FRA
expires
Sun, 21 Jan 2024 05:06:22 GMT
native-push-sdk.js
eitri.api.useinsider.com/static/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eitri.api.useinsider.com/static/native-push-sdk.js
Requested by
Host: xtramy.api.useinsider.com
URL: https://xtramy.api.useinsider.com/ins.js?id=10008578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c1128acfce891e4b9781288eacd460e960d8e36aedbbbdd0e75d7cfb7d0a2a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
x-amz-version-id
3rPYIQ9r7PLp0wPPovWtNJW3Vmpuqzr6
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Jan 2024 10:46:43 GMT
server
cloudflare
x-amz-request-id
93T3PQ458TSDBB79
age
1037
etag
W/"9b18617688725befae3acc3cb43ed7ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
84744ee90a31927a-FRA
x-amz-id-2
PVeWTO5arqhF4AqWvc7jtjrPW27uYVq0AeJHVf9FSUiEYk+Vl64HLpOd+HNtZBWt3pq76otMins=
expires
Thu, 18 Jan 2024 05:36:22 GMT
hit
hit.api.useinsider.com/ 		16 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hit.api.useinsider.com/hit
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
request-id
8a6ce2c1-f514-4be4-9572-3130ae19e4b5
cf-ray
84744ee99dc09277-FRA
content-length
16
collect
wp-log.api.useinsider.com/v2/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wp-log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy54dHJhLmNvbS5teS8iLCJyZWZlcmVyIjoiaHR0cHM6Ly93d3cueHRyYS5jb20ubXkvIiwidXNlcklkIjoiMTcwNTU1NDM4MjA2MWE3OWIwYmQyOWQuM2M2MTkzYjAiLCJwbGF0Zm9ybSI6IndlYiIsInQiOiJzdG9yZUxvZyIsInR5cGUiOiJ3ZWJQdXNoIiwibG9nVHlwZSI6Im5hdGl2ZS1wZXJtaXNzaW9uLWltcHJlc3Npb24iLCJicm93c2VyIjoiQ2hyb21lIiwiaXNNb2JpbGUiOmZhbHNlLCJ1c2VySUQiOiIxNzA1NTU0MzgyMDYxYTc5YjBiZDI5ZC4zYzYxOTNiMCIsImxhbmd1YWdlIjoiZW5fVVMifQ%3D%3D&t=w&pn=xtramy
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 18 Jan 2024 05:06:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84744ee98a6b927a-FRA
content-length
0
vary
Origin
collect
wp-log.api.useinsider.com/v2/ 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wp-log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy54dHJhLmNvbS5teS8iLCJyZWZlcmVyIjoiaHR0cHM6Ly93d3cueHRyYS5jb20ubXkvIiwidXNlcklkIjoiMTcwNTU1NDM4MjA2MWE3OWIwYmQyOWQuM2M2MTkzYjAiLCJwbGF0Zm9ybSI6IndlYiIsInQiOiJzdG9yZUxvZyIsInR5cGUiOiJ3ZWJQdXNoIiwibG9nVHlwZSI6InB1c2gtcmVxdWVzdCIsImJyb3dzZXIiOiJDaHJvbWUiLCJpc01vYmlsZSI6ZmFsc2UsInVzZXJJRCI6IjE3MDU1NTQzODIwNjFhNzliMGJkMjlkLjNjNjE5M2IwIiwibGFuZ3VhZ2UiOiJlbl9VUyJ9&t=w&pn=xtramy
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 18 Jan 2024 05:06:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84744ee98a6d927a-FRA
content-length
0
vary
Origin
hb
hb.revid.my/ 		64 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.revid.my/hb
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:27d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a676f0f967826cefe6759dd370fc455ef7d7fe077f6de37a84aeeeb345c4404e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 18 Jan 2024 05:06:24 GMT
via
1.1 google, 1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.xtra.com.my
x-cloud-trace-context
bba4fae2501e2f6f0d272d748fe60258
access-control-allow-credentials
true
cf-ray
84744ef469982bee-FRA
hb
hb.revid.my/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.revid.my/hb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.xtra.com.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.xtra.com.my
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84744eec4ca235fe-FRA
content-type
text/html
date
Thu, 18 Jan 2024 05:06:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin, Access-Control-Request-Headers
via
1.1 google, 1.1 google
x-cloud-trace-context
566d428a520d174dae30539ca749a3cd
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
events
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/ 		0
0
events
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.87.4.75 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.4.87.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://www.xtra.com.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length
43
content-type
application/json; charset=UTF-8
date
Thu, 18 Jan 2024 05:06:22 GMT
x-cloud-request-id
zg8ZZxDJQ2eZIaZ8xumANQ
activeview
pagead2.googlesyndication.com/pcs/ Frame 12C3 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxW8Tp7XqAl1B4h8uY_5Gw0dhpEbzRoyuFLYk3jJdpb17LWc6MzQsNNadTvkO9Jsh_pDsLQeUaXzqPcbn2BZir4m3jiQ9MXZ5LSK0ALrvGxnK-gZUFycuPl3hnLYkGiQiigHZlfABHvGQFT2ZyDYMwuaMH&sai=AMfl-YTrkRyTL-8wqNOyNIDt56Sc5H88KfdvQSrBsF4ZIswgBVfyrTIgiF12mxM_m0kuANWMCaaNWIrDezWYu3BGm1QLdTT5dZ8wYQnIpfa-EQbtPBjjESiHeCI25pJjs3muuzWPrg14-POTFTA1AyZd&sig=Cg0ArKJSzH4KwPLTc5FDEAE&cid=CAQSTgAvHhf_udOEZcELJGFmC-qgeQ8jMAIJhT0TB6sDjnUtNR_UDpI9ZNkTHSwCc0eh7OJ1_T3rpONCyq8Wh_HE-rKhDY6aNe9dfnCl9c_5nxgB&id=lidar2&mcvt=1000&p=643,315,893,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2031620976&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705554381131&rpt=258&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.xtra.com.my
URL: https://www.xtra.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:2c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 07:29:08 GMT
content-encoding
gzip
via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:03:21 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
77834
etag
W/"65838ed9-9630"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
waBT_Q7GUoTWLQRWZse-W8iGZRDQ2_n-aPK9nlg1ny5IpQ21N5XKOw==
expires
Thu, 18 Jan 2024 07:29:08 GMT
rt=ifr
bcp.crwdcntrl.net/5/c=7269/rand=894549618/pv=y/ug=%23OpR%23101615%23Tonton%20Extra%20%3A%20Article%20Title%20%3A%20XTRA%20-/int=%23OpR%2378253%23www.xtra.com.my%20%3A%20Total%20Site%20Traffic/ Frame 6402 		181 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=7269/rand=894549618/pv=y/ug=%23OpR%23101615%23Tonton%20Extra%20%3A%20Article%20Title%20%3A%20XTRA%20-/int=%23OpR%2378253%23www.xtra.com.my%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/7269/cc_af.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.68.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-68-125.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
eb922d8aa175b8fe481c695f4fb7e741c8eb665ef7469c305d2d4414a5e2d678

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
181
content-type
text/html;charset=utf-8
date
Thu, 18 Jan 2024 05:06:22 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.30.106
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401100101&st=env
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a25b209d049367e6a3786a34317b493a31c8eec591ad4704dfdec411834e4d18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12176
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3866E7AFBF9642FEB0A22261F565F507&RedC=c.clarity.ms&MXFR=34CC8E7657116F1913419A7C531161C1
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3866E7AFBF9642FEB0A22261F565F507&MUID=13CBBB8E391D653E0261AF84389664B8
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3866E7AFBF9642FEB0A22261F565F507&MUID=13CBBB8E391D653E0261AF84389664B8
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:22 GMT
last-modified
Wed, 10 Jan 2024 21:11:32 GMT
server
Microsoft-IIS/10.0
etag
"d765ee95944da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:22 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C79F52F9E28C4D88A3302E1618BC9A8D Ref B: FRA31EDGE0512 Ref C: 2024-01-18T05:06:22Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3866E7AFBF9642FEB0A22261F565F507&MUID=13CBBB8E391D653E0261AF84389664B8
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KM2DDTPDW6&gtm=45je41a0v9108145860&_p=1705554380229&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1371778314.1705554381&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1705554380&sct=1&seg=0&dl=https%3A%2F%2Fwww.xtra.com.my%2F&dt=XTRA%20-&_s=3&tfd=2872
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KM2DDTPDW6&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=xtra.com.my&p=%2F&u=CzjR6-B_9MmID0rk96&d=xtra.com.my&g=65124&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6010&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.xtra.com.my%2F&b=2857&t=BguWMsD4xsEnDCKIGoCWdhowBZTqYN&V=143&i=XTRA%20-&tz=-60&sn=1&sv=qr4oqB-iOfXCMwmL7BNf8bSCSRPC4&sr=external&sd=1&im=067b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.105.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-105-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 18 Jan 2024 05:06:22 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 05:06:22 GMT
Untitled-design-16-150x150.png
media.xtra.com.my/2024/01/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/Untitled-design-16-150x150.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21fe7527316643765d03e1a71683eb0d9941cbafcbae387dd443880d5612ff7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
x-guploader-uploadid
