urlscan.io logo urlscan.io
SecurityTrails logo

says.com Open in urlscan Pro
2606:4700::6812:1917  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://says.com/
Effective URL: https://says.com/my
Submission: On June 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 8 countries across 47 domains to perform 234 HTTP transactions. The main IP is 2606:4700::6812:1917, located in United States and belongs to CLOUDFLARENET, US. The main domain is says.com. The Cisco Umbrella rank of the primary domain is 231760.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.
This is the only time says.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a02:26f0:310... 20940 (AKAMAI-ASN1)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
4 2a04:4e42:600... 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
2 108.138.36.46 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 23.32.184.192 16625 (AKAMAI-AS)
4 2a03:2880:f03... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 92.122.97.233 16625 (AKAMAI-AS)
4 18.155.129.81 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 54.229.86.74 16509 (AMAZON-02)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 162.19.138.118 16276 (OVH)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
2 35.190.39.111 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:237... 16509 (AMAZON-02)
14 2606:4700:7::... 13335 (CLOUDFLAR...)
1 146.75.116.157 54113 (FASTLY)
1 2600:1f16:d83... 16509 (AMAZON-02)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 178.250.7.13 44788 (ASN-CRITE...)
6 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
27 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
3 2a03:2880:f13... 32934 (FACEBOOK)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 34.236.209.240 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
1 13.209.159.148 16509 (AMAZON-02)
19 2a00:1450:400... 15169 (GOOGLE)
3 20.122.63.128 8075 (MICROSOFT...)
4 142.250.186.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 74.125.133.157 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 43.200.40.244 16509 (AMAZON-02)
1 2 211.249.220.158 7625 (DAUM-AS K...)
1 142.250.185.226 15169 (GOOGLE)
1 103.243.202.190 45974 (NHN-AS-KR...)
1 222.230.178.132 2519 (VECTANT A...)
2 2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:401... 15169 (GOOGLE)
234 70
16    2606:4700::6812:1917 (United States)

ASN13335 (CLOUDFLARENET, US)
says.com
images.says.com
2    2606:4700:3035::ac43:a9b3 (United States)

ASN13335 (CLOUDFLARENET, US)
policy.revasia.com
5    2a02:26f0:3100::1735:28c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
4    2606:4700::6812:16f3 (United States)

ASN13335 (CLOUDFLARENET, US)
pcto.revmedia.my
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2a02:26f0:3100::1735:28b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
4    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
7    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    108.138.36.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-46.muc50.r.cloudfront.net
tags.crwdcntrl.net
4    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    2a03:2880:f03d:1c:face:b00c:0:3 (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2600:9000:225b:8600:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
5    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    92.122.97.233 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-97-233.deploy.static.akamaitechnologies.com
static.dable.io
4    18.155.129.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-81.cdg52.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
2    54.229.86.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-86-74.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
5    2606:4700:20::681a:c52 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.skypack.dev
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
8    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2600:9000:237d:8e00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
14    2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)
says.api.useinsider.com
segment.api.useinsider.com
assets.api.useinsider.com
eitri.api.useinsider.com
locationv2.api.useinsider.com
log.api.useinsider.com
hit.api.useinsider.com
image.useinsider.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2600:1f16:d83:1202::6e:5 (Columbus, United States)

ASN16509 (AMAZON-02, US)
c16d-35-240-187-111.ngrok.io
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2606:4700::6812:101f (United States)

ASN13335 (CLOUDFLARENET, US)
heartbeat.mediaprimaplus.com.my
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
4    2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
27    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
3    2a03:2880:f13d:83:face:b00c:0:25de (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    34.236.209.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-209-240.compute-1.amazonaws.com
ping.chartbeat.net
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
1    13.209.159.148 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-209-159-148.ap-northeast-2.compute.amazonaws.com
api.dable.io
19    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
8    2a00:1450:4006:809::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    74.125.133.157 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net
bid.g.doubleclick.net
2    2606:4700::6812:1f22 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.revid.my
1    43.200.40.244 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-200-40-244.ap-northeast-2.compute.amazonaws.com
r-log.dable.io
2    211.249.220.158 (Korea, Republic Of)

ASN7625 (DAUM-AS Kakao Corp, KR)
analytics.ad.daum.net
act.ds.kakao.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
1    103.243.202.190 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)
cm-exchange.toast.com
1    222.230.178.132 (Bannaguro, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
cs.gssprt.jp
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
4    2a00:1450:401e:28::6 (Ireland)

ASN15169 (GOOGLE, US)
r1---sn-4g5ednsr.c.2mdn.net
Apex Domain
Subdomains		 Transfer
51 googlesyndication.com
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
310 KB
22 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
stats.g.doubleclick.net — Cisco Umbrella Rank: 124
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359
bid.g.doubleclick.net — Cisco Umbrella Rank: 807
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
306 KB
16 says.com
says.com — Cisco Umbrella Rank: 231760
images.says.com — Cisco Umbrella Rank: 330995
904 KB
14 useinsider.com
says.api.useinsider.com — Cisco Umbrella Rank: 831822
segment.api.useinsider.com — Cisco Umbrella Rank: 16535
assets.api.useinsider.com — Cisco Umbrella Rank: 21296
eitri.api.useinsider.com — Cisco Umbrella Rank: 20572
locationv2.api.useinsider.com — Cisco Umbrella Rank: 17365
log.api.useinsider.com — Cisco Umbrella Rank: 23095
hit.api.useinsider.com — Cisco Umbrella Rank: 14528
image.useinsider.com
250 KB
12 gstatic.com
csi.gstatic.com
fonts.gstatic.com
63 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 107
region1.analytics.google.com — Cisco Umbrella Rank: 2890
www.google.com — Cisco Umbrella Rank: 3
ampcid.google.com — Cisco Umbrella Rank: 2322
3 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
gcdn.2mdn.net — Cisco Umbrella Rank: 1161
r1---sn-4g5ednsr.c.2mdn.net — Cisco Umbrella Rank: 429845
4 MB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
42 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1007
c.clarity.ms — Cisco Umbrella Rank: 1573
p.clarity.ms — Cisco Umbrella Rank: 9135
27 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80
imasdk.googleapis.com — Cisco Umbrella Rank: 495
263 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 4835
ampcid.google.de — Cisco Umbrella Rank: 52867
1 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 600
p.typekit.net — Cisco Umbrella Rank: 783
80 KB
5 skypack.dev
cdn.skypack.dev — Cisco Umbrella Rank: 41469
41 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
372 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 160
5 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
225 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
164 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1019
bcp.crwdcntrl.net — Cisco Umbrella Rank: 952
31 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
60 KB
4 revmedia.my
pcto.revmedia.my
2 MB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
234 B
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1719
mab.chartbeat.com — Cisco Umbrella Rank: 2578
34 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2114
7 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1383
google-bidout-d.openx.net — Cisco Umbrella Rank: 1387
654 B
3 dable.io
static.dable.io — Cisco Umbrella Rank: 23168
api.dable.io — Cisco Umbrella Rank: 20701
r-log.dable.io — Cisco Umbrella Rank: 23981
37 KB
2 revid.my
hb.revid.my — Cisco Umbrella Rank: 212908
454 B
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1538
315 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 839
id5-sync.com — Cisco Umbrella Rank: 434
25 KB
2 revasia.com
policy.revasia.com — Cisco Umbrella Rank: 421352
3 KB
1 gssprt.jp
cs.gssprt.jp — Cisco Umbrella Rank: 16768
82 B
1 toast.com
cm-exchange.toast.com — Cisco Umbrella Rank: 7607
627 B
1 kakao.com
act.ds.kakao.com — Cisco Umbrella Rank: 19513
491 B
1 daum.net
analytics.ad.daum.net — Cisco Umbrella Rank: 19260
568 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1290
201 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 246
740 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 721
395 B
1 t.co
t.co — Cisco Umbrella Rank: 504
377 B
1 mediaprimaplus.com.my
heartbeat.mediaprimaplus.com.my — Cisco Umbrella Rank: 216356
39 KB
1 ngrok.io
c16d-35-240-187-111.ngrok.io
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 768
15 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509
2 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 583
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1553
8 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
7 KB
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 547
150 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1123
7 KB
234 47
Domain Requested by
27 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
says.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
says.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
12 says.com 2 redirects says.com
static.cloudflareinsights.com
8 csi.gstatic.com imasdk.googleapis.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
7 securepubads.g.doubleclick.net says.com
www.googletagservices.com
securepubads.g.doubleclick.net
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
6 region1.analytics.google.com www.googletagmanager.com
5 www.google.de
5 cdn.skypack.dev says.com
5 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.googletagmanager.com says.com
www.googletagmanager.com
static.dable.io
5 use.typekit.net says.com
use.typekit.net
4 log.api.useinsider.com
4 r1---sn-4g5ednsr.c.2mdn.net
4 fonts.gstatic.com fonts.googleapis.com
4 imasdk.googleapis.com 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
4 googleads4.g.doubleclick.net says.com
googleads.g.doubleclick.net
4 images.says.com
4 www.google.com tpc.googlesyndication.com
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
4 googleads.g.doubleclick.net www.googletagmanager.com
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
pagead2.googlesyndication.com
4 sb.scorecardresearch.com says.com
4 connect.facebook.net says.com
connect.facebook.net
4 www.googletagservices.com says.com
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
4 cdn.jsdelivr.net says.com
securepubads.g.doubleclick.net
4 pcto.revmedia.my says.com
3 p.clarity.ms www.clarity.ms
3 www.facebook.com
3 says.api.useinsider.com www.googletagmanager.com
says.api.useinsider.com
2 hit.api.useinsider.com says.api.useinsider.com
2 gcdn.2mdn.net 2 redirects
2 hb.revid.my heartbeat.mediaprimaplus.com.my
2 bid.g.doubleclick.net imasdk.googleapis.com
2 fonts.googleapis.com 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
2 s0.2mdn.net 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms says.com
www.clarity.ms
2 static.chartbeat.com www.googletagmanager.com
says.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 tags.crwdcntrl.net says.com
securepubads.g.doubleclick.net
2 policy.revasia.com says.com
1 image.useinsider.com
1 locationv2.api.useinsider.com says.api.useinsider.com
1 eitri.api.useinsider.com says.api.useinsider.com
1 assets.api.useinsider.com says.api.useinsider.com
1 segment.api.useinsider.com says.api.useinsider.com
1 cs.gssprt.jp
1 cm-exchange.toast.com
1 cm.g.doubleclick.net
1 act.ds.kakao.com
1 analytics.ad.daum.net 1 redirects
1 r-log.dable.io static.dable.io
1 api.dable.io static.dable.io
1 google-bidout-d.openx.net oa.openxcdn.net
1 ampcid.google.de www.google-analytics.com
1 ping.chartbeat.net
1 c.bing.com 1 redirects
1 mab.chartbeat.com static.chartbeat.com
1 analytics.twitter.com
1 t.co
1 ampcid.google.com www.google-analytics.com
1 mug.criteo.com
1 heartbeat.mediaprimaplus.com.my www.googletagmanager.com
1 c16d-35-240-187-111.ngrok.io www.googletagmanager.com
1 static.ads-twitter.com says.com
1 id5-sync.com cdn.id5-sync.com
1 adservice.google.com securepubads.g.doubleclick.net
1 static.dable.io says.com
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdnjs.cloudflare.com says.com
1 ads.pubmatic.com says.com
1 p.typekit.net use.typekit.net
1 static.cloudflareinsights.com says.com
234 80
Subject Issuer Validity Valid
says.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-26		 a year crt.sh
revasia.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-26		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
revmedia.my
Cloudflare Inc ECC CA-3		 2023-01-25 -
2024-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-31 -
2023-06-29		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-05-28 -
2023-08-26		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
static.dable.io
R3		 2023-05-02 -
2023-07-31		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
skypack.dev
GTS CA 1P5		 2023-06-08 -
2023-09-06		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
useinsider.com
Cloudflare Inc ECC CA-3		 2023-01-25 -
2024-01-24		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.ngrok.io
R3		 2023-04-27 -
2023-07-26		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
mediaprimaplus.com.my
Cloudflare Inc ECC CA-3		 2022-07-31 -
2023-07-31		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.dable.io
Sectigo ECC Domain Validation Secure Server CA		 2022-11-17 -
2023-11-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
revid.my
Cloudflare Inc ECC CA-3		 2023-01-30 -
2024-01-30		 a year crt.sh
*.toast.com
Sectigo RSA Organization Validation Secure Server CA		 2022-06-30 -
2023-07-31		 a year crt.sh
cs.gssprt.jp
GeoTrust RSA CA 2018		 2023-01-06 -
2024-02-06		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-06-13 -
2023-08-22		 2 months crt.sh

This page contains 17 frames:

Primary Page: https://says.com/my
Frame ID: 3869752DFFE8CE5EA1406CE8D215C425
Requests: 142 HTTP requests in this frame

Frame: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FC2773D97E0516518637670CF20DCDB7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=says.com
Frame ID: 3EC87B9546B0D19247B598DDDD57BE62
Requests: 2 HTTP requests in this frame

Frame: https://says.api.useinsider.com/worker-new.html
Frame ID: 185682AF144F3D4753F4B28AF7ADE6DB
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 3668D3E5413B05C08789712E6F0F7652
Requests: 1 HTTP requests in this frame

Frame: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C7A35B4021C58906701C8E9F0E765716
Requests: 19 HTTP requests in this frame

Frame: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA36E968EEB3D8A23FFD86072AA96000
Requests: 13 HTTP requests in this frame

Frame: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4EB45C6A42C4A8176FBE5D7DD3455FA5
Requests: 19 HTTP requests in this frame

Frame: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74A4A7C74AF5CAF365F0869BE8187AB2
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPxZBCT7Z4BGMnszewBMAE&v=APEucNUZW0LzLSINeL9JXztozq6uKBaw4lYXI58la4LU6LIwY2AC-wccio0owiJ0674QhTZQ1ORRPvdi8N3fvDAiEMKBszspdg
Frame ID: 1797FB83FC61277CF5DAA6F2C167D092
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLHVxd0BMAE&v=APEucNXX9CYGQfshZb49NZVAQqu9ycU2Ti58IJGsjwvXYUB7AlugiEzlJ1LAf4XnbSbsfiW0Oy9QvHliAp6_0RQWFiS6GsWlKg
Frame ID: ED5FE57FD2BA2AB7C1FC3E326AD697AA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D64898336E804898758D4BAEDC76960E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3BB9BF7375EC6609462EDE5A10AD87E6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 365AD363BF02FC7358A104EBC6E5662F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C65B40E8DB0136E09E3F23DC20AF639F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 330069FA3A86619377A332DAC39325B1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6EAB5B1AF9620528782FB01DD94D91F5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SAYS - Creating content for Malaysia’s social media generation

Page URL History Show full URLs

  1. http://says.com/ HTTP 301
    https://says.com/ HTTP 301
    https://says.com/my Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • api\.useinsider\.\w+/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • (?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

234
Requests

97 %
HTTPS

63 %
IPv6

47
Domains

80
Subdomains

70
IPs

8
Countries

9723 kB
Transfer

15451 kB
Size

44
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://says.com/ HTTP 301
    https://says.com/ HTTP 301
    https://says.com/my Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsays.com%2Fmy&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsays.com%2Fmy&rid=esp&cc=1
Request Chain 68
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=says.com&sn=ChromeSyncframe&so=0&topUrl=says.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=yEFpo3xvQkhzVW8vRzVJeGMwcEpndlhCUVkxdm1aTWw4bDk3QTcxakE1NVVORHZ0a09uYTVFSTBuSVE0dk9yV2E3MUc3SXlMbm1rdzVuMFE0bExUOGNoTFhCMFViYlNXRDFsSUQxNFpFdk81bExWbXBXWnFpUEJUanlaenI0TzdUL2w3amxzYW9rajVWb1FuMWVIM0VUQnVZOHdNeVZjaHc0ZGJJVGVXdW5ES001TElYWXl6Ukc4T0lsRStKWFI5UnVhaGQzSmJJSE9CUHphRStXZ1c4S2RzWGxtTDRSa2tDRk1QcVFaOExOd0pMbnBOYnZHM2N2MVNJbFZoZ1hGaHk5STRObjNUYlNTcVVkQlNFNHVaeC9CdE9Ldz09fA&cppv=2
Request Chain 92
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A73A2B1216494A08B2DC4A292F710D69&RedC=c.clarity.ms&MXFR=2611743E60C26E5D05A7670664C26051 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A73A2B1216494A08B2DC4A292F710D69&MUID=276190A5D3446319236A839DD2CF622E
Request Chain 180
  • https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000 HTTP 307
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230622%22,%22u%22:%2200000000.0000000000000%22%7D%7D
Request Chain 188
  • https://gcdn.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1273CB8CBDAAEBD29024DED2BE66C324BE3266D0.AFBFF6D8D6A9D252605A3FC12DEE932AED8D8DC6/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3C9316C251924C98C1199F531D851685F3A136A3.22892B248884BDD99EF5E81E90A4341677768DD4/key/cms1/cms_redirect/yes/mh/nD/mip/2a01:4a0:1338:92::3/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1687440970/mv/u/mvi/1/pl/36/file/file.mp4
Request Chain 192
  • https://gcdn.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/9A2BDEFCC8ADD5530CEEF9D3EC1ED06F257178CF.42C712DD0C10B731E4CFE13B4E81C0F58AB205E9/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7543D530228858F2A05573FFC5F6E29F63B46450.517C2A031CEB7D7CF20A1B60822D6D5A8ACAC3C1/key/cms1/cms_redirect/yes/mh/nD/mip/2a01:4a0:1338:92::3/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1687440970/mv/u/mvi/1/pl/36/file/file.mp4