ABPtcPrAGz4SAnRQrEM0VEqFGNT8E93CL1joBNKerla-2dkEkF79O02cFtVvlpiJU4X-5kt6Y65h5V19HQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
15493
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 10 Jan 2024 08:51:49 GMT
server
cloudflare
etag
"ce86682ed812018da6e05866dd732bd9"
vary
Origin, Accept-Encoding
x-goog-generation
1704876709284217
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=lUk6qA==, md5=zoZoLtgSAY2m4Fhm3XMr2Q==
cache-control
public, max-age=14400
x-goog-stored-content-length
15493
accept-ranges
bytes
cf-ray
84744eeb3de69b71-FRA
expires
Thu, 18 Jan 2024 09:06:22 GMT
Untitled-design-18-150x150.png
media.xtra.com.my/2024/01/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/Untitled-design-18-150x150.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e1e57d802f1b3dcffcff827a214f01e392d75af315fff67bdc9b77e414a2323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=15311, status=vary_header_present
x-guploader-uploadid
ABPtcPokZdxTRzkvjfKlZwrwh-6TRHCsRrGg_3nKzJla46Zij2dyNdwhwsDw6_T_5txJghkaL4Y4rRPRSw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
14860
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Tue, 16 Jan 2024 04:19:59 GMT
server
cloudflare
etag
"0399c27267a3b02cb76904b8be727765"
vary
Origin, Accept-Encoding
x-goog-generation
1705378799314549
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=WLs02A==, md5=A5nCcmejsCy3aQS4vnJ3ZQ==
cache-control
public, max-age=14400
x-goog-stored-content-length
15311
accept-ranges
bytes
cf-ray
84744eeb3de79b71-FRA
expires
Thu, 18 Jan 2024 09:06:22 GMT
tyBSHTMF-Untitled-design-12-150x150.png
media.xtra.com.my/2024/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/tyBSHTMF-Untitled-design-12-150x150.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
921f30e907d2259006afcd16b30238c61d0f2cecb1e168cfdcda3f65be71de0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=16017, status=vary_header_present
x-guploader-uploadid
ABPtcPrjLGiOFlbt38u1lkiPUCGelw0GldARdGjgbKrdKs0EMOe941e2Conh-Er-nyYO7-bHmoVgVIriZMv7QidVmVFMJ7sR5UE2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
15875
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 08 Jan 2024 02:17:09 GMT
server
cloudflare
etag
"937c0c209c263fc8cacc5f55c937fa88"
vary
Origin, Accept-Encoding
x-goog-generation
1704680229323556
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=dlQmNQ==, md5=k3wMIJwmP8jKzF9VyTf6iA==
cache-control
public, max-age=14400
x-goog-stored-content-length
16017
accept-ranges
bytes
cf-ray
84744eeb3de89b71-FRA
expires
Thu, 18 Jan 2024 09:06:22 GMT
mentega-terbang-1-150x150.jpg
media.xtra.com.my/2024/01/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/mentega-terbang-1-150x150.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2182c5ff2c9e56010abf84dfc9e05dac7cefa161b3403fccd0df11cd9e229d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=6113, status=vary_header_present
x-guploader-uploadid
ABPtcPoxk8dUZSl5hxb8RNjlafOo7OFWWgEFor6Az834YZcIK_4nFJ63wmERx_2Qdd1DNFm3izVWfiClWQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
5973
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 07:02:49 GMT
server
cloudflare
etag
"3c5c51f59552143c8d7d4f0f0dcf5bb1"
vary
Origin, Accept-Encoding
x-goog-generation
1705474969200457
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=eNvoSw==, md5=PFxR9ZVSFDyNfU8PDc9bsQ==
cache-control
public, max-age=14400
x-goog-stored-content-length
6113
accept-ranges
bytes
cf-ray
84744eec0e549b71-FRA
expires
Thu, 18 Jan 2024 09:06:22 GMT
Untitled-design-17-150x150.png
media.xtra.com.my/2024/01/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/Untitled-design-17-150x150.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89b95737b1306fe4aa41298112a7fb4f7d2a5a256dcd4d696665d53386b07d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=16721, status=vary_header_present
x-guploader-uploadid
ABPtcPq3UaDOo6rchCDU8Ywn0KPar6UyzJc8Xt-ptIxEapeYATESlV0o104sUzwdUUG3rF0MdHqyPboAZg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
15842
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 15 Jan 2024 06:34:10 GMT
server
cloudflare
etag
"1fb85f1c44ebb7551538d9e9e11521d4"
vary
Origin, Accept-Encoding
x-goog-generation
1705300450817695
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=nKh5hw==, md5=H7hfHETrt1UVONnp4RUh1A==
cache-control
public, max-age=14400
x-goog-stored-content-length
16721
accept-ranges
bytes
cf-ray
84744eec0e559b71-FRA
expires
Thu, 18 Jan 2024 09:06:22 GMT
DF29CC4E-3AC1-4E00-B851-F87B41C7C96D-150x150.png
media.xtra.com.my/2024/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/DF29CC4E-3AC1-4E00-B851-F87B41C7C96D-150x150.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530ad6ed9a89b8408d4869ff4c4115a09a905476a88ba6181f81f4c0524fd6d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=14725, status=vary_header_present
x-guploader-uploadid
ABPtcPqNz8RbjizZhT3JiWlzJBgJu9FuJXWQ_-2szxi5Abq6O-sucfN98DemnFWwU73okoBXdO-lq0TVKVM88Uqj9F2He7WBHDen
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
13894
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Fri, 12 Jan 2024 05:03:57 GMT
server
cloudflare
etag
"7ca0b602822740580fd5ca62f05b6c87"
vary
Origin, Accept-Encoding
x-goog-generation
1705035837610465
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=O5NjPg==, md5=fKC2AoInQFgP1cpi8Ftshw==
cache-control
public, max-age=14400
x-goog-stored-content-length
14725
accept-ranges
bytes
cf-ray
84744eec0e569b71-FRA
expires
Thu, 18 Jan 2024 09:06:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B9E0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
41742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 17:30:40 GMT
expires
Thu, 16 Jan 2025 17:30:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E666 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
70410df812031cfc16890972a8f8e9b16cce7bf7808a53e4f44ea4bbdc187841
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qjm7TiR-dkIb8KKy2HpKOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xtra.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qjm7TiR-dkIb8KKy2HpKOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 05:06:22 GMT
expires
Thu, 18 Jan 2024 05:06:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
imageHelper.php
headend-api.tonton.com.my/v210/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headend-api.tonton.com.my/v210/imageHelper.php?id=6492519:380:STILL:PORTRAIT&w=280&appID=TONTON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
37a26a1ff047dd99ff0ecaeae55f01f5c017521fb35e95b5e07281aa4d20ea85
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Thu, 18 Jan 2024 05:06:22 GMT
age
5694
x-powered-by
PHP/7.4.33
x-cache
HIT
content-length
37823
x-served-by
cache-fra-etou8220030-FRA
x-timer
S1705554383.934276,VS0,VE2
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400, max-age=14400
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
imageHelper.php
headend-api.tonton.com.my/v210/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headend-api.tonton.com.my/v210/imageHelper.php?id=6494409:380:STILL:PORTRAIT&w=280&appID=TONTON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
fc52b080dcc74323bd7fb32e3425d39724dacdc1e3165d9df45bc44866416c3c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Thu, 18 Jan 2024 05:06:22 GMT
age
5694
x-powered-by
PHP/7.4.33
x-cache
HIT
content-length
51951
x-served-by
cache-fra-etou8220030-FRA
x-timer
S1705554383.934383,VS0,VE1
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400, max-age=14400
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
imageHelper.php
headend-api.tonton.com.my/v210/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headend-api.tonton.com.my/v210/imageHelper.php?id=6494330:380:STILL:PORTRAIT&w=280&appID=TONTON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
70d436e96cfd75a3b239377d9354ac1a0a67973f091504d6cedb2678337382b0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish
date
Thu, 18 Jan 2024 05:06:23 GMT
age
387
x-powered-by
PHP/7.4.33
x-cache
MISS
content-length
55619
x-served-by
cache-fra-etou8220030-FRA
x-timer
S1705554383.933953,VS0,VE955
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400, max-age=14400
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
0
imageHelper.php
headend-api.tonton.com.my/v200/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headend-api.tonton.com.my/v200/imageHelper.php?id=6486435:380:STILL:PORTRAIT&w=280&appID=TONTON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
a07883d912aa9688b01fafb187ca56ac71649839fa7640c64030ede9a8a168f8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Thu, 18 Jan 2024 05:06:22 GMT
age
5694
x-powered-by
PHP/7.4.33
x-cache
HIT
content-length
39813
x-served-by
cache-fra-etou8220030-FRA
x-timer
S1705554383.934175,VS0,VE1