234 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request my
says.com/
Redirect Chain
  • http://says.com/
  • https://says.com/
  • https://says.com/my
56 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76d3becc6af6d4d98d42f0847e9c93d00099ead96869d101ff1ac3015db0844c
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; connect-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; font-src 'self' data: https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; frame-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; img-src 'self' https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; script-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; style-src 'self' data: https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7db50dde58821e32-FRA
content-encoding
br
content-security-policy
default-src https: 'self'; connect-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; font-src 'self' data: https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; frame-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; img-src 'self' https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; script-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; style-src 'self' data: https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com
content-type
text/html; charset=utf-8
date
Thu, 22 Jun 2023 14:06:50 GMT
expires
Thu, 22 Jun 2023 14:36:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
status
200 OK
strict-transport-security
max-age=631138519
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
c17728a3-507f-4429-bad9-56e280e910fb
x-runtime
1.171553
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7db50ddcde641e32-FRA
content-security-policy
default-src https: 'self'; connect-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; font-src 'self' data: https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; frame-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; img-src 'self' https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; script-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; style-src 'self' data: https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com
content-type
text/html
date
Thu, 22 Jun 2023 14:06:50 GMT
expires
Thu, 22 Jun 2023 14:36:50 GMT
location
https://says.com/my
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
status
301 Moved Permanently
strict-transport-security
max-age=631138519
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
7bd72df3-20f5-4074-905a-c55dd6d75867
x-runtime
0.001932
x-xss-protection
1; mode=block
bootstrap-9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4.css
says.com/assets/ 		154 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/bootstrap-9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4.css
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2748
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
etag
W/"5ddf9000-26643"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=30
cf-ray
7db50de018e2929b-FRA
expires
Thu, 22 Jun 2023 14:07:20 GMT
application-e44df4baa939d63f675d6d39c423d4dd31a8bd6831efd92e91cc6957d5a6ffb6.css
says.com/assets/ 		339 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/application-e44df4baa939d63f675d6d39c423d4dd31a8bd6831efd92e91cc6957d5a6ffb6.css
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e44df4baa939d63f675d6d39c423d4dd31a8bd6831efd92e91cc6957d5a6ffb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2748
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 29 May 2023 03:17:54 GMT
server
cloudflare
etag
W/"64741962-54bb3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=30
cf-ray
7db50de018e5929b-FRA
expires
Thu, 22 Jun 2023 14:07:20 GMT
cookie.consent.css
policy.revasia.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://policy.revasia.com/cookie.consent.css
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a9b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe8e5168d661e94ef9fc3ae9d3f2a5b7a02093231694e1ae0573b5be6c4215a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
603
x-guploader-uploadid
ADPycdu6x-NPflMsbtIwgyY5MLHHkEzzRmr0-bmqnLY-7tEjm3TJk_E-NGejuWgjlUG5X8-JVLV1gi0rhV8UzCCFE-BBxlcHKkbb
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Sep 2019 04:27:42 GMT
server
cloudflare
etag
W/"fc2a34ee3689be25b96a81b966bc7cd8"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1569558462623355
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=yFoefQ==, md5=/Co07jaJviW5aoG5Zrx82A==
access-control-expose-headers
Content-Type, Authorization, Content-Length, User-Agent, x-goog-resumable, x-goog-acl, Access-Control-Allow-Origin, X-Requested-With
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGXSf0NRXKl5%2FRUOORTfNoNHFzpPGlQa8JOSTFUNL0wgJsdqlBJRszv2hyErCNVhCe1c1H%2B%2FHIAqYraYyJCt%2F8%2FSPZEFy4cNtf4GImUEO6QVsNq8Oeyr1RaGwHVvXN4XRp67JEQHJzaipPAcqTAF2Ls%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1132
cf-ray
7db50de0ac403a90-FRA
expires
Thu, 22 Jun 2023 14:19:57 GMT
ner5wjl.css
use.typekit.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ner5wjl.css
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8207e7639d4d23b685b42877546eddd62dd9705488a485b246383fc9c9b615ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 22 Jun 2023 14:06:51 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1089
sto.css
pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/sto.css?=v2
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c79d1c4cd96087923670cbc2e41b8f877a0fdfb24f7b27251f45e6c3263b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-guploader-uploadid
ADPycduOtoT8AX2izWeU9sQ1cONWquRM2JyYjvhd_u0KtdZoHmmL2C6OOxI_qta2wzYOkfEvOpgwYRjxDWUYN09sP9EfJn09-Ga-
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jun 2023 12:14:48 GMT
server
cloudflare
etag
W/"1808da70fa45b0423a05ab7c5dbc95a8"
vary
Accept-Encoding
x-goog-hash
crc32c=ln40Ew==, md5=GAjacPpFsEI6Bat8XbyVqA==
x-goog-generation
1686572088646091
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
19419
x-frame-options
SAMEORIGIN
cf-ray
7db50de0d826365d-FRA
expires
Thu, 22 Jun 2023 18:06:51 GMT
says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
says.com/assets/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://says.com/assets/says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
8460
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
etag
W/"5ddf9000-86a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=60
cf-ray
7db50de018e7929b-FRA
rocket-loader.min.js
says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Jun 2023 10:17:37 GMT
server
cloudflare
etag
W/"648ae541-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7db50de018e8929b-FRA
expires
Sat, 24 Jun 2023 14:06:50 GMT
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://says.com/my
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7db50de09d0c91ef-FRA
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=ner5wjl&ht=tk&f=139.140.173.174.175.176.10444.10739.10741.17001.17005&a=526275&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/ner5wjl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
last-modified
Fri, 21 Apr 2023 14:15:25 GMT
server
nginx
etag
"64429a7d-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
typeahead.jquery.min.js
cdn.jsdelivr.net/typeahead.js/0.10.5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/typeahead.js/0.10.5/typeahead.jquery.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3dad81ae9e89995623b89e9c6f7c5c926a098f0882f66dfeb6a7bf99926c1f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 22 Jun 2023 14:06:51 GMT
age
224301
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7096
x-served-by
cache-fra-eddf8230053-FRA
etag
W/"510c-S3JXs07We2e7+mK0ogQDjPiLH0c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
algoliasearch.helper.min.js
cdn.jsdelivr.net/algoliasearch.helper/2/ 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/algoliasearch.helper/2/algoliasearch.helper.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 22 Jun 2023 14:06:51 GMT
x-content-type-options
nosniff
content-encoding
br
age
40535
x-jsd-version
2.28.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34926
x-served-by
cache-fra-eddf8230053-FRA
x-jsd-version-type
version
etag
W/"1f4ce-yhw0k44Hf5WfhCJOdgej62yDo+U"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
algoliasearch.min.js
cdn.jsdelivr.net/algoliasearch/3.9/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/algoliasearch/3.9/algoliasearch.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d03ca7f3ce7f1698643944490152dd091759abaae48a654dcb8c0e1fff69094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 22 Jun 2023 14:06:51 GMT
age
636162
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17825
x-served-by
cache-fra-eddf8230053-FRA
etag
W/"dca7-7EOIzEqVciton1p8sULUNdzPZIc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
sto.js
pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/sto.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab96b9e52cbe8650963aa8a23c6c83637e3421fa4ef6c95f495644ebe7d84de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2748
x-guploader-uploadid
ADPycdtQgCgdlVd5RcNjb7UtQg-Y2ccFbmTJB1u_-cbXg251_uffVr8WssS8N0MLF-s4V21qfXBp4Xzv3opag8z_w6gZ1g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jun 2023 09:06:51 GMT
server
cloudflare
etag
W/"426c02d18c07c61e89965f6037bfea6c"
vary
Accept-Encoding
x-goog-generation
1686560811567017
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=UBz9sA==, md5=QmwC0YwHxh6Jll9gN7/qbA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
4300
x-frame-options
SAMEORIGIN
cf-ray
7db50de5ae88365d-FRA
expires
Thu, 22 Jun 2023 18:06:51 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5301a2d7f41df0ef668b39ff04271e202844a6fa8290793b5f3bc3fe499db05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26444
x-xss-protection
0
server
cafe
etag
998 / 19530 / m202306150101 / config-hash: 4518997924861830948
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 22 Jun 2023 14:06:51 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/11139/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-46.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4cd481eb129c2435c8c8fe40472fb12ddb4f02c0806750b3a2a5a717be50e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 05:22:50 GMT
content-encoding
gzip
via
1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 19:32:15 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
31441
x-amz-server-side-encryption
AES256
etag
W/"1cfe21e693e344214a0c2498a6f1692a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
2LtdMUwL5Vgc0aWFcIu8SOPLa-YCJ8FQ0xlsO0us63pH_8ZmWMUEag==
bootstrap-70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8.js
says.com/assets/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/bootstrap-70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2748
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
etag
W/"5ddf9000-ef1b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=30
cf-ray
7db50de5ae11929b-FRA
expires
Thu, 22 Jun 2023 14:07:21 GMT
application-cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d.js
says.com/assets/ 		492 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/application-cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2748
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Mar 2021 15:22:36 GMT
server
cloudflare
etag
W/"603e583c-7b1ab"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=30
cf-ray
7db50de5ae13929b-FRA
expires
Thu, 22 Jun 2023 14:07:21 GMT
cookie.consent.js
policy.revasia.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://policy.revasia.com/cookie.consent.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a9b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bea71d07ca30415d598ea3dfbe6641f5aa63fe0414d3c27ed6bd0e89c603439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
604
x-guploader-uploadid
ADPycdvEl_KUK__z-D4z-HOH0_Nuv2jZTw1U29T_yJPzSuuzJ0HWPuJYA2bzu1JK3cDnagkn4zf53dSSm1vA-8fVIeukCQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 29 Oct 2019 04:03:50 GMT
server
cloudflare
etag
W/"bb557a5a67bcb975a3040c2daf62db27"
vary
Accept-Encoding
x-goog-hash
crc32c=9GWciA==, md5=u1V6Wme8uXWjBAwtr2LbJw==
x-goog-generation
1572321830602698
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type,Authorization,Content-Length,User-Agent,x-goog-resumable,x-goog-acl,Access-Control-Allow-Origin,X-Requested-With
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZOuxuT7e1WVsbFdCu6cm%2BLPqK%2BCuKmIyNx9CpIGZ%2BRIhJzUNJJw2TGDh65UhpKqOza6ZrCWalr9sFuAFMtSpBMAbW6YCmjtvR5OITnCk56IEYKB4C9R%2BfatFX2xLziTpkfj42AW3d6j1Rjhq%2Bn3%2BRs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3234
cf-ray
7db50de5ab2b3a90-FRA
expires
Thu, 22 Jun 2023 14:37:35 GMT
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e700adec3385a87d1a99fa9418e13d70fdcd1a55412f19fbeaf4fcb172228f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26441
x-xss-protection
0
server
cafe
etag
916 / 19530 / m202306150101 / config-hash: 4518997924861830948
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 22 Jun 2023 14:06:51 GMT
l
use.typekit.net/af/27776b/00000000000000003b9b0939/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/27776b/00000000000000003b9b0939/27/l?subset_id=2&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
407a888e655899d02d89088205b185e854860ae1d600eb91602b16df0c6a08a6

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
server
nginx
etag
"e1ccbb4a993cd81acf325a5b5760f522404cc494"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19664
fa-brands-400.woff2
says.com/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://says.com/fonts/fa-brands-400.woff2
Requested by
Host: says.com
URL: https://says.com/assets/application-e44df4baa939d63f675d6d39c423d4dd31a8bd6831efd92e91cc6957d5a6ffb6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://says.com/assets/application-e44df4baa939d63f675d6d39c423d4dd31a8bd6831efd92e91cc6957d5a6ffb6.css
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
age
1229
alt-svc
h3=":443"; ma=86400
content-length
74524
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 20 Jun 2023 06:40:50 GMT
server
cloudflare
etag
"649149f2-1231c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
7db50de5ae1c929b-FRA
expires
Thu, 22 Jun 2023 14:36:51 GMT
fa-solid-900.woff2
says.com/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://says.com/fonts/fa-solid-900.woff2
Requested by
Host: says.com
URL: https://says.com/assets/application-e44df4baa939d63f675d6d39c423d4dd31a8bd6831efd92e91cc6957d5a6ffb6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://says.com/assets/application-e44df4baa939d63f675d6d39c423d4dd31a8bd6831efd92e91cc6957d5a6ffb6.css
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
age
1229
alt-svc
h3=":443"; ma=86400
content-length
75408
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 20 Jun 2023 06:40:50 GMT
server
cloudflare
etag
"649149f2-12690"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
7db50de5ae1d929b-FRA
expires
Thu, 22 Jun 2023 14:36:51 GMT
l
use.typekit.net/af/86b539/00000000000000003b9b093a/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/86b539/00000000000000003b9b093a/27/l?subset_id=2&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ced14124fdcf5b1197ef003df3f4b4e65c5b0bd8f74138c77de429f38f278fee

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
server
nginx
etag
"7a571531ba8746780d4709c32909a81a6b90fc36"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20572
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6b2b4de8c5528c92aaf3c7aaad67bdd0714df23bbcc85c5238e02581dd21deda

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
server
nginx
etag
"2c0b6e23328e638bb18899aafbc85ad950333c16"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19372
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
72b8d224b5745db5b3c242047a76edc6e27f5868a1c01a94d90d2048f3efcf44