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400, max-age=14400
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
imageHelper.php
headend-api.tonton.com.my/v210/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headend-api.tonton.com.my/v210/imageHelper.php?id=6472675:380:STILL:PORTRAIT&w=280&appID=TONTON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
11b86bbb65fea881f881b3d23f90033204b27858d7fcecdf2fda7fe16436f21f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish
date
Thu, 18 Jan 2024 05:06:23 GMT
age
0
x-powered-by
PHP/7.4.33
x-cache
MISS
content-length
40000
x-served-by
cache-fra-etou8220030-FRA
x-timer
S1705554383.934398,VS0,VE1011
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400, max-age=14400
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
0
imageHelper.php
headend-api.tonton.com.my/v210/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headend-api.tonton.com.my/v210/imageHelper.php?id=6492995:380:STILL:PORTRAIT&w=280&appID=TONTON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
1077ef2cc43d197e29515feaa4642affb39ba40c9753a5a81b124f3054ae24f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Thu, 18 Jan 2024 05:06:22 GMT
age
5694
x-powered-by
PHP/7.4.33
x-cache
HIT
content-length
63005
x-served-by
cache-fra-etou8220030-FRA
x-timer
S1705554383.934595,VS0,VE2
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400, max-age=14400
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
imageHelper.php
headend-api.tonton.com.my/v200/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headend-api.tonton.com.my/v200/imageHelper.php?id=6485699:380:STILL:PORTRAIT&w=280&appID=TONTON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
200d6b6e8ea6eb3c0514c9180b13128d7ad60dd45c8c04a7666e47c7e93f1da4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish
date
Thu, 18 Jan 2024 05:06:22 GMT
age
5694
x-powered-by
PHP/7.4.33
x-cache
HIT
content-length
71273
x-served-by
cache-fra-etou8220030-FRA
x-timer
S1705554383.964068,VS0,VE1
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400, max-age=14400
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
imageHelper.php
headend-api.tonton.com.my/v210/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headend-api.tonton.com.my/v210/imageHelper.php?id=6492205:380:STILL:PORTRAIT&w=280&appID=TONTON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
15c279f84f641d5e986de22c389282fe6051c0bbb086265468e861d085e6af8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Thu, 18 Jan 2024 05:06:22 GMT
age
5694
x-powered-by
PHP/7.4.33
x-cache
HIT
content-length
39978
x-served-by
cache-fra-etou8220030-FRA
x-timer
S1705554383.964154,VS0,VE1
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400, max-age=14400
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
imageHelper.php
headend-api.tonton.com.my/v210/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headend-api.tonton.com.my/v210/imageHelper.php?id=6491198:380:STILL:PORTRAIT&w=280&appID=TONTON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
2598a74fe130bfb900902a82627209d82e45d11df3e01616d38edf64a685ac71
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish
date
Thu, 18 Jan 2024 05:06:22 GMT
age
5694
x-powered-by
PHP/7.4.33
x-cache
HIT
content-length
60659
x-served-by
cache-fra-etou8220030-FRA
x-timer
S1705554383.971385,VS0,VE1
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400, max-age=14400
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
imageHelper.php
headend-api.tonton.com.my/v210/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://headend-api.tonton.com.my/v210/imageHelper.php?id=6494418:380:STILL:PORTRAIT&w=280&appID=TONTON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ PHP/7.4.33
Resource Hash
af52f89de677559b5bf4f8c03923dfad580b6a8f7f3919f0d0b5b8e81b870e90
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish
date
Thu, 18 Jan 2024 05:06:22 GMT
age
5694
x-powered-by
PHP/7.4.33
x-cache
HIT
content-length
50888
x-served-by
cache-fra-etou8220030-FRA
x-timer
S1705554383.971386,VS0,VE2
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400, max-age=14400
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame B9E0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
43027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 17:09:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E666 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401100101&jk=2607990086942047&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
Inteam1-150x150.jpg
media.xtra.com.my/2024/01/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/Inteam1-150x150.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a874a8762a3915fc7771ff580f8c9525370baff8b8d86c27dc3a79c00acbf65d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=6494, status=vary_header_present
x-guploader-uploadid
ABPtcPq_fM_ypdpRrVKD9CXb5J4DtyaosI-Vt78TxxZaQxRgTCgX506DjPimuxX3SBn73ajLmqZz8iaHYg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
6351
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 21:58:44 GMT
server
cloudflare
etag
"5b983bb0c49feffc914d35d3f7703cf3"
vary
Origin, Accept-Encoding
x-goog-generation
1705528724912874
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=/bt1jg==, md5=W5g7sMSf7/yRTTXT93A88w==
cache-control
public, max-age=14400
x-goog-stored-content-length
6494
accept-ranges
bytes
cf-ray
84744eeceec79b71-FRA
expires
Thu, 18 Jan 2024 09:06:22 GMT
B18FB90E-99F8-460A-9B50-173C2AEAA612-150x150.jpeg
media.xtra.com.my/2024/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/B18FB90E-99F8-460A-9B50-173C2AEAA612-150x150.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47ad3140491f0fe7774be2b7d39e5bc95e68b782b43319b066a3e2071aa458b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=6903, status=vary_header_present
x-guploader-uploadid
ABPtcPodjaOc8ScIrBFmhX4YHB_S5rzofoSKICcrii3_Wpu3rzlKL26dqZpCnwN86ihQJ7HN9iSgqTtioA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
6768
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 13:43:50 GMT
server
cloudflare
etag
"88c5ab3f61a20f5f6679c2b421fbe892"
vary
Origin, Accept-Encoding
x-goog-generation
1705499030828815
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=xVqrxA==, md5=iMWrP2GiD19mecK0Ifvokg==
cache-control
public, max-age=14400
x-goog-stored-content-length
6903
accept-ranges
bytes
cf-ray
84744eeceec89b71-FRA
expires
Thu, 18 Jan 2024 09:06:22 GMT
Lof1-150x150.jpg
media.xtra.com.my/2024/01/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/Lof1-150x150.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52fdc021d2396d0b395fdc615a95b2ad655fb9e4a0084b3000fd33f568205e9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=7241, status=vary_header_present
x-guploader-uploadid
ABPtcPpYmUelt1RklwO2jtekuZFItJrVgKDHtSpTB8Elsg2ACwTJeGT2R0m86SNrs4_fId6t_cwtrRZh_g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
7127
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Jan 2024 11:18:19 GMT
server
cloudflare
etag
"12603e07c4e8aa7be15f7cf17129cb77"
vary
Origin, Accept-Encoding
x-goog-generation
1705490299608280
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=kgYHOg==, md5=EmA+B8ToqnvhX3zxcSnLdw==
cache-control
public, max-age=14400
x-goog-stored-content-length
7241
accept-ranges
bytes
cf-ray
84744eeceec99b71-FRA
expires
Thu, 18 Jan 2024 09:06:22 GMT
generate_204
tpc.googlesyndication.com/ Frame B9E0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VTRxcw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
al-maqari-150x150.jpg
media.xtra.com.my/2024/01/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2024/01/al-maqari-150x150.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7f2593358e504e72f4a6b60dc384330f0c5b1f4efd593cd611422a0be98c92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=7478, status=vary_header_present
x-guploader-uploadid
ABPtcPrGa-du9kIwocVVYbA36-Wm2j4eHqbbgtNcU3bpfEk-zwXNjkfTCUGzdj9mpdBzQFrwYhCT6SwstSxl39drpy4qmQ8rVaD0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
7390
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Sun, 07 Jan 2024 01:11:21 GMT
server
cloudflare
etag
"1ddfe73930c759df561e982a86130f63"
vary
Origin, Accept-Encoding
x-goog-generation
1704589881932166
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=Ha7tCg==, md5=Hd/nOTDHWd9WHpgqhhMPYw==
cache-control
public, max-age=14400
x-goog-stored-content-length
7478
accept-ranges
bytes
cf-ray
84744eedcf8c9b71-FRA
expires
Thu, 18 Jan 2024 09:06:23 GMT
Untitled-design-2023-12-27T104002.233-150x150.png
media.xtra.com.my/2023/12/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2023/12/Untitled-design-2023-12-27T104002.233-150x150.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b7ad6bddbc9f8c212c7a4247e2303508bd2914b247d5c76d12198847fbfaa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=52221, status=vary_header_present