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:51 GMT
server
nginx
etag
"642d9266d1f9c63e0e36cec5fe51c6a1134c359a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19924
pwt.js
ads.pubmatic.com/AdServer/js/pwt/121793/1376/ 		482 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f8e49be0af43563816d9a0344daae7b4fcd5d7e6734349dee459205ec5625c48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
gzip
last-modified
Mon, 15 May 2023 02:47:54 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=146435
accept-ranges
bytes
content-length
153001
expires
Sat, 24 Jun 2023 06:47:27 GMT
fbevents.js
connect.facebook.net/en_US/ 		112 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b9d9c248d1c87f59c7f19b198c5ed7310a4bfd0f57759dd87d649b00ec9fdb5b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 22 Jun 2023 14:06:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28296
x-xss-protection
0
pragma
public
x-fb-debug
MLrpbO15bxTEw6ouzT7O9qfGFp/9PORVNwfBxkTlDM8p5URZuY5LXN/1UVLapnQ2q/T78wb3qDLF+tOflECwWw==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/my
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2409723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6646
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhc%2BNBLEuJgGglTUNG3VN31DNEa1VX%2FeiDfyPZyDOWPosr%2Fa7F%2F4jU483pkh9jvt7VzHpEEZ2uJzyBux0BDJas9Si9cQ5Jf6TU03nZK5Pe18xgs0DiydENzR73GctKawZ0h7cXDAXq%2FC41bmbjTRHd2i"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7db50de7dfcf9b98-FRA
expires
Tue, 11 Jun 2024 14:06:52 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/ 		411 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 11:09:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
10654
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129960
x-xss-protection
0
server
cafe
etag
10643696450713337328
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 21 Jun 2024 11:09:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		2 KB
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=says.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e053d1e1ddf3c48f8ae2511f83f8a7f809b9d69259d2488e144feeafd781d554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
476
x-xss-protection
0
expires
Thu, 22 Jun 2023 14:06:52 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 12:24:20 GMT
content-encoding
gzip
age
438152
x-guploader-uploadid
ADPycdsuws19q6gut2HVw5Cbtoy2R9nMFWEkfsW4j28cg71BlAh_maBVLR9J0a9wek9aI3l80Gjw2adcfLZSJ2do6Qt7pQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 16 Jun 2024 12:24:20 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Jun 2023 14:06:52 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 22 Jun 2023 14:06:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
10028
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230053-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
EYAFV55K4BXD4QAJ
age
1650
etag
W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7db50de918261907-FRA
x-amz-id-2
whWkBhGm1ASZrNS/p6BPS7n04HervMshZG7qaxgZ9WSN3A3Ln15Wm67BYkFJkBlsBofx4C+mrXI=
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
via
1.1 google
x-guploader-uploadid
ADPycds9sJbIUU0Y94VmrnBagtGk4SkNJ9s1vhyZgFbkAsTkZQrwvIHAl3CieCSgg28TY9PHt1LZ9ySy-5ULnDMzWwmdbw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
content-type
text/javascript
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Thu, 22 Jun 2023 15:06:52 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:8600:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
null
Date
Thu, 22 Jun 2023 05:58:55 GMT
Via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P1
Age
29278
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
ts2o6PGsAihVjvZcWZ2w2PsnAVxy0W3hpxt4cDMq7MKtTWrq8W_AuA==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-46.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 05:20:10 GMT
content-encoding
gzip
via
1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
31603
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
jIiJalTZ6w4WQVRt-wD0sExtxU8n3Ev7FdLB5BqIl6kmnOqwPl5S_A==
gtm.js
www.googletagmanager.com/ 		306 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56e7a7c127c402622431c23053b3fa26b28db7f7f89ba61a37ea1a77852561a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83684
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Jun 2023 14:06:52 GMT
plugin.min.js
static.dable.io/dist/ 		100 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/plugin.min.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.97.233 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-97-233.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
2a790e525c33bebd856b2b470474ea66ce6c54649c4aca6e93680c49783e4130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
MAv2vt6QicHIUKGcSLc2NgT.rE8wuVq9
content-encoding
gzip
date
Thu, 22 Jun 2023 14:06:52 GMT
last-modified
Thu, 22 Jun 2023 10:58:32 GMT
server
nginx/1.20.0
x-amz-request-id
2CMJHPJNGJ5J1BFE
etag
"25517194e8c089f0f369cf06c1c53c0b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=75081
accept-ranges
bytes
content-length
36521
x-amz-id-2
3YwbBe9EijPaHaykvGLzxNSXVFaXnEP4AO2r3dvg0U/W80hZeckh/r3l6Dpm/3CXSPw2rV7t45A=
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-81.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 05:34:22 GMT
content-encoding
gzip
via
1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
30751
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
mL-9YF2ok79K8UI7mzDje6bm7C68YXRY60aSxQ_oiqojixQGDVZwiw==
sto.js
pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/sto.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:16f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab96b9e52cbe8650963aa8a23c6c83637e3421fa4ef6c95f495644ebe7d84de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://says.com/my
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2103
x-guploader-uploadid
ADPycdtF14wNw8NyXdLRU-148qLayCNEINfmDFqJOp33sR3HQDi6q-4bjX6W0JH9hDjuQO9mYZG48mTJqUXGjIYUZCdelx_zcHc3
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jun 2023 09:06:51 GMT
server
cloudflare
etag
W/"426c02d18c07c61e89965f6037bfea6c"
vary
Accept-Encoding
x-goog-hash
crc32c=UBz9sA==, md5=QmwC0YwHxh6Jll9gN7/qbA==
x-goog-generation
1686560811567017
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
4300
x-frame-options
SAMEORIGIN
cf-ray
7db50de8ee111b9f-FRA
expires
Thu, 22 Jun 2023 18:06:52 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=says.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		274 KB
69 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=266413778548866&correlator=1675110659879966&eid=31074948%2C31075339&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fifs&iu_parts=1009103%2CSAYS_STO%2CSAYS_desktop_outofpage%2CSAYS_desktop_billboard%2CSAYS_desktop_leaderboard%2CSAYS_halfpage%2CSAYS_desktop_mrec%2CSAYS_desktop_mrec_2%2Csays_inskin%2CSays_Web_Interstitial%2CSays_Andbeyond_Pixel&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=1x1%2C1x1%2C970x250%2C728x90%2C300x600%2C300x250%2C300x250%2C1x1%2C1x1%2C1x1&ifi=1&adks=1476963904%2C1585380070%2C3455604261%2C126976903%2C205075962%2C2214189924%2C2187976013%2C1044105006%2C765343895%2C468646908&didk=2061970679~4291740601~237627309~2674120085~3857611721~1559525212~2138048209~285478599~1739545351~1763590294&sfv=1-0-40&ists=258&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0&cust_params=section%3Dhomepage%26pos%3Dlisting%26environment%3Dproduction%26Brands%3D%26tagsSays%3D&sc=1&cookie_enabled=1&abxe=1&dt=1687442812269&lmt=1687442812&dlt=1687442810874&idt=1304&adxs=0%2C1015%2C315%2C236%2C1015%2C1015%2C1015%2C0%2C-9%2C1015&adys=4713%2C4711%2C115%2C911%2C2299%2C4090%2C3231%2C4712%2C-9%2C4090&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C0%7C0%7C3%7C4%7C5%7C6%7C-1%7C7&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsays.com%2Fmy&frm=20&vis=1&psz=1600x4712%7C400x3843%7C1600x313%7C770x90%7C400x3843%7C400x3843%7C400x3843%7C1600x4712%7C0x-1%7C400x3843&msz=1600x0%7C370x0%7C970x-1%7C728x-1%7C370x0%7C370x0%7C370x0%7C1x-1%7C0x-1%7C1x-1&fws=0%2C4%2C4%2C4%2C4%2C4%2C4%2C0%2C2%2C4&ohw=0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0%2C0%2C1600&ga_vid=281384666.1687442812&ga_sid=1687442812&ga_hid=1865468640&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYwdq3m44xSABSAghkEhkKCnB1YmNpZC5vcmcYwdq3m44xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMHat5uOMUgAUgIIZBIXCghydGJob3VzZRjB2rebjjFIAFICCGQSFAoFb3BlbngYwdq3m44xSABSAghkEhkKCnVpZGFwaS5jb20Ywdq3m44xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjB2rebjjFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81150896f16cea7524287f2fc9088553ac8469a0d094356dc1c1dfbe9ce41a7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70587
x-xss-protection
0
google-lineitem-id
-2,-2,-1,-1,-2,-1,-1,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-1,-1,-2,-1,-1,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://says.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC27 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://says.com/my
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 14:06:52 GMT
expires
Fri, 21 Jun 2024 14:06:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c06a55d3d62d6ee014e4a184baa5631320cb1d5768dcf3b6b3b1671c3337eae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 21:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
61416
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13110
x-xss-protection
0
server
cafe
etag
10981769863807075850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 20 Jun 2024 21:03:16 GMT
169284420317900
connect.facebook.net/signals/config/ 		376 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/169284420317900?v=2.9.108&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5aca048656ddd794fc94bdd18209073e12d2f7bbc63c18efc431ac9376e0632a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 22 Jun 2023 14:06:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
sSKNTIbwgZedwxv2hQJOtdnVLGqIvWWjsVwDpm7sKyq1MgVm8eDvS89jQ0F6Reiufr41XZJN6ypvvRcZh+ouyA==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
data
bcp.crwdcntrl.net/6/ 		60 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.86.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-86-74.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
58eac2409ac9874ccf4f8b51bc6e55f0ff315d1f511be42785ce85fc4849e444

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://says.com
cache-control
no-cache
x-server
10.45.25.221
access-control-allow-credentials
true
content-length
60
expires
0
map
bcp.crwdcntrl.net/6/ 		60 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.86.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-86-74.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a094fd5f349ad0ec442ca3349e6f253958eeee9211168a636e9ab9bf72f90288

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://says.com
cache-control
no-cache
x-server
10.45.26.218
access-control-allow-credentials
true
content-length
60
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1348466162207cad88b69aa63979034c54685aec12c5d13e831b7065519ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26444
x-xss-protection
0
server
cafe
etag
718 / 19530 / m202306150101 / config-hash: 4518997924861830948
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 22 Jun 2023 14:06:52 GMT
Draggable.js
cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/ 		465 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/Draggable.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256de1accbccc4ffee65cf0ae6ddda99d1a056e669ddb390c959b942df9a5358

Request headers

Referer
https://pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/sto.js
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYR7JJHsnOSBSU6TQLX5J1Er5TZg5cEYaOvcOufnAOgF%2FCBNlCXXuqjpGabNN3Wcmo06GDCx36%2BshL3oUvPWU%2FCcpSNFetmLvuY5hsz3fASK5UpPHx0d8UaH8HM046GA%2FTaOfIXLYUDSUe1DAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=31536000
x-import-url
/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/Draggable.js
cf-ray
7db50dea0ed31997-FRA
alt-svc
h3=":443"; ma=86400
gsap.js
cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/optimized/ 		305 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/optimized/gsap.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b9233c0c01ce219c102432f8da76d92d40bee603d575e238540da05da0ad17c

Request headers

Referer
https://pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/sto.js
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MminZ8ZsUseaJnchTFFEOtqMygc6D0eoeWPwQa9Tl9L%2F6OwnDw7spAjXtmroTcRJW2UKDNGGpnuWBBHeSKNAjPjUYavO1r7LnpANo6wZXb7S%2B3vTucLyirN3y39NmQOxGILKHzNPGM4%2BucVXPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=31536000
x-import-url
/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/optimized/gsap.js
cf-ray
7db50dea1ed51997-FRA
alt-svc
h3=":443"; ma=86400
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsays.com%2Fmy&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fsays.com%2Fmy&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fsays.com%2Fmy&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
fdd7484124391aa4b62cc73fc68831ebef65c20608d8f5f1d485a6a19bc20491

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-3IYNIvROnggAATnyONRhp61cwaU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://says.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 22 Jun 2023 14:06:52 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://says.com
location
/esp?url=https%3A%2F%2Fsays.com%2Fmy&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://says.com
date
Thu, 22 Jun 2023 14:06:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame 3EC8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=says.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://says.com/my
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 14:06:52 GMT
server
Kestrel
server-processing-duration-in-ticks
253196
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034955&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687442812444&ns_c=UTF-8&c7=https%3A%2F%2Fsays.com%2Fmy&c8=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-81.cdg52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
via
1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CDG52-P4
x-amz-cf-id
b8IE5I8Zt103qQXVh3RRGFo5Hud0iEd3eyl5gFH5iYOzYX2bkC0IQQ==
x-cache
Miss from cloudfront
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://says.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://says.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 22 Jun 2023 14:06:52 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
463b785e313d7d033288feb098a17505
encrypt
esp.rtbhouse.com/ 		221 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
fe3c54e1f5d601927b3a7f42697ba0de2f8a80e055f55b6001412f8fb02955f8