x-guploader-uploadid
ABPtcPqTUYtKZ5U6h_3Bp4QDhxNkJ66i35u4NXKFk-aEEtb0nP0O7_Pc4FxGpLGytkrlRc-ODabTzjCcuUz66YrypKx_kAmUuqV9
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
45863
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 27 Dec 2023 02:45:26 GMT
server
cloudflare
etag
"986531d1cfe62abfc13dbd4628b9d1ee"
vary
Origin, Accept-Encoding
x-goog-generation
1703645126418840
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=Vw16GA==, md5=mGUx0c/mKr/BPb1GKLnR7g==
cache-control
public, max-age=14400
x-goog-stored-content-length
52221
accept-ranges
bytes
cf-ray
84744eedcf8f9b71-FRA
expires
Thu, 18 Jan 2024 09:06:23 GMT
Untitled-design-2023-12-21T144814.745-150x150.png
media.xtra.com.my/2023/12/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2023/12/Untitled-design-2023-12-21T144814.745-150x150.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
938a9c7e1e16b5886b718ac1435d95276e98181319abc73676f93e96d4b3853c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=51342, status=vary_header_present
x-guploader-uploadid
ABPtcPoJm-3SKkhx4kaGoLu7rl_yqdPritw9ad1Rrg9ME4K_wWwPfAtzJPOM6ZA16qYQbmfjlpg3BFB8WmXwpviuYR0kvQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
45032
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Thu, 21 Dec 2023 06:49:10 GMT
server
cloudflare
etag
"9613ad42ae94146bc0e9f0c73ed43596"
vary
Origin, Accept-Encoding
x-goog-generation
1703141350427244
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=+kr8fw==, md5=lhOtQq6UFGvA6fDHPtQ1lg==
cache-control
public, max-age=14400
x-goog-stored-content-length
51342
accept-ranges
bytes
cf-ray
84744eedcf919b71-FRA
expires
Thu, 18 Jan 2024 09:06:23 GMT
lLa3TpL5-audio-plus_master.png
media.xtra.com.my/2022/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2022/08/lLa3TpL5-audio-plus_master.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d5e85467b8463fbc1c3b2bd68dbc6b0f2579460ddbd9678818c584b9d1e12e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
x-guploader-uploadid
ABPtcPquK4uYg2ilJ9jnTdcTbe7exik3c3lODE_4IOsb8HDmqzzr0zACiLamjxB4_tceBsera_LsPp581fSfZ6E
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3935
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Tue, 23 Aug 2022 02:08:59 GMT
server
cloudflare
etag
"afda194ea9a5798a7e89bd20c3b3374b"
vary
Origin, Accept-Encoding
x-goog-generation
1661220539207848
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=T1rDFQ==, md5=r9oZTqmleYp+ib0gw7M3Sw==
cache-control
public, max-age=14400
x-goog-stored-content-length
3935
accept-ranges
bytes
cf-ray
84744eeea8279b71-FRA
expires
Thu, 18 Jan 2024 09:06:23 GMT
LTHr0jrG-Hot-FM.png
media.xtra.com.my/2022/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2022/08/LTHr0jrG-Hot-FM.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a13e0c4ce4a173af750de90c0befb1e704be00b426caeaf8c759a950223004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=4191, status=vary_header_present
x-guploader-uploadid
ABPtcPqypW5As-wEp8BpdYqMYIYQvn61DvFIUPYupolQ_L42-NRDtABF3crpzFCoSDpj6jgpzgYCM5ePat2izxDYLjE1_Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
4147
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Tue, 23 Aug 2022 02:09:29 GMT
server
cloudflare
etag
"c7591ac01bd45a6301e5c100bba75b67"
vary
Origin, Accept-Encoding
x-goog-generation
1661220569634118
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=+dWmTw==, md5=x1kawBvUWmMB5cEAu6dbZw==
cache-control
public, max-age=14400
x-goog-stored-content-length
4191
accept-ranges
bytes
cf-ray
84744eeea8289b71-FRA
expires
Thu, 18 Jan 2024 09:06:23 GMT
Im7JQLCi-logo_kool101_master-01.png
media.xtra.com.my/2023/07/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2023/07/Im7JQLCi-logo_kool101_master-01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67f58b4b2345b186eeec4aed03c134b51e3630f3792a9e89da9d6335ed90ad46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=49791, status=vary_header_present
x-guploader-uploadid
ABPtcPo0A1y_pKV7wKnkiWVBLLg_EprRnK8Qyx6fltpDbe1XDQOxl3CnrEp35n8IQRZ7MFsqpNd9SYjcka3oYhQ7Ifd-kw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
48487
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Thu, 06 Jul 2023 01:59:20 GMT
server
cloudflare
etag
"30f14b1faca2c7534811fed501101dbb"
vary
Origin, Accept-Encoding
x-goog-generation
1688608760882707
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=Xvam2g==, md5=MPFLH6yix1NIEf7VARAduw==
cache-control
public, max-age=14400
x-goog-stored-content-length
49791
accept-ranges
bytes
cf-ray
84744eeea8299b71-FRA
expires
Thu, 18 Jan 2024 09:06:23 GMT
fObfc8sg-8FM.png
media.xtra.com.my/2022/08/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2022/08/fObfc8sg-8FM.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
accc6308a39008364e869ed50d65eddcfe69e8166e11b095a6010177fa3daa55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=16387, status=vary_header_present
x-guploader-uploadid
ABPtcPqZiRPr1sTwARZ5uG4GQzezjes1lnxaQjheN7GqkZshzkKKV0IgnkGaGy3PK9hOWVkdqhpQyhhu644cr-qM1CutCQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
16375
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Tue, 23 Aug 2022 02:08:51 GMT
server
cloudflare
etag
"3dadfd35eec334b0ff8b2efb2d2f45d4"
vary
Origin, Accept-Encoding
x-goog-generation
1661220531110232
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=SBgeTw==, md5=Pa39Ne7DNLD/iy77LS9F1A==
cache-control
public, max-age=14400
x-goog-stored-content-length
16387
accept-ranges
bytes
cf-ray
84744eef78829b71-FRA
expires
Thu, 18 Jan 2024 09:06:23 GMT
xT22MnrR-Fly-FM.png
media.xtra.com.my/2022/08/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2022/08/xT22MnrR-Fly-FM.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32571990e755f11525af6c04da32841f2cf629dc36784ae847a908e389cb9ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=13847, status=vary_header_present
x-guploader-uploadid
ABPtcPofN32BFVS0qT6aMxqaTDMmuZ6FrgrsnE4AcqwOJ0L7HCL0A4JDsvtYJbpAoHWEBXI8H3E454T8Jz8FF18GBMW3WQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
13607
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Tue, 23 Aug 2022 02:09:19 GMT
server
cloudflare
etag
"c7ad511c85959d1ba018b2a93f0554cf"
vary
Origin, Accept-Encoding
x-goog-generation
1661220559841208
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=SAIhDQ==, md5=x61RHIWVnRugGLKpPwVUzw==
cache-control
public, max-age=14400
x-goog-stored-content-length
13847
accept-ranges
bytes
cf-ray
84744eef78839b71-FRA
expires
Thu, 18 Jan 2024 09:06:23 GMT
uoRHtHcg-molekfm_master.png
media.xtra.com.my/2022/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.xtra.com.my/2022/08/uoRHtHcg-molekfm_master.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbfce57d3c8d953073cdade8c841855e10702183247b3196023a416fabc88175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 05:06:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
x-guploader-uploadid
ABPtcPopvh4CcNO5LM0PFpbu3LgMPQ1x4cgIanSQd4RbZF7U5KlmQwKviCm3CNy3JzMGOJse3GwelzP7Gzr3clSYiefrIg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
11176
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Tue, 23 Aug 2022 02:09:39 GMT
server
cloudflare
etag
"3e388a5b53f47dd4f9ee7c2ee5f3375d"
vary
Origin, Accept-Encoding
x-goog-generation
1661220579597807
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=45GyEw==, md5=PjiKW1P0fdT57nwu5fM3XQ==
cache-control
public, max-age=14400
x-goog-stored-content-length
11176
accept-ranges
bytes
cf-ray
84744eef78849b71-FRA
expires
Thu, 18 Jan 2024 09:06:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401100101&jk=2607990086942047&bg=!jY6ljsHNAAa8BdJLnAU7ADQBe5WfOBFS-xotSIo-gi88PYrzh_9B8RJANEl510-ms_HiICV2SHoXma-dXfeF0gczXcUXAgAAADZSAAAAA2gBB5kCuTn95Owsp0Y6lbc-N7gFIQroBQL2RQx_anvsIYMM6Ajm91f2l14YqG23gjTxk3BuoMnu_CQmivtJhNz7JGk8rd9PTTbgeOK5ptxQiHVzXiNaZlDroYaLLjRuDgDI9lMbp1FEgA15Gl0gChI1KqriYnvjlBtM02UGVXfIfTpLC5wWE5nhhUz4-XuXD5AxExsFfMjw57SNNFkEgMrxFgK_4LE28tz18dolSJBX-YGoTkve4j2ZeUkoj6cZtGwt-CXCdrdYdHGEkPmpi2Quh-70FQUlP-NBKGUJofcxDpv3afKOjtt6aNjpwgHGpAhdCc9Xhlowc9naxBeVVDWzLTuAT02-lChnqGPm3ERRUADItC0kp0h1qqQ8JBAnTktSVWNwq_OBql1K3ikU0qM-Thv3YhWTGul93ddWofZjhPsUBbBc6zMeYeIYCffOwiIIHgcMRM4bFwWeJya2Ki5hV_hW8E6mkHJ24wiIlI7KvAIgnMfR8u_Kzyxto7J3HY418X2vUaPGok3IqKwqV7rCggTFyzF60Y6eO5WmLb8GyeOqGwiKgrcQrlwtyoQ5F-zCiSs4bxi5ki9HHnpBG3ULyo1VvhrjuO8Sd5fL5LNFUgtQ32HL1bZ270PYhIv4fQ5Qv_rlistjwD93jHO5shIELB61BKsdrjPMm1v-Fq25TPxjNYkMn3XW7lzOH6-3e_hmfO59DyWqEJjNapuVfxES4rzRaSiMa9WJtUo1Ytptc8wSiXACLHttLI_MvFkhtHdgKHm7nYL1zTz9jzQKAzTBvrrCbBDJBFFZOGGzC_9M5_DVPIOf8x8f-H37pK8KlkPQ9-Kn8ZmNFR5qLg-L6ZY8gNT2jn1tQUfVU8Thz__0SDV79cZ4lAK0NTF8_5CuQLZivZdN0HGsXPOMdGcmdGSOwSQEp5Fkij8-XW1eQ2g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
all
csm.eu.criteo.net/ Frame 837A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lwNm68LXDn3xTmCLwEgWAPtju0wg4sZDIchddbpTzUJuxbdd-AahxpwMc738kYbAbLmXsp-fQgXV954ngPzFWuM18y3kHetDaiql882cvqdZ-YIWHw4clip9nG_-64lNostJrKbT-1nqWQNUeMlBHxqofrhMO7FW9bOG3bV6QFsd-dX3awQZMOsSr5QDoY0hAGfdr1rjmp5mDvqs9i6QwUnpwJ8yOXvWo-1FcgIR78UuNyEP4wWbORRkQ_FmjXI601zKSQ&sds=2&rev=90178&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaixzQACxGsA-QZ3AAquCRJNVSRNtNxHpBl6kw&u=%7Csu%2Bhjjs%2Fz2rkBNYHLXGHJ1gICagFk23JFay2JwAu7zU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869u7a1omcK971oykweudJJLSvXZwsEluamGFYnZ-0QRfGA_GfyeICBliwv18y78FtqP--728DJhXwTns6Y9DdQ3YUzUaaqDJP5m3dEYWJlxVTVxBjhW0SkefRTfU8pkOOH0wfeYePZLRzXSBNOUR8sS1j64TLj1hcQ2nXKeARkUafstI5NvjMegaEdF-Hqrb9maJuly2YF972zRq3n3SjVFSNwb0XouBnifPBZT4EcS9AnmzjB8ANK6PYl0o_9dp49VREeWhP0Fx0wJoD_PVSk7F2rt4H2GR2Cc7AOkUnUwj8bOUHkoQQKJWWTjsKqyrfDCpb3TtAWMhwN9eYb15Bvxh_CXM8pLBB26X1lp-La6I_-Tppd1AFUpooiuGXbB0FQ5ATSHzvOpqRFFUgLkWLVd9VHr7QRdgbSTOzapb8ASdZCw9gSFrZtiMfYcES8r9xy0A9ruBa37aFVEl34lcd6lMaYofmxF7sOP2qCqxaGqz85z_udOwOiWLmw5slbe2CD1SAoJR-SdSB6S0hNkT-YawfWPtQI_6O3hRJiyw5Y3O7MgcxharVCAgVZk9qP0H2x8yKYSjjgSQS70NO4jGNPYx6TY_XPL1Ag&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMCAkzbGoZeuIC_eM5LcPidyqsAfJntKxXMWymPdwwI23ARABIABglYKAgLAHggEXY2EtcHViLTcyOTA2Mzc1NDQ3NTI3MDbIAQmpAuyfUp9NQ7I-qAMByAMCqgTKAU_QVpYpVHYiWsiutOPatbGMn3nQPH0MbhsKXWXKGk0FhatSeZk6SA-5Xuku8hJph9k1D9B9hxnnNhsBofDuZ6ivDelEz8IwihFlfSj3Hs_v2PTgNMZObmUj0N2IVCOpQqBqJuFtZFJraQnnDwj5y6wNlZ9xEeYbgCMJBvzDzfvvLPKcRkiVfpeJhyjf6AT7ywKZ6PIYoRn26uXFGr39skxhEFHKmDdPu7kZWW4oqZFmE5nBhNnUrolHPX8aIRiSqIUTu6TiUqkJ3S-ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljL3Z-YleaDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rlI1QPuqRDjjbeNqdArKVlI--hg%26client%3Dca-pub-7290637544752706%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 18 Jan 2024 05:06:23 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
collect
x.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.xtra.com.my
Date
Thu, 18 Jan 2024 05:06:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
events
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/ 		0
0
events
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.87.4.75 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.4.87.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://www.xtra.com.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length
43
content-type
application/json; charset=UTF-8
date
Thu, 18 Jan 2024 05:06:25 GMT
x-cloud-request-id
htcJLBiUSkSA5Qu2RECbbA
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KM2DDTPDW6&gtm=45je41a0v9108145860z877064364&_p=1705554380229&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1371778314.1705554381&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1705554380&sct=1&seg=0&dl=https%3A%2F%2Fwww.xtra.com.my%2F&dt=XTRA%20-&en=page_load_time&ep.article_author=n%2Fa&ep.publication_date=n%2Fa&ep.publication_time=n%2Fa&ep.pagetype=website&ep.article_id=n%2Fa&ep.site_name=XTRA%20-&ep.modified_date=n%2Fa&ep.modified_time=n%2Fa&epn.loading_time_sec=2.9&_et=691&tfd=7872
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KM2DDTPDW6&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xtra.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 05:06:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xtra.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
x.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: unpkg.com
URL: https://unpkg.com/@elastic/apm-rum@5.10.2/dist/bundles/elastic-apm-rum.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.xtra.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.xtra.com.my
Date
Thu, 18 Jan 2024 05:06:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
exclusive.myundi.com.my
URL
https://exclusive.myundi.com.my/myundiwidget-newsticker/myundiwidget-bm.js?c=1705554380743
Domain
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com
URL
https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events
Domain
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com
URL
https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events
Domain
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com
URL
https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events

Verdicts & Comments Add Verdict or Comment

514 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 function| mobileCheck object| dataLayer object| googletag object| _wpemojiSettings function| $ function| jQuery object| lightningtag_data object| lotame_7269 object| TagGroupsBase object| wpp_params object| WordPressPopularPosts string| image_save_msg string| no_menu_msg string| smessage function| disableEnterKey function| wccp_free_iscontenteditable function| disable_copy function| disable_copy_ie function| reEnable function| disableSelection function| onlongtouch undefined| timer number| touchduration string| elemtype function| touchstart function| touchend function| wccp_pro_is_passive function| nocontext undefined| e object| twemoji object| wp object| elasticApm function| lotameIsCompatible function| lt7269_ba function| lt7269_b undefined| lt7269_c undefined| lt7269_ca undefined| lt7269_da function| lt7269_ea object| lt7269_e function| lt7269_fa function| lt7269_g function| lt7269_ha object| lt7269_ object| lt7269_na object| lt7269_oa object| lt7269_Oa object| lt7269_Ya object| lt7269_Za object| lt7269_7 function| lt7269_aa function| lt7269_a function| lt7269_d function| lt7269_f function| lt7269_h function| lt7269_ga function| lt7269_ia function| lt7269_i function| lt7269_ja function| lt7269_j function| lt7269_k function| lt7269_l function| lt7269_m function| lt7269_n function| lt7269_la function| lt7269_ka function| lt7269_o function| lt7269_p function| lt7269_ma function| lt7269_q function| lt7269_r function| lt7269_s function| lt7269_t function| lt7269_u function| lt7269_sa function| lt7269_pa function| lt7269_qa function| lt7269_w function| lt7269_ra function| lt7269_x function| lt7269_y function| lt7269_z function| lt7269_A function| lt7269_v function| lt7269_B function| lt7269_C function| lt7269_ta function| lt7269_D function| lt7269_E function| lt7269_ua function| lt7269_F function| lt7269_G function| lt7269_va function| lt7269_H function| lt7269_I function| lt7269_J function| lt7269_wa function| lt7269_L function| lt7269_M function| lt7269_K function| lt7269_xa function| lt7269_ya function| lt7269_N function| lt7269_za function| lt7269_Aa function| lt7269_Ba function| lt7269_Ca function| lt7269_Da function| lt7269_Ea function| lt7269_Fa function| lt7269_Ja function| lt7269_Ga function| lt7269_Ha function| lt7269_Ia function| lt7269_Ka function| lt7269_Ma function| lt7269_La function| lt7269_Na function| lt7269_O function| lt7269_Pa function| lt7269_Qa function| lt7269_Ra function| lt7269_Sa function| lt7269_Ta function| lt7269_Ua function| lt7269_Va function| lt7269_Wa function| lt7269_Xa function| lt7269_P function| lt7269__a function| lt7269_0a function| lt7269_1a function| lt7269_Q function| lt7269_R function| lt7269_2a function| lt7269_S function| lt7269_T function| lt7269_3a function| lt7269_4a function| lt7269_5a function| lt7269_U function| lt7269_V function| lt7269_W function| lt7269_X function| lt7269_Y function| lt7269_6a function| lt7269_9a function| lt7269_8a function| lt7269_7a function| lt7269_Z function| lt7269__ function| lt7269_0 function| lt7269_1 function| lt7269_4 function| lt7269_ab function| lt7269_cb function| lt7269_bb function| lt7269_eb function| lt7269_db function| lt7269_2 function| lt7269_gb function| lt7269_ib function| lt7269_hb function| lt7269_3 function| lt7269_$a function| lt7269_fb function| lt7269_jb function| lt7269_kb function| lt7269_lb function| lt7269_mb function| lt7269_5 function| lt7269_6 function| lt7269_nb function| lt7269_ob function| lt7269_pb function| lt7269_qb function| lt7269_rb function| lt7269_sb function| lt7269_tb function| lt7269_ub function| lt7269_vb function| lt7269_wb function| lt7269_8 function| lt7269_zb function| lt7269_Ab function| lt7269_yb function| lt7269_xb function| lt7269_Cb function| lt7269_Bb function| lt7269_Eb function| lt7269_Db function| lt7269_Fb function| lt7269_Gb function| lt7269_Hb function| lt7269_Ib function| lt7269_Jb function| lt7269_Kb function| lt7269_Mb function| lt7269_Pb function| lt7269_Ob function| lt7269_Lb function| lt7269_Sb function| lt7269_Nb function| lt7269_Qb function| lt7269_Ub function| lt7269_Tb function| lt7269_Vb function| lt7269_Rb function| lt7269_Wb function| lt7269_Xb function| lt7269_Yb function| lt7269_9 function| lt7269_Zb function| lt7269__b function| lt7269_0b function| lt7269_1b function| lt7269_2b function| lt7269_$ function| lt7269_3b function| lt7269_4b function| lt7269_5b function| lt7269_6b