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
e5cf6490986c2144bd9f7bd4f8b5102d
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 22 Jun 2023 13:04:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3731
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 22 Jun 2023 15:04:41 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/830366072/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830366072/?random=1687442812496&cv=11&fst=1687442812496&bg=ffffff&guid=ON&async=1&gtm=45He36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fsays.com%2Fmy&hn=www.googleadservices.com&frm=0&tiba=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf9a7bd0d1f8dd577caf130232ada8bb215ac2f278fd31aebe6521ddea1fe47c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_mab_image.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab_image.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:8e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 02:41:49 GMT
content-encoding
gzip
via
1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
MUC50-P2
age
41103
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
yvVRWEaArQGKkGhwkRl9TVq4tN7Bppfb0N9hg2bOW6_qNsjf4enhVg==
expires
Fri, 23 Jun 2023 02:41:49 GMT
ins.js
says.api.useinsider.com/ 		448 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.api.useinsider.com/ins.js?id=10002153
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a95cc97c0c446becb8c554a77cb3d6828c7f257d92c6aad183450148f3b13d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
GO3eB.Z04qkHUlyefyf.blyKhbzoGNYJ
cf-cache-status
HIT
x-amz-request-id
WTP1A425S6J57S24
content-encoding
br
x-amz-id-2
nE6nSQ3tnRmqeVca/b2wZqoc4hyKund0iXLiYPRn1ZXzjTW3bflnqmVU37CdIZa9F5p/RnF6X18=
x-xss-protection
1
pragma
public
last-modified
Thu, 22 Jun 2023 11:55:33 GMT
server
cloudflare
etag
W/"a797e06467e1aff9d711156f5d924faf"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7db50deadad99a1d-FRA
expires
Fri, 23 Jun 2023 02:06:52 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-81.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 05:34:22 GMT
content-encoding
gzip
via
1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
30751
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
ptJYuhM2LAoTSdqbOt7SFlmAahZZA7rERuNfpNnw0wDc7gYNQ_n4mg==
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230139-FRA
pcto.js
c16d-35-240-187-111.ngrok.io/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c16d-35-240-187-111.ngrok.io/pcto.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f16:d83:1202::6e:5 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
9zgdxuyjho
www.clarity.ms/tag/ 		649 B
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/9zgdxuyjho
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
17b295bed6000f3ca4ac4e362963d4062a7160e326399b786f07509272fa1ea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
-1
date
Thu, 22 Jun 2023 14:06:52 GMT
x-azure-ref
20230622T140652Z-xu299h9eft3rp17bck946tmt5000000009w000000000nqyu
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
649
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
heartbeat.min.js
heartbeat.mediaprimaplus.com.my/ 		110 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heartbeat.mediaprimaplus.com.my/heartbeat.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:101f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3549acf5339d941c30da7c96a2ae79e3d33b536045e15bce3ec0c19cf23c081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-guploader-uploadid
ADPycducJRnQFUjcyfdCiMaGHx2OxIg-z8PlO2QEo98YDZag95jlmTc-_qmaDQm-QJh0_ik46raZCvcRV23ZDgChLU3u_UVFjd1w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 07 Apr 2023 02:06:18 GMT
server
cloudflare
etag
W/"ab21b6e260129b86fb6e103ef7097cd7"
x-frame-options
SAMEORIGIN
x-goog-generation
1680833178836366
content-type
application/javascript
x-goog-hash
crc32c=u3jRWw==, md5=qyG24mASm4b7bhA+9wl81w==
cache-control
no-store
x-goog-stored-content-length
112759
cf-ray
7db50deae9170493-FRA
expires
Fri, 21 Jun 2024 14:06:52 GMT
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7S9H066JJ6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
624a018da5fe1ab118f1cfd1e583668d88a0604cabe3d912c16c71b5de43bf4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93619
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Jun 2023 14:06:52 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034955&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687442812554&ns_c=UTF-8&comscorekw=fbia&c7=https%3A%2F%2Fsays.com%2Fmy&c8=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-81.cdg52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
via
1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CDG52-P4
x-amz-cf-id
oy2qn2X960MXdVxelt3OOT2H03ii9AL8ynzAOI0oBz92VisqBtfLHQ==
x-cache
Miss from cloudfront
sid
mug.criteo.com/ Frame 3EC8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=says.com&sn=ChromeSyncframe&so=0&topUrl=says.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=yEFpo3xvQkhzVW8vRzVJeGMwcEpndlhCUVkxdm1aTWw4bDk3QTcxakE1NVVORHZ0a09uYTVFSTBuSVE0dk9yV2E3MUc3SXlMbm1rdzVuMFE0bExUOGNoTFhCMFViYlNXRDFsSUQxNFpFdk81bExWbXBXWnFpUEJUanlaen...
438 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yEFpo3xvQkhzVW8vRzVJeGMwcEpndlhCUVkxdm1aTWw4bDk3QTcxakE1NVVORHZ0a09uYTVFSTBuSVE0dk9yV2E3MUc3SXlMbm1rdzVuMFE0bExUOGNoTFhCMFViYlNXRDFsSUQxNFpFdk81bExWbXBXWnFpUEJUanlaenI0TzdUL2w3amxzYW9rajVWb1FuMWVIM0VUQnVZOHdNeVZjaHc0ZGJJVGVXdW5ES001TElYWXl6Ukc4T0lsRStKWFI5UnVhaGQzSmJJSE9CUHphRStXZ1c4S2RzWGxtTDRSa2tDRk1QcVFaOExOd0pMbnBOYnZHM2N2MVNJbFZoZ1hGaHk5STRObjNUYlNTcVVkQlNFNHVaeC9CdE9Ldz09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
90559f5e491ed19ce3385e5654a7052df154f9098b6f971998b54b47af5d02a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1319875
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=yEFpo3xvQkhzVW8vRzVJeGMwcEpndlhCUVkxdm1aTWw4bDk3QTcxakE1NVVORHZ0a09uYTVFSTBuSVE0dk9yV2E3MUc3SXlMbm1rdzVuMFE0bExUOGNoTFhCMFViYlNXRDFsSUQxNFpFdk81bExWbXBXWnFpUEJUanlaenI0TzdUL2w3amxzYW9rajVWb1FuMWVIM0VUQnVZOHdNeVZjaHc0ZGJJVGVXdW5ES001TElYWXl6Ukc4T0lsRStKWFI5UnVhaGQzSmJJSE9CUHphRStXZ1c4S2RzWGxtTDRSa2tDRk1QcVFaOExOd0pMbnBOYnZHM2N2MVNJbFZoZ1hGaHk5STRObjNUYlNTcVVkQlNFNHVaeC9CdE9Ldz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
235040
content-length
0
expires
0
Draggable.js
cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/Draggable.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf85037fd1f04c4684ed0357cf80a71a3c4aa19049bfccdaec678b4b18dc8e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/Draggable.js
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
815863
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::sfo1::4jwh6-1686626949272-00960c0bcefb
server
cloudflare
x-imports
../unoptimized/utils/matrix.js
etag
W/"7553-dYWEgV2hNUKDhK4RO4C1kpAmsIU"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBmfPUDhpc68g096sj6EA213T1dCzafDIwu2XXBOWJOewGXQY46Ujlkf0EixdiCZgG6GUF7AmCjfS5KL1VRgEZ8cdYsMCxYQTpSWFpdAjgn1Doc44ng3ecWj%2FLfGKO9GNim2BP2uvP%2Fr3QaXPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, X-Imports
cache-control
public, max-age=31536000, immutable
cf-ray
7db50deadfc31997-FRA
matrix.js
cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/utils/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/utils/matrix.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc156f774f770c9969f60f278f977ce3a561b5927bf0acb682f4834e1729c3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/Draggable.js
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
815863
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::sfo1::n795g-1686626949278-77d48c2abe12
server
cloudflare
etag
W/"1376-T/OrTzcg3vkKhdJZmnBcCh1Vf3g"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpxvrWQAmfjXSp2Wif7ZLxrEACxig8sPF28K9veJAOyIfJwKKdko8RIMVZq3T7z5cIUYtTkRhG3x0z4JqapmHNLmFNOG4tTWYOMvbbuvNY1ITiHYZBV0%2FD%2FmeC0Q76nrdV4bI8GyOcjZ%2Fvfk2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, X-Imports
cache-control
public, max-age=31536000, immutable
cf-ray
7db50deadfc61997-FRA
collect
region1.analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7S9H066JJ6&gtm=45je36e2&_p=1865468640&_gaz=1&cid=281384666.1687442812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687442812&sct=1&seg=0&dl=https%3A%2F%2Fsays.com%2Fmy&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&en=page_view&_fv=2&_ss=2&_c=1&ep.gigyaId_hit=n%2Fa&ep.article_id=n%2Fa&ep.pagetype=website&ep.publication_date=n%2Fa&ep.publication_time=n%2Fa&ep.modified_date=n%2Fa&ep.modified_time=n%2Fa&ep.site_name=SAYS
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7S9H066JJ6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7S9H066JJ6&cid=281384666.1687442812&gtm=45je36e2&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7S9H066JJ6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7S9H066JJ6&cid=281384666.1687442812&gtm=45je36e2&aip=1&z=308524637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gsap.js
cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/optimized/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/optimized/gsap.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b947a3efe23b4827fa6e4f7c6c0364baa2f66d27d0eb8074d5ab36380876e952
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/optimized/gsap.js
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
815746
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::sfo1::jjllx-1686627066396-3ee7810ad03a
server
cloudflare
etag
W/"f114-9BlmNMloJV8XaPp0tvFxaV9bubg"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Te1ob3uTNeFZRjVGfSPw4Txd65wrP0mfM4Iw%2Bh7SXewYDgmhC3GCPx0rvq7CXLZCEIaSaw7hBzx3N2hp3JlejmBAaZ7dC15N2uDJDeQZuMXUHUeC%2BwK18AreKba4mUxIPVT2OofuKRS0FjYe%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, X-Imports
cache-control
public, max-age=31536000, immutable
cf-ray
7db50deb08161997-FRA
/
www.google.com/pagead/1p-user-list/830366072/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/830366072/?random=1687442812496&cv=11&fst=1687442400000&bg=ffffff&guid=ON&async=1&gtm=45He36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fsays.com%2Fmy&frm=0&tiba=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&fmt=3&is_vtc=1&random=2751433173&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/830366072/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/830366072/?random=1687442812496&cv=11&fst=1687442400000&bg=ffffff&guid=ON&async=1&gtm=45He36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fsays.com%2Fmy&frm=0&tiba=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&fmt=3&is_vtc=1&random=2751433173&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://says.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=017abbde-f96f-47f4-ad59-084862b2d941&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4075ab14-f6d2-4fb3-ba85-f71d155bb52f&tw_document_href=https%3A%2F%2Fsays.com%2Fmy&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1blg&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time
182
date
Thu, 22 Jun 2023 14:06:52 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
05afcd4d2e284155
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
7b5bd822db0015f79eab89b7a7b11bd9f9e0e9994c5dcd808520764e8783fd5b
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=017abbde-f96f-47f4-ad59-084862b2d941&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4075ab14-f6d2-4fb3-ba85-f71d155bb52f&tw_document_href=https%3A%2F%2Fsays.com%2Fmy&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1blg&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time
169
date
Thu, 22 Jun 2023 14:06:52 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
cfe6236e8e08dfc6
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
413bb02742bb3bae32f3ed39ca0a79fd754c80aa6985429bbc6e99dff6ea1bbf
content-length
43
final-floating-widget.gif
pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/assets/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/assets/final-floating-widget.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:16f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47aa51a3e65b3ab865fe1a74177c6c854a92bec2066493dcbbfc66f714f83937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2746
cf-polished
origFmt=gif, origSize=2554597
x-guploader-uploadid
ADPycdu2Z4JYtyOYpx57uhNN50sR2VOUa02aJ3GSm6Y7XXUkmJKc5E3eidDIUTDpshBx1ouS4WZQ-x4-Lm9gAfNz6yPXh7euICnA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="final-floating-widget.webp"
alt-svc
h3=":443"; ma=86400
content-length
1806510
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 12 Jun 2023 08:38:54 GMT
server
cloudflare
etag
"c117160f0bd5a4a1f56696c83a865e19"
vary
Accept
x-goog-generation
1686559134976601
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=N4+3ZA==, md5=wRcWDwvVpKH1ZpbIOoZeGQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
2554597
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
7db50deb8b6335ec-FRA
expires
Thu, 22 Jun 2023 18:06:52 GMT
mobile_d613.png
images.says.com/uploads/story/cover_image/63208/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/63208/mobile_d613.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9facd749d1c22778d8b707291d9713152d6b6f4bb2f20e3fdf32ce854758e633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
21173
cf-polished
origSize=188914, status=vary_header_present
x-guploader-uploadid
ADPycdv_qbn27fIK_xKNgqqgpT9JE8Bm-mMjFF4o7zuZ7OKTegrNpYrZAWTU5TbDGp5qOxJLcQ05Ll1xzJeL6Hp4OG_dEQ_CgFwmiB1y
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
164209
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 19 Jun 2023 15:14:44 GMT
server
cloudflare
etag
"20faa732d2fe08f00bb8a8c9fd8a2724"
vary
Origin, Accept-Encoding
x-goog-generation
1687187684826249
content-type
image/png
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=xOdu3g==, md5=IPqnMtL+CPALuKjJ/YonJA==
cache-control
public, max-age=315576000
x-goog-stored-content-length
188914
accept-ranges
bytes
cf-ray
7db50debeba81e32-FRA
expires
Wed, 22 Jun 2033 02:06:52 GMT
mobile_36d9.jpg
images.says.com/uploads/story/cover_image/63253/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/63253/mobile_36d9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35b97eb85e99457b46ff1988c720e7e0dfedd93cc64b5c189d0ee3f9d34ff2a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
64357
cf-polished
origSize=128869, status=vary_header_present
x-guploader-uploadid
ADPycdvnib7_U2O3kgxKkvPZg1m2mPw4ouZo647kA6N7EFM0ramyUPApAskyXwGoWp7JogCbanc9fUxqgZGfjL_537TOKh-jaXXq
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
122368
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Jun 2023 10:03:59 GMT
server
cloudflare
etag
"f318218f7a3c3d2fcab6b0aba56de4a3"
vary
Origin, Accept-Encoding
x-goog-generation
1687341839050501
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=TL92fg==, md5=8xghj3o8PS/KtrCrpW3kow==
cache-control
public, max-age=315576000
x-goog-stored-content-length
128869
accept-ranges
bytes
cf-ray
7db50debeba71e32-FRA
expires
Wed, 22 Jun 2033 02:06:52 GMT
mobile_a4c9.jpg
images.says.com/uploads/story/cover_image/63242/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/63242/mobile_a4c9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a043d0cdfe465517886b5a4c2cb81f7fbe997ab4002e09249836381f0bb554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
101320
cf-polished
origSize=159941, status=vary_header_present
x-guploader-uploadid
ADPycdsRt6Z7OlWnBlO8JZhvTJtETeinw48SehkMNrnsjgpJmZjmYC9ObSQGSv3yfHYl6SNxKGFZQic1fQOn0hRXyEPK0oRAJmPT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
148906
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Jun 2023 08:25:39 GMT
server
cloudflare
etag
"b679a1ea6b0eb8bc15cef0722676a025"
vary
Origin, Accept-Encoding
x-goog-generation
1687335939151411
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=p32IJQ==, md5=tnmh6msOuLwVzvByJnagJQ==
cache-control
public, max-age=315576000
x-goog-stored-content-length
159941
accept-ranges
bytes
cf-ray
7db50debfbbd1e32-FRA
expires
Wed, 22 Jun 2033 02:06:52 GMT
mobile_d9f5.jpeg
images.says.com/uploads/story/cover_image/63271/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/63271/mobile_d9f5.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c493318ef3bc1d4822fb55ac4469891fb714551e5586332a54527a19797ef60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=67854, status=vary_header_present
x-guploader-uploadid
ADPycdv2WrWI-XagTMuHELKwY4MTBHuLbY8KnwSfMdDBhuGSAFrweub3-9tUvEXiX2Pe1A-ljEn2TeaQZcO2PTKnzU9BmgLMKhtKIkBVwbv8oGc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
55487
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Thu, 22 Jun 2023 10:41:56 GMT
server
cloudflare
etag
"2c22698dd88e10a69c92ce60cf6a5c1d"
vary
Origin, Accept-Encoding
x-goog-generation
1687430516502712
content-type
image/jpeg
x-frame-options
SAMEORIGIN
x-goog-hash
crc32c=gIZhiQ==, md5=LCJpjdiOEKacks5gz2pcHQ==
cache-control
public, max-age=315576000
x-goog-stored-content-length
67854
accept-ranges
bytes
cf-ray
7db50dec0bce1e32-FRA
expires
Wed, 22 Jun 2033 02:06:52 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7f134ce352c4d1868e8344e9ef332e1ec2994e33b8088e164b3d653a8a674699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 22 Jun 2023 14:06:52 GMT
content-md5
Rxu8MrF/MK6LQMbETZd5Mw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-debug
95vWmIh+dbbyuP7k6Mp88GVvQ+yPO/clZv9KdHFWQujN/Lfe0EbZB3JXrbyHirMBD9pKTM3/apw8q40x0p7bcA==
x-fb-content-md5
ae3bc7de072382ed90c03f1455297649
cross-origin-opener-policy
same-origin-allow-popups
etag
"5ad6e3f7500f50b13a44067159964f4c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 22 Jun 2023 14:23:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9625257ab40695983ebddf135603dc65d8fe2da06216a579c6b68d35ba9c5f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11247
x-xss-protection
0
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:8e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 01:51:47 GMT
content-encoding
gzip
via
1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:02:37 GMT
server
nginx
x-amz-cf-pop
MUC50-P2
age
44104
etag
W/"639218ad-11856"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
3dVm-Z4fBKDt6OB-BnZD8q2_rW8mGtudQsD2dLel1PaLX474QcBvBw==
expires
Fri, 23 Jun 2023 01:51:47 GMT
rum
says.com/cdn-cgi/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://says.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type
application/json

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://says.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7db50debcc0a929b-FRA
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		149 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=says.com&domain=says.com&path=%2Fmy
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab_image.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
267db6787a4c101c76c6b5d81ad9af6bd0aa0f86d8b8a1de513cac0d404e1a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
1280
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
121
x-served-by
cache-fra-eddf8230032-FRA
x-timer
S1687442813.879042,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 20 Jun 2023 13:45:33 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169284420317900&ev=PageView&dl=https%3A%2F%2Fsays.com%2Fmy&rl=&if=false&ts=1687442812762&sw=1600&sh=1200&v=2.9.108&r=stable&ec=0&o=30&fbp=fb.1.1687442812760.1013371559&cs_est=true&it=1687442812291&coo=false&exp=c0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 22 Jun 2023 14:06:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
clarity.js
www.clarity.ms/s/0.7.8/ 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.8/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9zgdxuyjho
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:52 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 20:14:13 GMT
etag
W/"0x8DB729414CA87BF"
vary
Accept-Encoding
x-azure-ref
20230622T140652Z-xu299h9eft3rp17bck946tmt5000000009w000000000nr0m
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
85582f9f-701e-005c-32d6-a47b83000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A73A2B1216494A08B2DC4A292F710D69&RedC=c.clarity.ms&MXFR=2611743E60C26E5D05A7670664C26051
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A73A2B1216494A08B2DC4A292F710D69&MUID=276190A5D3446319236A839DD2CF622E
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A73A2B1216494A08B2DC4A292F710D69&MUID=276190A5D3446319236A839DD2CF622E
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
server
Microsoft-IIS/10.0
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8082EF57ACC84682964814F4F400EB7D Ref B: FRA31EDGE0217 Ref C: 2023-06-22T14:06:53Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A73A2B1216494A08B2DC4A292F710D69&MUID=276190A5D3446319236A839DD2CF622E
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4fe0c93ee9dc6553099f470894321eb3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e0adbdc7469e73957dea0d2c0e6317aa6d597e5ca6e0c96a77321614aa0ae42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://says.com/my
Origin
https://says.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 22 Jun 2023 14:06:52 GMT
content-md5
XRqpZr5+jXZYVYAcmWThZg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88690
x-fb-debug
iMx9i5MY+9MdO+KlrA9dWulYQp8EcySSE4Nlc2s6aRBjUuiddie53NXOium6reQVb/p1Qs94dlKLRCQbjAHUwA==
x-fb-content-md5
c9812f45d8f020a0cef645df3d497400
cross-origin-opener-policy
same-origin-allow-popups
etag
"093d96ea78644b129e769c244b82e4b5"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 21 Jun 2024 13:05:34 GMT
worker-new.html
says.api.useinsider.com/ Frame 1856 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://says.api.useinsider.com/worker-new.html
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c3d3f8f234c097ceffd6fa4f04eb721a627e0149d07e68125f318b1be1bb841

Request headers

Referer
https://says.com/my
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
6764
cache-control
public, max-age=1382400
cf-cache-status
HIT
cf-ray
7db50dec1c629a1d-FRA
content-encoding
br
content-type
text/html
date
Thu, 22 Jun 2023 14:06:52 GMT
expires
Sat, 08 Jul 2023 14:06:52 GMT
last-modified
Thu, 22 Jun 2023 04:00:18 GMT
server
cloudflare
vary
Accept-Encoding
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=says.com&p=%2Fmy&u=DbV9tJBUsnlpDJ09yD&d=says.com&g=65124&g0=n%2Fa&g1=n%2Fa&n=1&f=00001&c=0&x=0&m=0&y=4713&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fsays.com%2Fmy&b=1870&_s=%7B%22ga%22%3Anull%7D&t=Dug0QoDDtgP6Dey9p3CQ_48hC_mOEh&V=139&i=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&tz=0&sn=1&sv=GXJ-pDj9Ax3psV30B1tzzci0gwm&sd=1&im=067b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.209.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-209-240.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
publisher:getClientId
ampcid.google.de/v1/ 		3 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://says.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 3668 		0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://says.com/my
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 22 Jun 2023 14:06:52 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
prefs2
api.dable.io/plugin/services/says.com/ 		876 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/plugin/services/says.com/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=dbljson1
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.209.159.148 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-209-159-148.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ec6520581b6bc6b23f8fc54e738fbe4f8b3bc7926ef49ae2c8d5ae42cb1976c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
etag
W/"36c-DmnIKq/gLmjZPtplp9WebuDyH34"
content-type
text/javascript; charset=utf-8
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=204299389728697&ev=fb_page_view&dl=https%3A%2F%2Fsays.com%2Fmy&rl=&if=false&ts=1687442812971&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 22 Jun 2023 14:06:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 14:06:53 GMT
collect
p.clarity.ms/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://says.com
Date
Thu, 22 Jun 2023 14:06:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
p.clarity.ms/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://says.com
Date
Thu, 22 Jun 2023 14:06:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1865468640&t=pageview&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy&ul=en-us&de=UTF-8&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACAABBAQCACAEC~&jid=323813150&gjid=764023044&cid=281384666.1687442812&tid=UA-27970811-1&_gid=1022371719.1687442813&_r=1&_slc=1&gtm=45He36e2n815WNLRMX&cd3=n%2Fa&z=123740453
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1865468640&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy&ul=en-us&de=UTF-8&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fmy&el=25%25&_u=aCDACAABBAQCACAEC~&jid=&gjid=&cid=281384666.1687442812&tid=UA-27970811-1&_gid=1022371719.1687442813&gtm=45He36e2n815WNLRMX&z=1829612943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 10:21:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
13503
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C7A3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://says.com/my
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 14:06:52 GMT
expires
Fri, 21 Jun 2024 14:06:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA36 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://says.com/my
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 14:06:52 GMT
expires
Fri, 21 Jun 2024 14:06:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4EB4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://says.com/my
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 14:06:52 GMT
expires
Fri, 21 Jun 2024 14:06:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74A4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://says.com/my
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 14:06:52 GMT
expires
Fri, 21 Jun 2024 14:06:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7S9H066JJ6&gtm=45je36e2&_p=1865468640&cid=281384666.1687442812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1687442812&sct=1&seg=0&dl=https%3A%2F%2Fsays.com%2Fmy&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7S9H066JJ6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-27970811-1&cid=281384666.1687442812&jid=323813150&gjid=764023044&_gid=1022371719.1687442813&_u=aCDACAAABAQCACAEC~&z=254522468
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1797 		0
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPxZBCT7Z4BGMnszewBMAE&v=APEucNUZW0LzLSINeL9JXztozq6uKBaw4lYXI58la4LU6LIwY2AC-wccio0owiJ0674QhTZQ1ORRPvdi8N3fvDAiEMKBszspdg
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 14:06:53 GMT
expires
Thu, 22 Jun 2023 14:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C7A3 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 22 Jun 2023 14:06:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C7A3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A73rXEOf3ohuK_ZmNpcq5xEIUJc0849NFxKsfqwVLVtU92S_cd3RPx5U35vQr4HKleRaxSEN7LDbXvkqLLWrotBTNLkCefBZ0jUJYOxx5yXR5OJAU
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C7A3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1397997167714536261&x=1&ct=76
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame C7A3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 09:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
15683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jul 2023 09:45:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame C7A3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 19:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
67635
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8131
x-xss-protection
0
server
cafe
etag
7076601798724011321
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Jul 2023 19:19:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C7A3 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57242
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687383875062185"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 14:06:53 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169284420317900&ev=Microdata&dl=https%3A%2F%2Fsays.com%2Fmy&rl=&if=false&ts=1687442813302&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation%22%2C%22meta%3Adescription%22%3A%22SAYS%20curates%20Malaysia%E2%80%99s%20biggest%20stories%2C%20simplifying%20the%20latest%20news%20on%20politics%2C%20entertainment%2C%20fun%2C%20trending%20topics%2C%20and%20more.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation%22%2C%22og%3Adescription%22%3A%22SAYS%20curates%20Malaysia%E2%80%99s%20biggest%20stories%2C%20simplifying%20the%20latest%20news%20on%20politics%2C%20entertainment%2C%20fun%2C%20trending%20topics%2C%20and%20more.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsays.com%2Fmy%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fsays.com%2Fassets%2Fsays-logo-light-blue-large-1446b8864e68d1df9c140b185def00464a332bdd187644a2689d3b20f52c8c5a.png%22%2C%22og%3Asite_name%22%3A%22SAYS%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.108&r=stable&ec=1&o=30&fbp=fb.1.1687442812760.1013371559&it=1687442812291&coo=false&es=automatic&tm=3&exp=c2&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 22 Jun 2023 14:06:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
pixel
googleads.g.doubleclick.net/xbbe/ Frame ED5F 		0
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGLHVxd0BMAE&v=APEucNXX9CYGQfshZb49NZVAQqu9ycU2Ti58IJGsjwvXYUB7AlugiEzlJ1LAf4XnbSbsfiW0Oy9QvHliAp6_0RQWFiS6GsWlKg
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 14:06:53 GMT
expires
Thu, 22 Jun 2023 14:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame EA36 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 19:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
66678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9007
x-xss-protection
0
server
cafe
etag
10216374826415589524
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Jul 2023 19:35:35 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame EA36 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb97ae42500ac290cc6b1e1c63b0784a790777a63883f57ee7f418b09f448657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 19:37:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
66590
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3046
x-xss-protection
0
server
cafe
etag
8710410791850112160
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Jul 2023 19:37:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EA36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvVwJiZKwDbw6EF8SkeU7iFMmZutb2fSsOyPB0VvqNs3W_ndGSirP20v3CFXuYrQjm_l7BcTMVv1wglZhVUeEWBbJBwkw6hIimDNjvclGDhYtEfe9mm3PGW2cuQepzVbJ69COO9H_edoJBfh7xDE_XqNUVDFYI9iiLV9Vzje2vDk6VxcXDoH1TRmO39iDHkyV5Qgu8c3pWDPmJL5m6VPQTuzEAFQgG97z_HHIQJqrCvmq21JgksOTqi4dyhMzaB0UL7aCC4ZX7mBtVQEUNM5gsUFuneK1gFGkqDRW17qwF__8ZUmb62nQXydmt2XU95Ux7TnSsG-SquuzpNfwI80-jaSLEKqBQnWb3apjHjGSJN60uBvh0m1ntUIRirK0M8HI0SLXxSehPj_ydyV08Xn1JYPr0O7DeJSqGwZxcFw69Gt2zz_xStmMUicovrKrFIbLp9BtOFjloXSupbG8G-JVX3Y5gDPA-2ajzPYtK-7DZ9yVdKczcXJznzW1DWcxpWQUyZkV0U-TkoLkhxVQ1xBVXoGRqT-ktqIq7UGrfZFgdB-oIs5S_p2WUmYTnacMGvyT86UKgc7vZxDIU0TehvQozqXhTZjIhFUlLzJ6xatcInaKayc4jtAJMKYJrUD7UzR7bUsYyMQaecX6pru2_UE6gGXF1DVeabg9IGP-J1P22J1xH_l3vyymyhc4SQzCKnysHvD0MXGQSO2gVzLh4-GXhCxMe8XGK8ofzVFX10L6Gzw7r_GHnGvMZS3-7rad5XNmLByGrfCE_Sdfj1MXoTd8ZP4O8DY4xiUlczpxZR_nuDuj2atnafVAtvA188czAKSELo495apBJscA6tjWSsaqKhuW74ycvJ5vnk08TldpiV_FF35re_UwYR8RwOYt8-6Pdo00rYpIreafTOF-AiHFdmBTu0uL_s4Fvq0CDlOArwuR_UffpRrEGRXtAZ0l-D03b07MqZdFBJ8URvp1kIhSRIl6PxEGdDXc6vZfLo4We8-QmX8656mbkokj3cIQQ6Z7_laFOs-xkDOGuhjH4CqPbjIFNnVnvJrm8-z3fH3mXzPZhsgj2oVBdULHtbSmWPt8yexrTAsLsqqaWi50IV27EV4zts5kk04vdeVvigNuGq-_NOYUQ3rpwBzwh4919xm3hN2shCcE5XX1wfAaGkDL2K-lT4WAoHroO9rgf_GzT5DAxZ4XRampcMWt1PUw9P2LU&sai=AMfl-YS5nJ_RjJeED9uTczZ8KBeL7OYSwRhr3-r2BLlbd7ekba2dgPW_Xh4nSLb8404KKx4potVOmHhHeyuGGEUBcaZKOZKGeJt_U_AyVa5eaz_EFNKGxkxssomkawbEYNtbrwq3tYptcK9maCODeq970EQHA3hHjNPxihQfVLc4CspT7A-dbJehUZHHZEut0rMS9xv1FUygxqQixCjHNq1T7pFJg25CcXO67HQUBX8rBleU3r5ZVytLv1HYdiWZOzoautnrKtBHs4tyBeGKG2s3gE5Ewv84-ZYAe5DdS0dn7Ooa8SJN4VRylURByADlzKd3AYKYQyhq4VujEg_XyzjqbLVb_JgJEeN7eAvNn8g7xhDpRHU-OUf7nOb1ot4s6EaT19Y1mRCnRb_Aa4qS4Tbh8QKUqJG0CqmHo6V81T3AcNC8amQS_e0NjDtzyn-dG1v-ScA_0lVoNsV1HiDgj14ZN9YS4sqRKu0QgA&sig=Cg0ArKJSzGUQxp0YEGwoEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230620.77866&arae=0&ftch=1&adurl=
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 22 Jun 2023 14:06:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EA36 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 13:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jun 2024 13:52:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame EA36 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 09:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
15683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jul 2023 09:45:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame EA36 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 19:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
67635
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8131