function| lt7269_7b function| lt7269_8b function| lt7269_9b function| lt7269_$b function| lt7269_bc function| lt7269_cc function| lt7269_dc function| lt7269_ac object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| _sf_async_config number| _sf_startpt object| _comscore function| clarity function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| Mediator function| _ object| mediatorInstance object| logoutList object| loginBtn object| logoutBtn object| welcomeDiv object| profileLink object| loc string| search string| profile_url function| beginLogout boolean| auto function| Popper object| bootstrap function| switchTheme undefined| timeout_result function| show_wpcp_message function| hide_message string| addthis_product string| wp_product_version object| addthis_share object| addthis_config object| addthis_plugin_info object| lazySizes object| megamenu function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| V function| ea function| fa function| P function| W function| X function| da function| la function| m function| ca function| ha function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code function| truncate string| script_url string| url function| isHorizontalScrollAtEnd function| isHorizontalScrollAtLeft object| COMSCORE object| ns_p object| _cb_shared object| LOTCC_7269 object| LOTCC number| _c function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| revAdBlock function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| pbjs object| _33across function| gtag object| regeneratorRuntime object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_148 object| Criteo object| Criteo_identitytag_148 object| gsapVersions object| _cbm function| gtagH string| __INSIDER_SCRIPT_VERSION_xtramy__ function| pm function| sQuery object| spApi object| Insider boolean| insiderOptInOverlayIsActive string| insiderOptInOverlayMessage boolean| insiderOptInInstructionMessageIsActive string| insiderOptInInstructionImage string| insiderOptInInstructionMessage number| _sf_endpt object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

45 Cookies

Domain/Path Name / Value
.xtra.com.my/ Name: lotame_domain_check
Value: xtra.com.my
.xtra.com.my/ Name: _ga
Value: GA1.3.1371778314.1705554381
.xtra.com.my/ Name: _gid
Value: GA1.3.703342959.1705554381
.xtra.com.my/ Name: _gat_UA-71805444-2
Value: 1
.useinsider.com/ Name: __cf_bm
Value: hc3xZgp41KRmlMsIJxZdtWcXn6a33a6O9gTDNeSqhps-1705554380-1-AeUXCLkifjHnOOT0INyO7ThC6yHZDJ1jBW5CQr5/hdRs7eBmsTZ+Od14d6b4HWioBAblp1W8sHPU0ONUvndF6go=
www.clarity.ms/ Name: CLID
Value: c94b56d6401c44928226952d1e60ad8b.20240118.20250117
.xtra.com.my/ Name: _gat_gtag_UA_71805444_2
Value: 1
.xtra.com.my/ Name: _clck
Value: 1qjswza%7C2%7Cfii%7C0%7C1478
.xtra.com.my/ Name: _fbp
Value: fb.2.1705554381122.1105592613
.xtra.com.my/ Name: __gads
Value: ID=657595cf37405b55:T=1705554380:RT=1705554380:S=ALNI_MYH6grf0T_X-7_5UXmdV2OrVaBJHw
.xtra.com.my/ Name: __gpi
Value: UID=00000d439d411da4:T=1705554380:RT=1705554380:S=ALNI_MYZ1WQIHPYBK-NMuwTE_XiH_o4Nqw
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 7d67ea18-7912-482e-978a-bf1b794f8d9e
.openx.net/ Name: i
Value: f99faf29-2af7-449c-98b7-8884e32d57f5|1705554381
.xtra.com.my/ Name: cto_bundle
Value: epxZAV8zbHFtUDVmZyUyRmxjdSUyRkU4b1Q5WXBtcDczRTdOZFRWQmhET1V6MUtNbXR0emxKZGNHYWhTR2JKRGhvTEtMJTJCaXNYZk9MSVIxZnpvSlkyZVV6eCUyQnJvQVZiMkRiTk90Y0NPYWpNNmRBVzFIM2NWZWYzVXlpV2plcHR1NmVaRURGemJ2REhpa09ZdDl5cVlsZmdlM3hTUnZGdyUzRCUzRA
.doubleclick.net/ Name: IDE
Value: AHWqTUkd51VVRWcKQfs2nZymTaxBxiC4x6S9bXVOdKSteZ45l7_AwjXwrAGi2AWFJd4
.xtra.com.my/ Name: _clsk
Value: 1tw76iw%7C1705554381690%7C1%7C1%7Cx.clarity.ms%2Fcollect
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: 1D077D9D8C464332943F3770F1E82A3D
.adform.net/ Name: uid
Value: 7304690330688063268
.ctnsnet.com/ Name: gid_CAESEMElpUROxUowPF6v41wsNRo
Value: 1
.ctnsnet.com/ Name: cid_553f9ec0f1e240e091baf711ee4ec19f
Value: 1
.quantserve.com/ Name: d
Value: EEUBCQH3KoEA
.quantserve.com/ Name: mc
Value: 65a8b1cd-de764-525e1-4e70c
.yahoo.com/ Name: A3
Value: d=AQABBM2xqGUCEDtXeHanvrn--mMC38G7rHQFEgEBAQEDqmWyZQAAAAAA_eMAAA&S=AQAAAkjW6w0pShq_Ej9_qSgM7MM
.turn.com/ Name: uid
Value: 7577710197473319417
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22FA5153D4-A748-4B73-1758-F6513BCB3621%22%7D
.agkn.com/ Name: u
Value: C|0CEAtO25NLTtuTQAAAAAAAQ13AQCAAQpAAAAAAA
.agkn.com/ Name: ab
Value: 0001%3AfZjFrv1MvCS77YT5nfv792CTH4kikveL
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZaixzQAPMUC_dwAM
.w55c.net/ Name: wfivefivec
Value: SIdtsPk21RqkBD5
.w55c.net/ Name: matchgoogle
Value: 5
.tribalfusion.com/ Name: ANON_ID
Value: ayntuJRwEfES2QVoq6vnQ8ZdpfAY9f5SLyVflnZaprYdPqn8xe4M3TKdiqjWwy9DPKlGDKcs9VvwTaaYUpIKIQL2Zdx
.xtra.com.my/ Name: _ga_KM2DDTPDW6
Value: GS1.1.1705554380.1.0.1705554382.58.0.0
.xtra.com.my/ Name: _cb
Value: CzjR6-B_9MmID0rk96
.xtra.com.my/ Name: _chartbeat2
Value: .1705554382480.1705554382480.1.qr4oqB-iOfXCMwmL7BNf8bSCSRPC4.1
.xtra.com.my/ Name: _cb_svref
Value: external
.bing.com/ Name: MUID
Value: 13CBBB8E391D653E0261AF84389664B8
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 13CBBB8E391D653E0261AF84389664B8
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 13CBBB8E391D653E0261AF84389664B8
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
hb.revid.my/ Name: revid
Value: vjNUM3AEd6ayCkB5JxbKM

29 Console Messages

Source Level URL
Text
security error URL: https://www.xtra.com.my/
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7290637544752706(Line 227)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
javascript warning URL: https://www.xtra.com.my/(Line 2573)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exclusive.myundi.com.my/myundiwidget-newsticker/myundiwidget-bm.js?c=1705554380743, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.xtra.com.my/(Line 2573)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exclusive.myundi.com.my/myundiwidget-newsticker/myundiwidget-bm.js?c=1705554380743, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js(Line 9)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my(Line 718)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network error URL: https://exclusive.myundi.com.my/myundiwidget-newsticker/myundiwidget-bm.js?c=1705554380743
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security error URL: https://static.criteo.net/js/ld/publishertag.ids.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security warning URL: https://www.xtra.com.my/
Message:
Mixed Content: The page at 'https://www.xtra.com.my/' was loaded over HTTPS, but requested an insecure element 'http://pcto.revmedia.my/2024/01/xtra/assets/xtra-widget.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my(Line 718)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my(Line 718)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my(Line 718)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my(Line 718)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7290637544752706&plah=www.xtra.com.my(Line 718)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js(Line 9)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://oa.openxcdn.net/esp.js
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7290637544752706&output=html&h=280&adk=3987640334&adf=3874078024&pi=t.aa~a.2059125246~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705554077&rafmt=1&to=qs&pwprc=1664902234&format=1110x280&url=https%3A%2F%2Fwww.xtra.com.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705554381060&bpp=1&bdt=1029&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79713b782aa7d839%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MahWpfreJC-KaqdnbSwMZjjPJTuUA&gpic=UID%3D00000d439d3eb288%3AT%3D1705554380%3ART%3D1705554380%3AS%3DALNI_MagFyMsdsrfJuVgGvG2pRYujR3e5A&prev_fmts=0x0%2C1110x280&nras=3&correlator=6657886990256&frm=20&pv=1&ga_vid=1371778314.1705554381&ga_sid=1705554381&ga_hid=966308144&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31080442%2C44795922%2C95322329%2C95320888%2C95321627%2C95322164&oid=2&pvsid=2607990086942047&tmod=1773590758&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=13
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://xtramy.api.useinsider.com/ins.js?id=10008578
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTZhwLh2czXPsDE8m9eLQVHUUsuoBSWFazmgKd0VYUoCIfZBS7aWlP8p_iGzD049qxywm3CHALUs_Z-xuXU64nORsf8JF1dRBPGZdScjgt_0ddQH1Y-LCUJ63lnoV5bABDkOp8I3asTHhtutvbehYj4ha4&google_gid=CAESEKj0i3XT9zQG1oGS-9I7BKI&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.xtra.com.my/
Message:
Access to XMLHttpRequest at 'https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events' from origin 'https://www.xtra.com.my' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://tags.crwdcntrl.net/c/7269/cc_af.js(Line 42)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network error URL: https://bcp.crwdcntrl.net/5/c=7269/rand=894549618/pv=y/ug=%23OpR%23101615%23Tonton%20Extra%20%3A%20Article%20Title%20%3A%20XTRA%20-/int=%23OpR%2378253%23www.xtra.com.my%20%3A%20Total%20Site%20Traffic/rt=ifr
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31)
Message:
The Content-Security-Policy directive name 'default-src=*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
javascript error URL: https://www.xtra.com.my/
Message:
Access to XMLHttpRequest at 'https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events' from origin 'https://www.xtra.com.my' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.xtra.com.my/
Message:
Access to XMLHttpRequest at 'https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events' from origin 'https://www.xtra.com.my' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com/intake/v2/rum/events
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src=*
Strict-Transport-Security max-age=1000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.mediaprimaplus.com.my
ad.turn.com
ads.eu.criteo.com
ads.travelaudience.com
api.tonton.com.my
assets.api.useinsider.com
bcp.crwdcntrl.net
c.bing.com
c.clarity.ms
c1.adform.net
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.skypack.dev
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
csm.eu.criteo.net
d.agkn.com
dclk-match.dotomi.com
dis.criteo.com
e4d0c961d41107e9b3f51b9e1ad9a6e5.safeframe.googlesyndication.com
eitri.api.useinsider.com
exclusive.myundi.com.my
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.revid.my
headend-api.tonton.com.my
heartbeat.mediaprimaplus.com.my
hit.api.useinsider.com
i.ytimg.com
id.rlcdn.com
id5-sync.com
imageproxy.eu.criteo.net
invstatic101.creativecdn.com
ius.ctnsnet.com
locationv2.api.useinsider.com
mab.chartbeat.com
match.adsrvr.org
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com
media.xtra.com.my
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
oauthjs.revmedia.my
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pcto.revmedia.my
ping.chartbeat.net
pixel-sync.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
script.google.com
script.googleusercontent.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
stackpath.bootstrapcdn.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
wp-log.api.useinsider.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.xtra.com.my
x.clarity.ms
xtramy.api.useinsider.com
exclusive.myundi.com.my
media-prima-apm-poc.apm.asia-southeast1.gcp.elastic-cloud.com
104.18.35.167
141.95.98.65
142.250.181.230
142.250.186.162
151.101.2.217
151.101.66.49
178.250.1.6
178.250.1.9
18.158.149.85
18.245.60.76
20.114.190.119
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
216.58.206.34
23.206.23.103
23.32.185.35
2600:9000:2250:ea00:a:e047:753:a221
2600:9000:2646:2c00:18:1fcd:353:c61
2606:4700:10::ac43:266a
2606:4700:20::ac43:4ac2
2606:4700:4400::6812:233f
2606:4700:4400::6812:241a
2606:4700:4400::6812:2587
2606:4700:4400::6812:27d0
2606:4700:4400::ac40:9694
2606:4700:4400::ac40:97e6
2606:4700:7::a29f:853d
2606:4700:7::a29f:863d
2606:4700::6810:5514
2606:4700::6810:7daf
2606:4700::6811:180e
2606:4700::6812:18ad
2606:4700::6812:acf
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2006
2a00:1450:400c:c06::9c
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::c
2a02:fa8:8806:12::1370
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f113:81:face:b00c:0:25de
2a04:4e42:600::649
2a04:4e42::714
2a05:d018:d29:3601:fa46:4bf7:11fd:dd50
34.102.146.192
34.120.135.53
34.160.236.64
34.87.4.75
34.96.70.87
34.98.64.218
35.186.193.173
35.190.0.66
35.204.74.118
35.244.174.68
35.71.131.137
37.157.6.237
51.89.9.251
52.20.105.140
52.57.164.72
63.34.68.125
65.9.66.122
68.219.88.97
98.98.134.242
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
0280629d3ed85528f91027c8c2b3045aebc3f159b25d1f9c997e4b402e5e37c8
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04b7ad6bddbc9f8c212c7a4247e2303508bd2914b247d5c76d12198847fbfaa8
04f68dc2cf53280babc3cca1f0afbc30e61e757591607279464aca620a566c3f
0701fb457892efb3a755ffe6ce3e0b2958da20a104e446e6ad88062fc531e2d7
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0
0905ddf565be060c2a80f22440333ee30375d5f3400c54242118338052241919
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096b02a998e7dff832f5549ea526d8b461f14ffd0d7edcc1e243d8746d820967
0a1a3621ae845f4e2bed7b65fd2387a926d79561d712faaca627a32ae2911232
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2d44d4ef3f14eefd935acbc3a3a1b8ee462693c9bbbd96eca177b95fd98032
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
1077ef2cc43d197e29515feaa4642affb39ba40c9753a5a81b124f3054ae24f6
1111d9dc18727746a75dc5353cbc834540640617cbb73ac652e743d067f6015d
11b86bbb65fea881f881b3d23f90033204b27858d7fcecdf2fda7fe16436f21f
15c279f84f641d5e986de22c389282fe6051c0bbb086265468e861d085e6af8a
15e498c6a0d7a1eaaf98a994ed70c9980792328cb3d6fa4b22a8f94acf0ed55f
19f56741cc6a31530c12cd5692f84876fc05a4600321bb3e65f275ba7d3966b2
1a7a7014cb3e7f819840aa93f9172df83a58f9fe1dfd9ee588153f7ee3060de0
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
200d6b6e8ea6eb3c0514c9180b13128d7ad60dd45c8c04a7666e47c7e93f1da4
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2123e5ea1ef093069cf54eee5341feb955d2451f4f91bfabc085a54cfbdf57c8
2182c5ff2c9e56010abf84dfc9e05dac7cefa161b3403fccd0df11cd9e229d76
21fe7527316643765d03e1a71683eb0d9941cbafcbae387dd443880d5612ff7b
226f0a46aff466d696a7000a2793d3276b5e8acf0646aa8980f1a2c1399632e4
22de215ff4819802558e679dd97f2d580220f34488a6c8b99a7459b2ca480ad9
256de1accbccc4ffee65cf0ae6ddda99d1a056e669ddb390c959b942df9a5358
2598a74fe130bfb900902a82627209d82e45d11df3e01616d38edf64a685ac71
264476b16bf8e29c3463bfa310dbafb1ce6e8a288dd472ac99bb336f199b9e8a
274fc3990c0aee224b66f6c672aa8e380264a026525572a6ae0579555642ac4e
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2961eb64d208756d4436899faa496f9ecec8c1a2d7d7571db4c122b7507cfb30
29f161f98f185258f4ffad8105ecec6c157ebd0cbb167cbace302eaf8377c203
2a35d6396695959c491cda13773c44ae21f5e39f7c5aaed7e3d930474907e7ae
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c1128acfce891e4b9781288eacd460e960d8e36aedbbbdd0e75d7cfb7d0a2a3
2e1e57d802f1b3dcffcff827a214f01e392d75af315fff67bdc9b77e414a2323
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
304a42663b6432a8647f20e96751774b911820224ee786d577a81425b868bcf4
3152fadc277d967f622b91151289201fd08526b55baa667d683dccc4da60250e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32571990e755f11525af6c04da32841f2cf629dc36784ae847a908e389cb9ea6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849
34df0c67d741f83bf0793fa3cb0cee89c23bec05f386a56cd2d9c738dd7736ab
3785275738631da398e9f63d787b1c4e5962c28598b120a75faba54ce124084b
3799ff2360b5bceac6732a2484468989d2d9d4552a16275241d85f9836fceaf6
37a26a1ff047dd99ff0ecaeae55f01f5c017521fb35e95b5e07281aa4d20ea85
3dcbecc590feedb5157eaedcf0b898b3db7338d0e2d76a2bd636349e91b8768b
3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd
3e9a02736a1f20143465dac4d5dc9434be27127c454901fef138129faa1e8875
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
4318d06e8c15a589c5cf3667e1fb323b90f9e1adfabd32964154addc816f6013
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43716c457b41ff7af790641d846ee62abf12521f2267a58e7b3f3058f9d43315
43c56843151414b32608f082f9269dbc49bb7d389b6f968a1ae0631ae3f29669
45d95d3cdc9ee4fb8d5ddda1ff447ed267b87e5ffbe4eb4637ef46b29d6c1f84
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479091ca5d41cbf7186f5c9afa65d7cb64b772138f90ca4a26131a3aa8602072
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49723d7242b430364fbeeb5bb1a649b21e70d753cec1a852c492f3b95b36d497
49ede72419ce8cb92c79cf3cf02c7dea540a320dc1ab74b6b8523503f2c9b303
4d89f06919f428c48f0de6d99a23b7ade372a85697474d91f97e08c5cd44b4a0
4e03559e9ac473c568fff08b9a2b72b3952a3d1341b17fe21c9d83ef7fdc66d1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2acc72b62283535ca4ba468a6f45a0d72763bb912c2fb26f0edee38d51aa48
4e537ac22ee6a69102008c0a506777c13b6dd65a593e4ca1cc769c1a0330646b
5084b924bf78a55113b2d5debed92f21e91f7abb68d8a859e7bfba8dee3a9656
522a88aa0357c11f0284531a0fc56b634b4150897fb28a9bee6b1a6ae2566557
52fdc021d2396d0b395fdc615a95b2ad655fb9e4a0084b3000fd33f568205e9f
530ad6ed9a89b8408d4869ff4c4115a09a905476a88ba6181f81f4c0524fd6d3
53365de4339f9c2411e9bb1a56364597003ba69684c3d79182cbdb3eb64b6e60
53924903261f2374799878e591492cbef5bd9ab50c03780987ec7f809d47a50d
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56287867c7750100b089f894be0ca553b5d126d54d9ab9c1a1488e83c489b58d
57548ac045c29fdafb107af4ddb88551505202d72d9a5b2fe6da9f6a0cf6bae5
589495a64138f0fcec8f7bd8cb1839ab5ae92f3d004527df76107f92ce7ae029