x-xss-protection
0
server
cafe
etag
7076601798724011321
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Jul 2023 19:19:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA36 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPp-yAjuwcL1qZz3y1hyBB3YULPS-cnr5VGh9YUJhZ3k5FUw4CHVaWIjm09NbLcNKYxgvKYhn4J-SLs-HNv7F1_jRxJzR1PYId4YjQy4ScRRwt5R4
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA36 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57242
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687383875062185"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 14:06:53 GMT
8802555451024282535
s0.2mdn.net/simgad/ Frame EA36 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8802555451024282535?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qn9dLCnIM3w6ulqrjvJ2Foxod0rgQ
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42bfcc13f63c3b068a4f59c188ad224ab48d2e3d91ce033311da926be2327249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 15:12:25 GMT
x-content-type-options
nosniff
age
428068
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25554
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 14:21:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 15:12:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 4EB4 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 18:49:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
69460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9007
x-xss-protection
0
server
cafe
etag
10216374826415589524
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Jul 2023 18:49:13 GMT
css
fonts.googleapis.com/ Frame 4EB4 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 13:22:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Jun 2023 14:06:53 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 4EB4 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 13:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2883
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jun 2024 13:52:35 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 4EB4 		371 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 13:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130330
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jun 2024 13:52:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 4EB4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 19:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
67635
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8131
x-xss-protection
0
server
cafe
etag
7076601798724011321
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Jul 2023 19:19:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D648 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://says.com/my
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12873
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 10:32:20 GMT
expires
Fri, 21 Jun 2024 10:32:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3BB9 		783 B
956 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
76a94da62f29e9e2be1a115b3967855f565feb162e1c3b027c4e5d10753a8b11
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FZQCVzo6XTt27X30qhYN8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://says.com/my
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-FZQCVzo6XTt27X30qhYN8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Jun 2023 14:06:53 GMT
expires
Thu, 22 Jun 2023 14:06:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 74A4 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 18:49:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
69460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9007
x-xss-protection
0
server
cafe
etag
10216374826415589524
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Jul 2023 18:49:13 GMT
css
fonts.googleapis.com/ Frame 74A4 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 13:41:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Jun 2023 14:06:53 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 74A4 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 13:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2883
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jun 2024 13:52:35 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 74A4 		371 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 13:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130330
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jun 2024 13:52:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 74A4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 19:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
67635
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8131
x-xss-protection
0
server
cafe
etag
7076601798724011321
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Jul 2023 19:19:38 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27970811-1&cid=281384666.1687442812&jid=323813150&_u=aCDACAAABAQCACAEC~&z=130263115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27970811-1&cid=281384666.1687442812&jid=323813150&_u=aCDACAAABAQCACAEC~&z=130263115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame EA36 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48def9fc317d6149517f215bf8942fd2e29cbdb15c40e1ec04e0c82f7e581b87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 365A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
173626
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jun 2023 13:53:07 GMT
expires
Wed, 19 Jun 2024 13:53:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3BB9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306150101&jk=266413778548866&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js
pagead2.googlesyndication.com/bg/ Frame D648 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6139cf28f27e43ef93d80278423db91715a6c3b6c0a155c4f7386dcf578de617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 13:06:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
3611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jun 2024 13:06:42 GMT
destination
www.googletagmanager.com/gtag/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=UA-27970811-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69fb789d8300db9cc4e1a3bd522075c11d53f01f2e6fcd600acd8dde84b69c79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47673
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Jun 2023 14:06:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C7A3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5852783493089&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C7A3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5852783493089&version=m202301230201&ct=76&x=1&cor=1397997167714536200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C7A3 		75 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIvZ1RHZhgwoedMEx_GEThJqAACROavT_Pr0twrZfNgDEkL--t1Ay9D0QiO0A3MKFxZ_5qQOdB1DMa1D9PAwYRbaOnd-blkPQ_fELBD5FI986jwrvQbSJmCDsqGthRoNPVy63_GJbtiU6iOksfdv1VVSgCv0H1I6x9sbwaSQYCHsb1i7E&dbm_d=AKAmf-DahIN9utjzS6tfGlZDFNJ65xtThLswH4ZRNWkPSHtrA_clSQLgXDS8bKEAWt_-NpEYOWxvNbz-wn29weuSdjOzLWdPp70ctHY1KW7aKWXp5iUhmIgs5LbdTUuPy_3WMWq1DgJBDUNiA_0vIUQJqRclwR119iqMeQKy55EyKVrBEamuyEGloRWNDtRt955AMMWWEdadUNFmPs3zTJnQNQ9Lz0tvzakaBMiFWiM63MkR6SLGheDgs3JOuC6q0Rx5coWSylP14mdzI18NVMRf2qb_kmh-I1b5dHC6VfTqRAu2mJCJolKGOaXcxwfS8r9HnKvkIzDZbtvZkQlqm_UmPYlOIE_vN9HAfgNg_J1-V4KJCkdBTGZ-LsRR7WoNcjO_Jwi5cZ2lqLd0UdsaKoBACFjmiJeykNPZFoWwvNZrr3y_EM9K7YaK44-oG4vb83uqQtv-o3hrNkYwbNHXNfJACzWOgDxQDe5hc1r1J0cqPK4hHDy-tor7qtYYhPf24kaQA4SZ_J0TMikePMESdsTrwTOeZ73aU5nIxZnUfSqP1TXD0Huaw2LgEL2Xs8RYZMaFlQUK2vCpyT1ppf-2GktrSQ4OYVprQAcsWksjr9R4WHDd3G3gn80V4gWRJz9fqG3LjkwKpiDtiITBmyntuvzvGADOzwu4a5LOoq0Jl8Tj6962TLaS0Cke45z2n3-10GBruV-GEbXbKtHHH45Opb-HpUWlaZ-BRzWetEHO3NAVzzHNWyEfq6j2A2oC32ZN6eWQ6rvcGhiTau5JmHPyCaAygcVh2dhzxZLSSFAloYfDaTVV1AcgPJPHqH2oFiDyr_eUY7ixaAyeUbs3logPY6HvrBmWHuP_3iiu_SC0fg82nHfZwbHz3BK_fLmHUdXIC2oM6pF9tg7pZft0vrPLRRrRoCsiHU7JKKJtgw2QArhVgZNCUKAiO_IRa3WAinhp_-0Znh6M_dYhAtUh6HcKPFRNpOZzZ1fGPFBskze9RBIPo_E9qssAsJhb123bWeUnegPwZy2Jxmsqrt4QAGFaBQR_g61Q0Sqt0mq_fkLaH5Pd01q1NQSuQ97YMqdYbgMDtwBkNeNcm5TYPozbc1bonfAJMclNbbnUkC_PPMZRWiT1mLYrLTrxt2PTlCXPZlr1JixwkSfx7N9YOINXj8FSMxldpXG3yHD6isj5Y-Ij4yYicVuOdIR6psiMF21JwVQqnU19WUvXEAKgZwVFRIKO1MoKTYb9W9pawQCeWdqX1ZOOrNRnPAYA3O1sAV-FTHRqCtRdOED6UsyKK51wq7uv7IQR165JO50aaD1yKxP_p17BipWbK-k-rdGnh2znDilj0osIxIKs6xFchdHpQP-5Ce4-1MZw1IYjyjO3T3-Hrs0VB_Pd4jK0o327z5qXPk_9qzob9gDYh6ZHEpvGeCA44ItoiqJDmdddQ7D6fLKFPpA2YGdH-VX7rTz9cT8venR2nwWgMAq6r7F06jybw2MKwDlzbyNBCUP7ON-x1cSOiYY6mAsBgy2dszulNHf45ROs2TMre04Rpjrqx3jaIp-EHtMvoi8hfBUlsREUMohwbCMoQfpN0Z3Ydedkd1WZZr0JJSTa47zu25Yun7UNLcOgwTVMIp_aivcpjWKz_rTZBH0OH1T7Fi2mKYPNHAnM5nB_wCTvJ_OpNltgHeggPCiJ-xiLDcccFnIP-LDr7mokHrEX5GeCRqeYbi5oqLpm9nZvOh0mzj_vLn8TGPMwiVMqK8gUq4ieFPv1d72oB6Yogn0ZaQvZfzS2s4popg5ZJkSwsq9viJJeTcRkR6gMtc6co_pwGIQPAsgu2-PnOl79ymIyFemSgMJbSxPq0RfQNpGWNYw2LKo90bjes4tdB1KRR7FVlZxE6RfoAs8dSA5EkCHvxLXszf4mVv6NhfO0_r6ldQYsgOHfNe0Tq-nWYd15_dlQrnsdQ-BDPtjA20clvfUU14angrvBW1mafp6HljpMyhhiMdjwdCSNVFDieGtEhLNcXtn6n3mHv3NjGOkJN-AKVROCd-nXg30BGo6_j2fSsHlB6h_jbHI-yaUcRpYIJjzlGmaUt3M9dFR5TApFnESOooJAl4kE07yy9rHJrrVQWwKLmWSivmkV6FoSIkMCH5FOm-J1bjXsdkVhYarZjtXsJ8BCnmKJcMcKEFionzHN-Sqo5Z9geaWffGzF0jWv-4cUBzki-8WIXnleXpFuqiqYPMN42g5xZ1nCOzMWyz8a_ZfCcjn2o-87mC3Fx_9MsceK2yikwO3NJbqeeopy9NqPT_drZwX8jcrY4MRazz3tiU7WI4FBZ-LkVSxcKpGl0ol92cVGJUpDaaZIyAD5S1E5e08Xq-iGA2UPJNojjgt1v5hv7BSb_Hwigmp-I11i7pb5vwyJ7uKpquWFkbh8ttfyRZi8ZhhTL5StjnNez-p9BW-U-g4mFzy2GwvmSeYPzAO_7JXCiwS5TZzkSI8RdX_7YAZwpuqyuTXaMUNloMQOZfyF4KyxFvUQ0R064V_w2NrYhsrodzpQpHVyLppharmPm_nbWHmSEP1rNgq5aShK97eacK-7lyDYHO1ny-ySpsP0v_mzXfQ59hkD-NU8rDB-dec5-OlKOK9mWbvz7AiZ8FLJbcTmm1uRFOK7PdOd2TzVCvpFxfDbrWbfVMcWYdGoEtH86Qjy1nybj8LsggdmlMAKyToYi8YeXvaYo9jdBbJXzKqp_R4NYFSw69KEwDRT2X2OLFNf5T3zgK7tX72UzJzx6W35s_rT0f4I894bpHcOG-4SvQ5EpAFAKQiEWTKTCYksCwS4P740Ps9QwcU6zauOrHyRrddksVERJqQVbZULSs6I-MFPu4zDQbyAU51jdMytmj0sgW3OQEHIg7N2KzB-KfrtUc3RLOlPq0wJnRonqzoDUjhawMQhBcElmmcNyXz-tf6_VyIsQ5T6HTeoV3GlT-czxB890TpIdPlsXL8HxuhNNbYkTFyYMCmhY75_eao3ViTdIwaPh4AZ4NfEIfa7tVsPYKXWAPhZtxLrveMQsKs-C7MPOwXHQZ5SKeQe0Y74I1-hZLcZhJaDhRg-JN7HcQuMVKBdJSaUeelZ0A-5wSdGiBGGhl90wnb2vstICIcyta6-Ajg-hNRCVYgMD3beaIVGuSX6wHyoY3wGSL4M_v7qHCAE5p9_C4b9Upr8_3q6WxQ_sj8wzoN_kgOtAMpksQ6MmP3hK7dKSHZ6sB6TYsGn_9Xkwq-uS191JHrqjbB75BlkKFMUVJngeEOQipBfXCerIORPatM2jqQq7wwokoJYI32lkZxGv8MQq2AFPI26i41BK9bfJMw2SeqUVNCzjC7B8qqugGK0lojk-6bJBA8S8R9DihsRaaTGR8zN5eeajumVl5MQwYTDKrYVSNsfQBWxf25Q59orFbk9mMpnQlg5MSBXx53DyXRUiN8Lqw68E2n0pIsa-WYOh66IisiAu9pADAwr_ySyMtJUMZJx2oJPtbqQ7kuaWWQ0wPB0rUyzVG6ZZ7O57NZwr7DHqOrwNln7WhCJ&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsays.com%2Fmy&ds=l&xdt=1&iif=1&cor=1397997167714536200&adk=4188270525&idt=259&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c984bd61d999adf9c50e220bb76b1177e9bb6a43509b7fafe8ba4333573992b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EA36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvVwJiZKwDbw6EF8SkeU7iFMmZutb2fSsOyPB0VvqNs3W_ndGSirP20v3CFXuYrQjm_l7BcTMVv1wglZhVUeEWBbJBwkw6hIimDNjvclGDhYtEfe9mm3PGW2cuQepzVbJ69COO9H_edoJBfh7xDE_XqNUVDFYI9iiLV9Vzje2vDk6VxcXDoH1TRmO39iDHkyV5Qgu8c3pWDPmJL5m6VPQTuzEAFQgG97z_HHIQJqrCvmq21JgksOTqi4dyhMzaB0UL7aCC4ZX7mBtVQEUNM5gsUFuneK1gFGkqDRW17qwF__8ZUmb62nQXydmt2XU95Ux7TnSsG-SquuzpNfwI80-jaSLEKqBQnWb3apjHjGSJN60uBvh0m1ntUIRirK0M8HI0SLXxSehPj_ydyV08Xn1JYPr0O7DeJSqGwZxcFw69Gt2zz_xStmMUicovrKrFIbLp9BtOFjloXSupbG8G-JVX3Y5gDPA-2ajzPYtK-7DZ9yVdKczcXJznzW1DWcxpWQUyZkV0U-TkoLkhxVQ1xBVXoGRqT-ktqIq7UGrfZFgdB-oIs5S_p2WUmYTnacMGvyT86UKgc7vZxDIU0TehvQozqXhTZjIhFUlLzJ6xatcInaKayc4jtAJMKYJrUD7UzR7bUsYyMQaecX6pru2_UE6gGXF1DVeabg9IGP-J1P22J1xH_l3vyymyhc4SQzCKnysHvD0MXGQSO2gVzLh4-GXhCxMe8XGK8ofzVFX10L6Gzw7r_GHnGvMZS3-7rad5XNmLByGrfCE_Sdfj1MXoTd8ZP4O8DY4xiUlczpxZR_nuDuj2atnafVAtvA188czAKSELo495apBJscA6tjWSsaqKhuW74ycvJ5vnk08TldpiV_FF35re_UwYR8RwOYt8-6Pdo00rYpIreafTOF-AiHFdmBTu0uL_s4Fvq0CDlOArwuR_UffpRrEGRXtAZ0l-D03b07MqZdFBJ8URvp1kIhSRIl6PxEGdDXc6vZfLo4We8-QmX8656mbkokj3cIQQ6Z7_laFOs-xkDOGuhjH4CqPbjIFNnVnvJrm8-z3fH3mXzPZhsgj2oVBdULHtbSmWPt8yexrTAsLsqqaWi50IV27EV4zts5kk04vdeVvigNuGq-_NOYUQ3rpwBzwh4919xm3hN2shCcE5XX1wfAaGkDL2K-lT4WAoHroO9rgf_GzT5DAxZ4XRampcMWt1PUw9P2LU&sai=AMfl-YS5nJ_RjJeED9uTczZ8KBeL7OYSwRhr3-r2BLlbd7ekba2dgPW_Xh4nSLb8404KKx4potVOmHhHeyuGGEUBcaZKOZKGeJt_U_AyVa5eaz_EFNKGxkxssomkawbEYNtbrwq3tYptcK9maCODeq970EQHA3hHjNPxihQfVLc4CspT7A-dbJehUZHHZEut0rMS9xv1FUygxqQixCjHNq1T7pFJg25CcXO67HQUBX8rBleU3r5ZVytLv1HYdiWZOzoautnrKtBHs4tyBeGKG2s3gE5Ewv84-ZYAe5DdS0dn7Ooa8SJN4VRylURByADlzKd3AYKYQyhq4VujEg_XyzjqbLVb_JgJEeN7eAvNn8g7xhDpRHU-OUf7nOb1ot4s6EaT19Y1mRCnRb_Aa4qS4Tbh8QKUqJG0CqmHo6V81T3AcNC8amQS_e0NjDtzyn-dG1v-ScA_0lVoNsV1HiDgj14ZN9YS4sqRKu0QgA&sig=Cg0ArKJSzGUQxp0YEGwoEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=268&vt=11&dtpt=267&dett=2&cstd=0&cisv=r20230620.77866&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 22 Jun 2023 14:06:53 GMT
YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js
pagead2.googlesyndication.com/bg/ Frame 365A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6139cf28f27e43ef93d80278423db91715a6c3b6c0a155c4f7386dcf578de617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 13:06:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
3611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jun 2024 13:06:42 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=UA-27970811-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 22 Jun 2023 13:04:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3732
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 22 Jun 2023 15:04:41 GMT
csi
csi.gstatic.com/ Frame 4EB4 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lj77vs2w&c=6198761966551&slotId=3099380983275.5&qqid=CJLSo6uG1_8CFdbG7Qodk4UAmA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C44783518%2C44783849%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4EB4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 16:10:14 GMT
x-content-type-options
nosniff
age
165399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jun 2024 16:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4EB4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 22:16:07 GMT
x-content-type-options
nosniff
age
575446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 22:16:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EB4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CeLV1fFWUZJKkFtaNtweTi4LACcDQwehvyK6g-d4Rv9mivcABEAEgh5avIGCV2oiCmAfIAQWpArVLhbbbcrI-qAMByAObBKoE7gFP0HVqHVnn6AUzj8HEKR-fwY3eqQ5hhVnVRkBrRBzm5hYqxZwaulvSyBkkvKOAY3EwOxOi9ume6xwEGuyWuzvUa3VqV9-8l-T4rzCvQQwAja4rxSZ78-sH1jteyPxkcbim5U_-z_niH3aw42Src7ttWQqLuO3DRzZl8s3dkYTYvXdqjFhPbeCBptsmJq7f_F_VrA8JO0fVYX6V8GlTWRa8pbkAORKiqmDg0Wh1OJrHMyRXeISc6UpzdbwtJ3qGrIEmuC2TcDwxFFF69gJ-9n5vREwLHTEaTONsVvg1huodbNR_UMI1kJi98U3cexlAwATJw4yhqwTgBAOQBgGgBnaAB9iO674CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwHgCwGADAGiDAgqBgoEw7CxArATpJPtEsgTj6iS4gPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1687442813711&ai=CeLV1fFWUZJKkFtaNtweTi4LACcDQwehvyK6g-d4Rv9mivcABEAEgh5avIGCV2oiCmAfIAQWpArVLhbbbcrI-qAMByAObBKoE7gFP0HVqHVnn6AUzj8HEKR-fwY3eqQ5hhVnVRkBrRBzm5hYqxZwaulvSyBkkvKOAY3EwOxOi9ume6xwEGuyWuzvUa3VqV9-8l-T4rzCvQQwAja4rxSZ78-sH1jteyPxkcbim5U_-z_niH3aw42Src7ttWQqLuO3DRzZl8s3dkYTYvXdqjFhPbeCBptsmJq7f_F_VrA8JO0fVYX6V8GlTWRa8pbkAORKiqmDg0Wh1OJrHMyRXeISc6UpzdbwtJ3qGrIEmuC2TcDwxFFF69gJ-9n5vREwLHTEaTONsVvg1huodbNR_UMI1kJi98U3cexlAwATJw4yhqwTgBAOQBgGgBnaAB9iO674CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwHgCwGADAGiDAgqBgoEw7CxArATpJPtEsgTj6iS4gPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4EB4 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lj77vs41&c=6198761966551&slotId=3099380983275.5&qqid=CJLSo6uG1_8CFdbG7Qodk4UAmA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.14e&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 4EB4 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C2zfcRQg8EWpu4RrwfGfb4r4fF81R9bLvfev3HEdQVZJRD9shn1Hdymf0H_rQH0FVkLMRUQnG1szI0g6ZaM6Ul58eiEQ&cry=1&dbm_d=AKAmf-B-23qKTtK5zBfwrttwf2RcWuhpH_WM_5r72faHJhaRdLtvAym50B4wwmdg6aAd68IMwCKz2nalFgOQbuif4GNNO-BWq3xNFfwAkEok0J2znnPYsSaR0NscbLFtuHh6Kt-y8rwMEgBazWTs1Cav2kmAASpD2_S3eUkKFO23VQmA9qGSs9uGvWzHVIodfwnDvtILsrZkJG-5KL4uK5cqnewRfpWfkr_3yRh6YyLY7TvBrh969PNolyzHeRDwXemClmJ_4UnTxc4Ye-Y3OxXQmzGzfBoQdegaItDzNFhWhy2smY-zdgHoeuaDKLyurIABEGbzUPt8MIXiDj_G66zmnUSuyk51bJHTBTTTW5sm9oWRnwiPe5mv4mAISX-qCeKkIBAJnx8A1avXo8wpb07nKzBeMB0B0UD79c3eKf96QHzZNXadRCxgLejK77pfR-SUqn-srWJ8GEmHloE3fHMQsKhp7QSOpzLg5a-kowgQtaq2niSs_pH_EGQC85ieBcvbXNlSSr_J1b5atfysmx7JIlcVLPynXMcyGVwc8ho-y6CArhqT94qcnvQk5uJvCACHXxrE5zQQC-nPZUrBJp_OdXjvjMkSk3u4KizNHWKkYwgKK_LyMgpadBT4TlUV64cpyYM6Jfg_6ecMxn4TqM25v7SSg6Jh7G1gkEZV8MCbvatQE640wXcvZfGimjina-oXLQORkEASc3hCmSruTEEvvRELe63GuzQNIaBZzVOhuDHjSRIU1UIcXm342jKOE3RHAz-r8nMRveI78nisl4GRQVzjNQ6fu1EkpXfVVcnIpAl4P79a-qCvdTup1C1VWSCSwmQ55JI3Rm7f3k1yMt2zVmVbHW-cfvGlpXFI-PFd4WhfmWwC75TwQAcdEFKS0RzM05AMwaCqhnGc5NX1ijV8-y5IyeQZieOY5mTs8neee2KYA6zaCbTx5XTa0NE_t8Z8XOujOjW1Oh9DNhB8jUu3LhhTngj4v3zX1xYq6nwJ1D5XH8k3sfxYss3TsuzILL-dNwI2J6rBfkoNf6RdblpKSMA6e1J-JK9Mt4T-vLYy8SuJz-zOhKtBfi-ZxtFYo7qVXXRDnSjefzUouEXrGdc_vMPS4VCPvAWAGGfqnFGv7yKsi8MLq7IiKVhl_KTjVaeL3T-6jAorMs_0tfNDM0dfNBknqQLdTfwMI-Jvwqh0s3Bdw-14QTsqdlR_yBPqPz4Xva8ZOvcdZi0cJ9Rv67ZjybwlGmkUYP5VNiOBwzgTe6FyiV66iizOE0JfiNYkv08FSKXAvdBCuylCAZs2GTMZgiAaa2XsuIGDRu5Om4P99Z3sG88FGX1fl7r6o8yNNq4EztFqh1EVFl8cdGEMkQc2RuieZRVV_l5rN39oM9PusHiYZvdELXI2SWrFSAG-QSa1XZbmWsSmZ2a8bpv83JDlt9ZtubqQASW4azMyL9KzOXsPHN09q1AsH25PLeUrnm4xK-A3E4n_4j1FkshfQGdTiT9O85BRJlTVXLzw5hYWZ_8SiNyya4v-8amt1NxK5auOqP--WX9x186E0c6B78ebXzXvABBNlKmeMZ8VerQmVf-1YQVPD4bR_x9xzRp9N4Rlhc34YMbTxhpCLodrV_stzbqnd0T8bBTL2WY4tIQ1_G9wsR0Ag-1bWusQMnGYM9snKGgZJBs88QBbLmrTZtq632uuN5ubjPWpMmfmXe8B88ghqogUKT5yM3dRiSlS00HRTx8DD0p_LsopYUmAsriRtn3txmTT06sfofEFveHQFz0eDZtVCOKanBu8as0ZsEhqkZRHIkLqKLOTfA6VT5-IX3Z5-PY_gYhSMGHWvMQErNHLTw6xiJY5X-xw9HDSawKxGhUdr4GFYkOGYVZolKSj0-rwuLJb7iCPr7O-lXliR6VnWLk7RSsRK98mExwKO65xn0vaOIwACd-q9ZW0AgFOr1WmBOG92tBrSGZ6zyUYXs4L8LFFzCpBTnp2YsGR6xJXR1GUwR5wm0TRNPpQjIBWIQ1iePUuFTNyZNmUkXgk0L9kk-gbUcPHoZFcDUWDpv35INU1h2YoaIam4-g2E1_tZDQAOsnI3LR8Y_tN_OF3Emq6ixMmMm4oleSbiDkFI2H3Wbbyx94BE0gj-aPm5291eExrHygNmgUcfgwfY8eZlJRBVUGCp0jyaRS_Lnj0Aidzz64ojaQqbUm3JanZdBnZeq7ZgmrS1hHNrgoNTQEIVSdJgxVQG2BCgH4beZhfXJjIbDVihvZhlHczswZEwR0Ds2NH9tcxAcRlR6pnoCp4dClfJbjEHSPZiFuvOohr48t1k-QA2DIsu2-aieA8URZtUbX2CGOFwzB3gAS-m4hWzMHu9a0w5CcucMyJBbL5wYhREaNoZib12gF5GS1lWM8XGlNLLfl_b7EM_zs94RN2ekZK7qfBH7yEKrPI14Lzoc5yIJaN7Icw6aedwRapv4ZdvCyQW5B7CwOPWgyjzA7EKh2-qnJBXjfpoT21Z1vguiHBybGZ01lPdEnZLLtluM81z77hMZl5mjBpKjsqzx57UIUw7HKzaRHAHZOZ8OHmL_uQVs6ikWZa5_2xgAhNlNjB7KYLpGsO1G_9ADm2JZGGB2_neQkV-Y-L-e-HzsBMw6hJfvdctQY7_z9gi8wm1UA76EQR7ggGPpUWulEZgBjTXRXNnrxBRtu9WZJUs4DZIeV3sNvn0ZazEya8vRe2gcNtng1uw-7q34jCknAYvabQK0-oNgE_gtyWr9fGeVVUYjEAU0iw6ORRi8qZgHGJK7ezeA3spS54ivB48O3OkGDUIAYgUfOGKRSXmWgffTLmIVlHZ5EUbnxGOz_C9Kap0y576adQwp3rcj8SIbkUuA5XsJ9_JKAP_WnGzLROYfkYtrFnVUVDw6lmk9EfENGlwg5O3aRHoOK3v47B_Gk9ywYWq3fLipC7KpGxAdRFy6_3E10er7yzhhFYVnIwYCuMMq4eCyzSDPxc6cwG62A4SdbD1ddoca7g8qtZITsKfIMPJ_GE9cDw1q7DRAZ647zA2F8KFn1tImfLxt0c0zyFOUKh12YEGpzf97sHMTgjpVhIodSiLqlEoapvYYYpjDqPsP0skHggxNXHLlGbS7ZyjlYI78Rn0K7gCYtebDPU8hsUrrv-0ox1JGFZaZStUs40yp0i3KLIC4roqFf_oqWbdRNoN2pWuFLv4so19Yb-030eAuqoq_Q_j8ZIAWxY0XYKXWELPmF1h-sI_hciwBOr6PB-6CeX-IscxYpvka0GWCRabhBSJNYJTm08YjzXeQ64uZJiYLPnM9UgDt7lcU11CrSz7i3wRK-qb3jSBxMjFjFN4L2-R3FqWA1dJve5iM5E5lyznlr9ElDMUn0tR0kAeo44suXuCf_OtSvzI0nFwM31wT7gAU7dKWy-jTr1Jo0RurLOvL6nPGyH_mtSbfpuAgZtZIFshXAH-wFqBNCrOpt_1xygyvkcQNQw-_jmYf9svPZgwpzI5IQ7WSd7EpVKyXV0zq8bDy-FtQ6G01bUEjZDs4R7wALoUxxIr-VHej8IyJ5ryNG0YXtjzZfx5G3DkFpSzsNMSB2o6vXGgngbEKw908d2z23RMQpiXBeX_DOVNixylfEj7yc4yRSdfb8wVT70WMyJIons1jJ-UTajQCGotS_Pc8yIeDkiDFZcTsCszqzo4ZD_0NWmSA&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
cafe /
Resource Hash
6db540001c49985d6c5c5b10a1ee34de47f9a0bb31d5cf72b0c7fd0a9409f97b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16324
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame D648 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?s8p-kg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame 74A4 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lj77vs30&c=6713859823813&slotId=3356929911906.5&qqid=CJPSo6uG1_8CFdbG7Qodk4UAmA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C44783518%2C44783849%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 74A4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 16:10:14 GMT
x-content-type-options
nosniff
age
165399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jun 2024 16:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 74A4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 22:16:07 GMT
x-content-type-options
nosniff
age
575446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 22:16:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74A4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CM8DSfFWUZJOkFtaNtweTi4LACcDQwehvyK6g-d4Rr9uivcABEAEgh5avIGCV2oiCmAfIAQWpArVLhbbbcrI-qAMByAObBKoE7gFP0DU1I63Uq49yom4JAMbC5Xbf9rdZbL5rHmFznUFABZ9JoYS2Phq9gmwCvJvn1Tc3I72KVDsaVDgPeJqlf1t1UCKNQ2Spv3tjzlLB4Pgc8h_YepFATF01Tj6qeINPWLKUtm8IfpqIRVV9-mHg8pIQPWyG2hsWxUEXCMuZJDSRAOQh0M7vZnlOt5xQiFdj1rlDuk7cPyt0_qDvUO1dSkm9-9DnwkB3IEq4VwR6VZbsMWYkjUpBLXktfXn7Ay5fwtBOXM-Zg8UbHNC_SfRSRJh-R7-9SAiwicTQM_ghe9f5qJDiMPVc9HuiblJlM1p8wATJw4yhqwTgBAOQBgGgBnaAB9iO674CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwHgCwGADAGiDAgqBgoEw7CxArATpJPtEsgTj6iS4gPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1687442813739&ai=CM8DSfFWUZJOkFtaNtweTi4LACcDQwehvyK6g-d4Rr9uivcABEAEgh5avIGCV2oiCmAfIAQWpArVLhbbbcrI-qAMByAObBKoE7gFP0DU1I63Uq49yom4JAMbC5Xbf9rdZbL5rHmFznUFABZ9JoYS2Phq9gmwCvJvn1Tc3I72KVDsaVDgPeJqlf1t1UCKNQ2Spv3tjzlLB4Pgc8h_YepFATF01Tj6qeINPWLKUtm8IfpqIRVV9-mHg8pIQPWyG2hsWxUEXCMuZJDSRAOQh0M7vZnlOt5xQiFdj1rlDuk7cPyt0_qDvUO1dSkm9-9DnwkB3IEq4VwR6VZbsMWYkjUpBLXktfXn7Ay5fwtBOXM-Zg8UbHNC_SfRSRJh-R7-9SAiwicTQM_ghe9f5qJDiMPVc9HuiblJlM1p8wATJw4yhqwTgBAOQBgGgBnaAB9iO674CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwHgCwGADAGiDAgqBgoEw7CxArATpJPtEsgTj6iS4gPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 74A4 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lj77vs4r&c=6713859823813&slotId=3356929911906.5&qqid=CJPSo6uG1_8CFdbG7Qodk4UAmA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.14x&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 74A4 