59935adce14ab051753aa9a90e642a24383485a0e1e990007634c5f0549b3c40
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5b4379be6c753a393d775e2ea0a32f217b95df9bf779ed6f2401d06df8855b71
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5be83baf7c4f38804cd37efea974311a623129ff8bbe5debf5d1f6f504e59acf
5c191cf63432e396755d88afe56a26b745eef47b2eefcfadb7f0424b823777c6
5c5739f2e1346d3f614b7d1f9a9c190ad45af4cd024b68adf7a300f13500691c
5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86
5d5e85467b8463fbc1c3b2bd68dbc6b0f2579460ddbd9678818c584b9d1e12e4
5f0fd642c92e61819def788cd12d76e8aecf95a3a00e4d4ef9b84afbcc1e5d68
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
60ed3aa0d99f8b282f785e4f698796a7bf88ecd66bc6e05943dd007eab7a6f45
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630dac4972c6784638330e3c706032ab649e5e219c8599e10cd614d8f4c54cf0
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
638caa40d39dec20d95e4119187482e3c5939616252d96ded196b05c2e1cfc27
64f77a13c6e6d3adce340a06f37c55054d9cdd48cb1d9347943749592a2a565e
65f8929cd63d071002ed17a9a3fe38fab0d397b4d99ec4818eb7abc71bc88f4c
6687c45fd1f31595ff764dad6635e47a52b29db413972a004ee60467bad988d4
67f58b4b2345b186eeec4aed03c134b51e3630f3792a9e89da9d6335ed90ad46
697fc6e78efc50101b89b7dd47ec1e43db00401bec24b1aacdfb88e8830b277f
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6e17b4a5facd2b7c10a9a42d1c8d4fef7003ddb0cf06bc40d85ec8039276e5c5
702ecd49a02e24f6a8cd90db757f3da97673e55f9d64a5bd97de20c99921e440
70410df812031cfc16890972a8f8e9b16cce7bf7808a53e4f44ea4bbdc187841
70d436e96cfd75a3b239377d9354ac1a0a67973f091504d6cedb2678337382b0
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
765e7c90f89e39cfd2d8c9436caf442c3358c85ad8ff6d0d5ffe13dc027c9fb9
778a9fc5bb31da800289fda49c19cf37364b39f8a42cc2e4ab7e312d302eb07e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d36ac69026b5b4d0efdcbc8692bfd9d71053787c1aee198a9d9862e08bab12d
7db7cedb24e2894f1941c5ed1d69e6bcb1e1e6e85dd1f13022c56e99222258b2
7e233b50793fa7439ab4d682ca26652341687d50278fc435f4878706812c2dda
7f059a0a14d2493455865cdde3744d313a17b8f98c0687bb45dd987fb2e2ba21
815ffd14ae0abede175466ce81cee26227f6352b47f382cd5c3d7390fedc5fe2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85800324821387ae57cec44b39b9c97793017da3102d141abf239923a7b3ff6a
8c3d3f8f234c097ceffd6fa4f04eb721a627e0149d07e68125f318b1be1bb841
8d2cc473dcbdd44a49bcec25ba1da65e3dfd5886b994a3bf8ec1f7f25c5e0d4f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
921e931d131b3e5df4cd700f147992c745398d7503938a1e73742fc0642a0a22
921f30e907d2259006afcd16b30238c61d0f2cecb1e168cfdcda3f65be71de0f
92f729f856cd253bf7c2b3d428ac9bb0a701c03cf3d20bf214e307868f1bf60e
938a9c7e1e16b5886b718ac1435d95276e98181319abc73676f93e96d4b3853c
97454fe5bf4c08fcc5193ef40585b8f433c4c3e0e67d18a1247dd38eb4d56a08
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9b9233c0c01ce219c102432f8da76d92d40bee603d575e238540da05da0ad17c
9d696bbfeadc510faaf25576c8739957aad8871da90b0de819e42a009b200280
9e87d7ef2d6dfdac8ccdb583cb5b61bd5e184491ffcfea17095ee0f8f0f20bca
9fd385518e7dbb2f357a724c3124f34ae124e847fbc3677e5250f73d3067d033
a07883d912aa9688b01fafb187ca56ac71649839fa7640c64030ede9a8a168f8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2108a98309ea936244b711b68b758be0278500e047a5200d1eca370c65e6f38
a25b209d049367e6a3786a34317b493a31c8eec591ad4704dfdec411834e4d18
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2e5747806978bae9098dc75903a52aafaaa9a4785a59b1f286cbec54dac24aa
a4e04261953be1e436b94f5def88ea6b2bf5b505b2b7a20481b6802c88a21fb9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a572de592a0e3abc43227fee637abc8367628fb98eed4a35982a2be6a5ea8c7f
a676f0f967826cefe6759dd370fc455ef7d7fe077f6de37a84aeeeb345c4404e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8047cb955dd5cd8f4f978d1ef9191416f555556f8e54fe200e3e542b267dea5
a874a8762a3915fc7771ff580f8c9525370baff8b8d86c27dc3a79c00acbf65d
a89b95737b1306fe4aa41298112a7fb4f7d2a5a256dcd4d696665d53386b07d9
ac53dfbb8f4ae4c12eacb1797f392ca48b5386307e5004129352a8a4a47d46ec
ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e
accc6308a39008364e869ed50d65eddcfe69e8166e11b095a6010177fa3daa55
ad7e0a948ed63a452e64937355c5007aebe6bd7df62919d5f56753179c6efd39
ade73d875348d5e8ce1cb2a9f5e022f195a1d6ffefd7ce9ff9234104e87b6002
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af52f89de677559b5bf4f8c03923dfad580b6a8f7f3919f0d0b5b8e81b870e90
af621d3904e2ad51595be79fbc99669954c1e13a13a8bd12fd18fb325cea7357
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b085e3451c5c297d21e6911304fbfc045ec67a38adb9fbf05140c2065d4e8a06
b1317f67326ee69fe2476fe7e40f8a7e75297de33f5612152449c530309ec8c9
b2433f355ba323c3da4df823842ffe5718b04ed1e7b6d28d663d41fb75f3af28
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b3ed248cd26774bf8f5deaf78d58087e66af646973c8adb242549b6bb5388000
b6412e5417cdbd4dca9641435a4ab8170029775179ba86b313265584e4b956e5
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b947a3efe23b4827fa6e4f7c6c0364baa2f66d27d0eb8074d5ab36380876e952
b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163
bab7212aa4415e794f5eabb42c1987580aa7510410c15e0735e7729d935a65b6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfce57d3c8d953073cdade8c841855e10702183247b3196023a416fabc88175
bc0dbe8740c60bb1d4ff87e26edef798c6585a6f63dd16ff45336e923c82ce74
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf08944c2e2a9fea15a39970456f973da7e6ef177bdc53623fb36be8e4eb5220
c078330507ba1bedaa58f6cca210a4f93b69b4051cdea575eea5327238011fce
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c8a13e0c4ce4a173af750de90c0befb1e704be00b426caeaf8c759a950223004
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c977074577b6caa6d4122af45c4872d15a35036e9f71ac7573b5fc6747a29f41
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
cdfa911703e5056cdc4a3c3e41d052ad91834c2c2bfe5aefa2825c74b23c94c9
ce43f03b56782b3ffd8c77b0747cd1f19b9ca3c65cf6e1f07204d94e085314c1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d47ad3140491f0fe7774be2b7d39e5bc95e68b782b43319b066a3e2071aa458b
d4c468a2f4f47b4cda64d2d1fab4656d83cada21e18593f8e9d0072b885b8760
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5a428f06763ba3f25baea95edeb6f3abe9a5e9c484cf8acadc29c2e1a86889d
d6679c3f99b1adf98fb2a3219971283a30387824afccc722f40f87b9e6c0ee09
d75561e1329acbfb10dd90ae27ac97aac6d6081e89700a8eaba0ae5ab0156c5f
d8425d22c7eef338c65de5909e35350e94a6f4428581529c1b4b4b2b0fa6875d
d9434bd4aeacea087c853ff8b23bae2c2b156b1dcca499953ffbc11bff052802
dcc156f774f770c9969f60f278f977ce3a561b5927bf0acb682f4834e1729c3c
ddf85037fd1f04c4684ed0357cf80a71a3c4aa19049bfccdaec678b4b18dc8e2
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
debc5f552e0c20c75af46dfa773004dc95515cbe1d12b7915a883e33660cddd0
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e01c687abadb8e1a8528b106ba9a557bf45cc48ffb4368579fcc03936be5048b
e0649a00dad6af4a0014e343e7d17a7f4984ebef0f547ae7cc35e12d15fb6304
e24304409ddf347d7e017305d54c2c3036bc4805bf4fa592756bfe77593e93fc
e2c1eb8482e22461a701c3fee3060d9de0183f66a348caa3e9892e6058ca745d
e31bbaa9086f9dd823b3dc2b3aab549701b2400dea0f275f78761af2e1d54900
e398fb91ecf10737fbeb78d00f35deca8ef2a37ca842b735ca13f8ebb17b7708
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e600cb67c14e4654304b251afdca6c1c5581fd31aa9d792424a7980ac93b9dee
e63dca0bccfdf8f1df6c58a3752d898c7a63f7543239d553d3128285550038a2
e7115be84295b6f18a4c37c441e57afb53a1a5375b2a8501fab600e75a8661d9
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ea02e74f4cc0978541ab277012e20cbcdd10680e144ef461bdc1bf81f95b7a03
ea257c39c1244f7aaa2354d6834e69cb97c0c1db75c202c45603062b38154795
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb922d8aa175b8fe481c695f4fb7e741c8eb665ef7469c305d2d4414a5e2d678
ec30f1f2cd0f3af363facf9654b5a4089880dd8f2715671dfe4b389cbacc8cdd
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1fa25b906c506f3be14737271fb409da90ad30bf0b1c0ff6961f45f21a02dd
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f01a25d36de0a8d3afc3349a22416fa9a7c0c75399d2b5717b1272aa91d349ae
f04b275fa522860f01cfed831fb46464fe9bf64fb8d7556eb4f2218095ef6bc6
f27360f451c0fd1826de4e342771a14c313b3df558d51bd8d63feb7744d65663
f341d0cce4233ca3dc0393ae59d721f74140e0755aa4d9e21638511f04468e1e
f3b9ef807d3988e8ce73d3012e2f19cab12503a411c79719959f42cb8728f566
f428c56db3bdf5dfc36a724bcf670f41139ef25f3aaf2fa024167542e3250145
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7c7cce66953f74b522c42302738a76575ba2ae2214b96a01e07626d0397160c
faa160d275c7cf1b40190c8388ab96dc2791c0de4b80b8b84479ee3f1b64e3c4
fb7f2593358e504e72f4a6b60dc384330f0c5b1f4efd593cd611422a0be98c92
fc52b080dcc74323bd7fb32e3425d39724dacdc1e3165d9df45bc44866416c3c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876