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AH6l7378GSOPTBFyBhyM0rj9u0gco42fpWKeYEA2oVVD6L78K9SL2MqFymbr7MSt21NnwR4osiJCoYf0ex8_AtKRBlOQ&cry=1&dbm_d=AKAmf-BvM4SAVtnl-Y_x5r-I6lCHtYUssgD_KAH9UlRGRAeZC_cMabah96Nm_nkoamnhu6MaA58JR__C_m1PgrBBME1by9y0i349vEmxBAuvMeBJwoy_NnDVTxCLaksntHCm1vdF116Sm5CPmt5CLdca3HusLBtP5_49h_jzHh9bCJl9AiyDG2lM6JH-_7EhQUy23ZURGJTRFEm-TPRR4Gry6RkMjCgo9grVKDNvijSqalhEk9MEjIrMkuX7giHBt5lPiE4UI4IcYHyFt9MlmHAlA5xuorxK6FrrV7_m086XK-Li3AqL33LWbF3OEmB_9a2ZGM41T8LT92fAcoafqWxVaMxXScpsEhBfy_M2JQKEByXnS4MNEwZl4iY8m7H1kWlvU3rIKlNIg1hzfn19qJmRnN5I9E5aWoPIu7rTUDL-BNrToih5PW4Lb_amw-07Unih6BQ_pXl8cfFS3sYz4YQIMpJLwPzzHyduiM15Im2bbfbHLH-wxIctEGSKKrVkgJ5Nj0YJ80KgqjNe1Sp9bVnHicxhWqIc5SjenPzzUAPti0209qzURw02qdMwJW8qqHvjSKz9QLWp54gRg3rfSnDKT6PykvLBhgNsokGl1ClP6agAPES4W89wb-G7-tCYGHtsQdTNEH-7EkQMVkQefsdFs9UYmgRJobIh0OIrDeGDzDXiIJffpSgqg4FhUQqIn6RTgJksCj5EwBHtP1L1X2pqK1Pcd93472vaQwpEaz6AlAkdSO9_0SCoe_bI1aseqw3meyH3KJq1A7Tu6zSMrkBg8LtigByfrHMDDDRfcySTqw-0gCaL9dgAivn9sxCBRHXWxWHFmrl-2AMOShQyug7kr5bsIFdqrc4QvUe7ID6b2uzEGz9nRp71eQtijFgc5FUjgb5N3sEW6GIbTiPSZusXGDwHnmEvPqLpxaw4nZvoLq8xOegvtSbAqAqIkWeEgG2fK7Avz1gi-VkvrnD6nB_4XYX5NJAG-Za0vxVvcsD-QFbQT67GG-b6ocVLdyuHL_sAW0BbtpBtePPKxvUeMvEa2raKWW7hACPdku6Ohm00TDiyFVLtf5YFH2plgQkbI2sVSwo0aBwH6p3xSupEjNlY6Zs-lAiPgO4gsi3W-U1xw4NnqO_DDVcBIbluUZ5095O2fJEXDvM7pzUgTZypN2nLRAtTVYHSrHUQ6DTn0gI2WpRK1yosyNd2c5m-Xu6zJ52mhkrkNvsh0y6mqe2xMART9sIEpoLWy5CUzxBRXmWH0KxUVE51NqA1jvW-FHED8ge4EYGRwb7-BrXdrstwzD5NCNV9qPHoSdiboFRgVXwMe0287wXS2lkKDMZuf_8hV2tPchK5f44F2wLLFYh9KL4hFHXmM5xz9HioZiSbA3zcNQ5XoBcYYX7oaqnq9kuJTwbix7woU_3egGOVjy6vURmQMrcdaAoVat_U5f8QYxzNuobAi8ZJ0qjEVHX7CFqgF8JqCPVO5ncNC76Sxi5EveORyVn-gjVI0FzXdO_uSDRZJFlFPNo1vvfMgauqdi1kXufrStjneCbelymoV1G26r4Ff6RKSlLZhhftBqEpJH1Oo0Bv19UsXmV_6yV-1E0SNoit4fOOLgfybQ50B61T7pDIz3qPG5L6hVrNsIisIpSkBdtvpAJlwUQuydhCxK8xyisYrYnK-IqHk6ZDGL57JScoO-s0T2uwCwgY9tQgN5Id3URh6fImSa3zkv50ny5QmHrz0tAmV96EssTqrqgYf3Kq79Wri74bQRvju-gRVPgAgSt3jMUyZg6mLoWo8NEPuFHmqrG30i7P3RWIzobohmq1k8oFoMW66EL7QKuTZ_zAbrbTySQZcigr39tMOEmN-12Cq9q3U4_tbZdLgd__rSFYP0quPCun7pjZtQqOaJHHWLy9Nh44QmazaRRgrUheQQpHkmvdPDL2A7DJxJo9fEg7Xo1EKGRMmCmMMDb_KsjfUxVGx892iBne_qDJYgoKt9dxY_njlsByeA0JqMr2ROZWE8GrQBnloaJ2v0lqspabqJ9X9pP3HKyw52PswswLy2TiAeg8OnFfRCTVb8uKuQspHW88Q81BKDGBB1HlHeZaWkJFO4yB1Md4-rBSI8BtpovaMqgiz0OQJfhrkSasFmsEiD8W3gGL2mFeSU48BcqOWfQVezxbj23a-86qPyvt93d1khv3l9ExpbdcYphAsq-lQkPW2yB2zbBsq1sCo8W_xaTb0pR_a8AkUPKaet_gExOpixnj8Bv2Oe_6MeNGd_cwup2cAm2wI40wybKqki9qh1pGApPpWPuSRsuxG7pgdX8FPj3zks31msobHCTRM5VXsqZkXnFeMRjVrFNUT5iucjMVc9b1A0ukuWUy7Q3MqtALPMKDgp-aBz3-MpPAQ5IWKAcrwcptYmGm91xbRSyh9Dk7bl8SIXzFs5rSrbm21S9jqxaFheBIZDymfqAQ9xWwNVwuoOpJbZPRdlkOVzJ2SxkSPOL00g84MigMWGRQG56CJOWSxKJ6I34kg-0VjGPsh0g53pl2iP_fNwt8rMVVPlgo94N_CuxkeVswoP5Tj_v3r_OVTQN9aZt8uNdR4NFjX6318iuMCCcqp-8Qz12jNcSxAKSZHEUr2Qs36xIrA7zEGENyXeYKNSj1VRUBDx0-cLO4FXGzNq6M-Bt4dYg-BOIAtdWTZZRl93vAZqiMrvz4R0m8odlHn5fBRmms8uJY0R8sgSILNCC_UEXdVBWI8fJo40wk3DVgQvHMRlctxUqrNnkEtBhT8MTFXTk2FXMEudBsSmoVAiJoKm-y5AeKSpzvtXFOsha40XxVW8dyR3M5GeFeuzoJIysa8g8Y1214xtnZP5EuGOEktBMW-Zb_4qfUsQJOLBYqCAUVE6T5E3E-yhjKZpBvT4m54HWWmIBbN8UjAWSGulQZQNaM1yhEkxBm4GNBwXMDJziGzl7YhCd4QLkeQx98L0tAogS6G0m3VKg8zeCnJo0zXKvy_Ql4352Ot6lQA8npOtt2zZkEu1tXVzMN5B1kSvXV2Szb4BCV4tGlgyio4WFB8V0RHnB0m30q0BumuzxAqz9QPC2yHDk2NegbA47nfHe8dLK8fm2i63dY5LNgxYFg-euuxht5KmM_naw0UlWEBLDzqT_XORkpCxM_j8JMW9_UL3p7YMO7-p84-MRJsrr1q8GZO9KhcB6Whs2X8MZvGABnNmJvRVpoOp3RqQkLaEDCaqcHnpWdppY5yEu4YKFXC9NDvU5pBQ3Uzr_zFLIesY5NUZMc6SaXl7PRS_FJwVz33SW3bH6LTQJrsB5tALdRpQutFKEfSEsBwUe_oix6dbfK5-Vk1VwwMPToJJGWSuybXAlRX8rr2gLnfnJpHHQeXvybgm0YNoYTqtW3a6stBclFEh2E8f-aTPViiTWICAgX_11P8V3wsXYRcJN6c8G998mzb7bn-lSkJnoETLmIh4SPCLwoyOgcuFfMshi0glth-ypbmhA74jCQbddcEMGAh3m8Ulmsxp0BD8C15WLvl9Dvs6TtzH-j3baUwSbbP_A_teafwWTk34Esd9q2Zjk2DX6fypFxY9c8JjDl5HVmE4Lz5s84UuOOODP0X5u-q_D4z9KbFikkLj9805k6Yz10OiYRt2S9j5S7_Fn_Gbl5Y4flMhryqojqLeguwNRYrUHHi5g3R4Vw5W0Hxw7Q6g&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
cafe /
Resource Hash
026245284ba166828b5a5732c6008a251450c53991ae9fc3965bacfde0240f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16208
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 74A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CH8F5fFWUZJOkFtaNtweTi4LACcDQwehvyK6g-d4Rr9uivcABEAEgh5avIGCV2oiCmAfIAQWpArVLhbbbcrI-qAMBqgTrAU_QNTUjrdSrj3KibgkAxsLldt_2t1lsvmseYXOdQUAFn0mhhLY-Gr2CbAK8m-fVNzcjvYpUOxpUOA94mqV_W3VQIo1DZKm_e2POUsHg-BzyH9h6kUBMXTVOPqp4g09YspS2bwh-mohFVX36YeDykhA9bIbaGxbFQRcIy5kkNJEA5CHQzu9meU63nFCIV2PWuUO6Ttw_K3T-oO9Q7V1KSb370OfCQHcgSrhXBCJUDBmi9GIfv9iAUp7QSzjuLacvpY29ulpKizsWc7Vg7MqmYQuEfFBiJqhnGiUwAO6W_dWwZ06F3u-suBd19fDABMnDjKGrBOAEA4gF483zk0qSBQYIGxADGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB9iO674CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ1uYKGIjr-egB0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAaIMCCoGCgTDsLECsBOkk-0SyBOPqJLiA9ATANgTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi03MjkwNjM3NTQ0NzUyNzA2GJ-GBugXBQ&sigh=cYE2Ynwab8o&uach_m=[UACH]&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&vt=10
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame C7A3 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIvZ1RHZhgwoedMEx_GEThJqAACROavT_Pr0twrZfNgDEkL--t1Ay9D0QiO0A3MKFxZ_5qQOdB1DMa1D9PAwYRbaOnd-blkPQ_fELBD5FI986jwrvQbSJmCDsqGthRoNPVy63_GJbtiU6iOksfdv1VVSgCv0H1I6x9sbwaSQYCHsb1i7E&dbm_d=AKAmf-DahIN9utjzS6tfGlZDFNJ65xtThLswH4ZRNWkPSHtrA_clSQLgXDS8bKEAWt_-NpEYOWxvNbz-wn29weuSdjOzLWdPp70ctHY1KW7aKWXp5iUhmIgs5LbdTUuPy_3WMWq1DgJBDUNiA_0vIUQJqRclwR119iqMeQKy55EyKVrBEamuyEGloRWNDtRt955AMMWWEdadUNFmPs3zTJnQNQ9Lz0tvzakaBMiFWiM63MkR6SLGheDgs3JOuC6q0Rx5coWSylP14mdzI18NVMRf2qb_kmh-I1b5dHC6VfTqRAu2mJCJolKGOaXcxwfS8r9HnKvkIzDZbtvZkQlqm_UmPYlOIE_vN9HAfgNg_J1-V4KJCkdBTGZ-LsRR7WoNcjO_Jwi5cZ2lqLd0UdsaKoBACFjmiJeykNPZFoWwvNZrr3y_EM9K7YaK44-oG4vb83uqQtv-o3hrNkYwbNHXNfJACzWOgDxQDe5hc1r1J0cqPK4hHDy-tor7qtYYhPf24kaQA4SZ_J0TMikePMESdsTrwTOeZ73aU5nIxZnUfSqP1TXD0Huaw2LgEL2Xs8RYZMaFlQUK2vCpyT1ppf-2GktrSQ4OYVprQAcsWksjr9R4WHDd3G3gn80V4gWRJz9fqG3LjkwKpiDtiITBmyntuvzvGADOzwu4a5LOoq0Jl8Tj6962TLaS0Cke45z2n3-10GBruV-GEbXbKtHHH45Opb-HpUWlaZ-BRzWetEHO3NAVzzHNWyEfq6j2A2oC32ZN6eWQ6rvcGhiTau5JmHPyCaAygcVh2dhzxZLSSFAloYfDaTVV1AcgPJPHqH2oFiDyr_eUY7ixaAyeUbs3logPY6HvrBmWHuP_3iiu_SC0fg82nHfZwbHz3BK_fLmHUdXIC2oM6pF9tg7pZft0vrPLRRrRoCsiHU7JKKJtgw2QArhVgZNCUKAiO_IRa3WAinhp_-0Znh6M_dYhAtUh6HcKPFRNpOZzZ1fGPFBskze9RBIPo_E9qssAsJhb123bWeUnegPwZy2Jxmsqrt4QAGFaBQR_g61Q0Sqt0mq_fkLaH5Pd01q1NQSuQ97YMqdYbgMDtwBkNeNcm5TYPozbc1bonfAJMclNbbnUkC_PPMZRWiT1mLYrLTrxt2PTlCXPZlr1JixwkSfx7N9YOINXj8FSMxldpXG3yHD6isj5Y-Ij4yYicVuOdIR6psiMF21JwVQqnU19WUvXEAKgZwVFRIKO1MoKTYb9W9pawQCeWdqX1ZOOrNRnPAYA3O1sAV-FTHRqCtRdOED6UsyKK51wq7uv7IQR165JO50aaD1yKxP_p17BipWbK-k-rdGnh2znDilj0osIxIKs6xFchdHpQP-5Ce4-1MZw1IYjyjO3T3-Hrs0VB_Pd4jK0o327z5qXPk_9qzob9gDYh6ZHEpvGeCA44ItoiqJDmdddQ7D6fLKFPpA2YGdH-VX7rTz9cT8venR2nwWgMAq6r7F06jybw2MKwDlzbyNBCUP7ON-x1cSOiYY6mAsBgy2dszulNHf45ROs2TMre04Rpjrqx3jaIp-EHtMvoi8hfBUlsREUMohwbCMoQfpN0Z3Ydedkd1WZZr0JJSTa47zu25Yun7UNLcOgwTVMIp_aivcpjWKz_rTZBH0OH1T7Fi2mKYPNHAnM5nB_wCTvJ_OpNltgHeggPCiJ-xiLDcccFnIP-LDr7mokHrEX5GeCRqeYbi5oqLpm9nZvOh0mzj_vLn8TGPMwiVMqK8gUq4ieFPv1d72oB6Yogn0ZaQvZfzS2s4popg5ZJkSwsq9viJJeTcRkR6gMtc6co_pwGIQPAsgu2-PnOl79ymIyFemSgMJbSxPq0RfQNpGWNYw2LKo90bjes4tdB1KRR7FVlZxE6RfoAs8dSA5EkCHvxLXszf4mVv6NhfO0_r6ldQYsgOHfNe0Tq-nWYd15_dlQrnsdQ-BDPtjA20clvfUU14angrvBW1mafp6HljpMyhhiMdjwdCSNVFDieGtEhLNcXtn6n3mHv3NjGOkJN-AKVROCd-nXg30BGo6_j2fSsHlB6h_jbHI-yaUcRpYIJjzlGmaUt3M9dFR5TApFnESOooJAl4kE07yy9rHJrrVQWwKLmWSivmkV6FoSIkMCH5FOm-J1bjXsdkVhYarZjtXsJ8BCnmKJcMcKEFionzHN-Sqo5Z9geaWffGzF0jWv-4cUBzki-8WIXnleXpFuqiqYPMN42g5xZ1nCOzMWyz8a_ZfCcjn2o-87mC3Fx_9MsceK2yikwO3NJbqeeopy9NqPT_drZwX8jcrY4MRazz3tiU7WI4FBZ-LkVSxcKpGl0ol92cVGJUpDaaZIyAD5S1E5e08Xq-iGA2UPJNojjgt1v5hv7BSb_Hwigmp-I11i7pb5vwyJ7uKpquWFkbh8ttfyRZi8ZhhTL5StjnNez-p9BW-U-g4mFzy2GwvmSeYPzAO_7JXCiwS5TZzkSI8RdX_7YAZwpuqyuTXaMUNloMQOZfyF4KyxFvUQ0R064V_w2NrYhsrodzpQpHVyLppharmPm_nbWHmSEP1rNgq5aShK97eacK-7lyDYHO1ny-ySpsP0v_mzXfQ59hkD-NU8rDB-dec5-OlKOK9mWbvz7AiZ8FLJbcTmm1uRFOK7PdOd2TzVCvpFxfDbrWbfVMcWYdGoEtH86Qjy1nybj8LsggdmlMAKyToYi8YeXvaYo9jdBbJXzKqp_R4NYFSw69KEwDRT2X2OLFNf5T3zgK7tX72UzJzx6W35s_rT0f4I894bpHcOG-4SvQ5EpAFAKQiEWTKTCYksCwS4P740Ps9QwcU6zauOrHyRrddksVERJqQVbZULSs6I-MFPu4zDQbyAU51jdMytmj0sgW3OQEHIg7N2KzB-KfrtUc3RLOlPq0wJnRonqzoDUjhawMQhBcElmmcNyXz-tf6_VyIsQ5T6HTeoV3GlT-czxB890TpIdPlsXL8HxuhNNbYkTFyYMCmhY75_eao3ViTdIwaPh4AZ4NfEIfa7tVsPYKXWAPhZtxLrveMQsKs-C7MPOwXHQZ5SKeQe0Y74I1-hZLcZhJaDhRg-JN7HcQuMVKBdJSaUeelZ0A-5wSdGiBGGhl90wnb2vstICIcyta6-Ajg-hNRCVYgMD3beaIVGuSX6wHyoY3wGSL4M_v7qHCAE5p9_C4b9Upr8_3q6WxQ_sj8wzoN_kgOtAMpksQ6MmP3hK7dKSHZ6sB6TYsGn_9Xkwq-uS191JHrqjbB75BlkKFMUVJngeEOQipBfXCerIORPatM2jqQq7wwokoJYI32lkZxGv8MQq2AFPI26i41BK9bfJMw2SeqUVNCzjC7B8qqugGK0lojk-6bJBA8S8R9DihsRaaTGR8zN5eeajumVl5MQwYTDKrYVSNsfQBWxf25Q59orFbk9mMpnQlg5MSBXx53DyXRUiN8Lqw68E2n0pIsa-WYOh66IisiAu9pADAwr_ySyMtJUMZJx2oJPtbqQ7kuaWWQ0wPB0rUyzVG6ZZ7O57NZwr7DHqOrwNln7WhCJ&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsays.com%2Fmy&ds=l&xdt=1&iif=1&cor=1397997167714536200&adk=4188270525&idt=259&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 17:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
75376
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11398
x-xss-protection
0
server
cafe
etag
3934322099733601226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Jul 2023 17:10:37 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame C7A3 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIvZ1RHZhgwoedMEx_GEThJqAACROavT_Pr0twrZfNgDEkL--t1Ay9D0QiO0A3MKFxZ_5qQOdB1DMa1D9PAwYRbaOnd-blkPQ_fELBD5FI986jwrvQbSJmCDsqGthRoNPVy63_GJbtiU6iOksfdv1VVSgCv0H1I6x9sbwaSQYCHsb1i7E&dbm_d=AKAmf-DahIN9utjzS6tfGlZDFNJ65xtThLswH4ZRNWkPSHtrA_clSQLgXDS8bKEAWt_-NpEYOWxvNbz-wn29weuSdjOzLWdPp70ctHY1KW7aKWXp5iUhmIgs5LbdTUuPy_3WMWq1DgJBDUNiA_0vIUQJqRclwR119iqMeQKy55EyKVrBEamuyEGloRWNDtRt955AMMWWEdadUNFmPs3zTJnQNQ9Lz0tvzakaBMiFWiM63MkR6SLGheDgs3JOuC6q0Rx5coWSylP14mdzI18NVMRf2qb_kmh-I1b5dHC6VfTqRAu2mJCJolKGOaXcxwfS8r9HnKvkIzDZbtvZkQlqm_UmPYlOIE_vN9HAfgNg_J1-V4KJCkdBTGZ-LsRR7WoNcjO_Jwi5cZ2lqLd0UdsaKoBACFjmiJeykNPZFoWwvNZrr3y_EM9K7YaK44-oG4vb83uqQtv-o3hrNkYwbNHXNfJACzWOgDxQDe5hc1r1J0cqPK4hHDy-tor7qtYYhPf24kaQA4SZ_J0TMikePMESdsTrwTOeZ73aU5nIxZnUfSqP1TXD0Huaw2LgEL2Xs8RYZMaFlQUK2vCpyT1ppf-2GktrSQ4OYVprQAcsWksjr9R4WHDd3G3gn80V4gWRJz9fqG3LjkwKpiDtiITBmyntuvzvGADOzwu4a5LOoq0Jl8Tj6962TLaS0Cke45z2n3-10GBruV-GEbXbKtHHH45Opb-HpUWlaZ-BRzWetEHO3NAVzzHNWyEfq6j2A2oC32ZN6eWQ6rvcGhiTau5JmHPyCaAygcVh2dhzxZLSSFAloYfDaTVV1AcgPJPHqH2oFiDyr_eUY7ixaAyeUbs3logPY6HvrBmWHuP_3iiu_SC0fg82nHfZwbHz3BK_fLmHUdXIC2oM6pF9tg7pZft0vrPLRRrRoCsiHU7JKKJtgw2QArhVgZNCUKAiO_IRa3WAinhp_-0Znh6M_dYhAtUh6HcKPFRNpOZzZ1fGPFBskze9RBIPo_E9qssAsJhb123bWeUnegPwZy2Jxmsqrt4QAGFaBQR_g61Q0Sqt0mq_fkLaH5Pd01q1NQSuQ97YMqdYbgMDtwBkNeNcm5TYPozbc1bonfAJMclNbbnUkC_PPMZRWiT1mLYrLTrxt2PTlCXPZlr1JixwkSfx7N9YOINXj8FSMxldpXG3yHD6isj5Y-Ij4yYicVuOdIR6psiMF21JwVQqnU19WUvXEAKgZwVFRIKO1MoKTYb9W9pawQCeWdqX1ZOOrNRnPAYA3O1sAV-FTHRqCtRdOED6UsyKK51wq7uv7IQR165JO50aaD1yKxP_p17BipWbK-k-rdGnh2znDilj0osIxIKs6xFchdHpQP-5Ce4-1MZw1IYjyjO3T3-Hrs0VB_Pd4jK0o327z5qXPk_9qzob9gDYh6ZHEpvGeCA44ItoiqJDmdddQ7D6fLKFPpA2YGdH-VX7rTz9cT8venR2nwWgMAq6r7F06jybw2MKwDlzbyNBCUP7ON-x1cSOiYY6mAsBgy2dszulNHf45ROs2TMre04Rpjrqx3jaIp-EHtMvoi8hfBUlsREUMohwbCMoQfpN0Z3Ydedkd1WZZr0JJSTa47zu25Yun7UNLcOgwTVMIp_aivcpjWKz_rTZBH0OH1T7Fi2mKYPNHAnM5nB_wCTvJ_OpNltgHeggPCiJ-xiLDcccFnIP-LDr7mokHrEX5GeCRqeYbi5oqLpm9nZvOh0mzj_vLn8TGPMwiVMqK8gUq4ieFPv1d72oB6Yogn0ZaQvZfzS2s4popg5ZJkSwsq9viJJeTcRkR6gMtc6co_pwGIQPAsgu2-PnOl79ymIyFemSgMJbSxPq0RfQNpGWNYw2LKo90bjes4tdB1KRR7FVlZxE6RfoAs8dSA5EkCHvxLXszf4mVv6NhfO0_r6ldQYsgOHfNe0Tq-nWYd15_dlQrnsdQ-BDPtjA20clvfUU14angrvBW1mafp6HljpMyhhiMdjwdCSNVFDieGtEhLNcXtn6n3mHv3NjGOkJN-AKVROCd-nXg30BGo6_j2fSsHlB6h_jbHI-yaUcRpYIJjzlGmaUt3M9dFR5TApFnESOooJAl4kE07yy9rHJrrVQWwKLmWSivmkV6FoSIkMCH5FOm-J1bjXsdkVhYarZjtXsJ8BCnmKJcMcKEFionzHN-Sqo5Z9geaWffGzF0jWv-4cUBzki-8WIXnleXpFuqiqYPMN42g5xZ1nCOzMWyz8a_ZfCcjn2o-87mC3Fx_9MsceK2yikwO3NJbqeeopy9NqPT_drZwX8jcrY4MRazz3tiU7WI4FBZ-LkVSxcKpGl0ol92cVGJUpDaaZIyAD5S1E5e08Xq-iGA2UPJNojjgt1v5hv7BSb_Hwigmp-I11i7pb5vwyJ7uKpquWFkbh8ttfyRZi8ZhhTL5StjnNez-p9BW-U-g4mFzy2GwvmSeYPzAO_7JXCiwS5TZzkSI8RdX_7YAZwpuqyuTXaMUNloMQOZfyF4KyxFvUQ0R064V_w2NrYhsrodzpQpHVyLppharmPm_nbWHmSEP1rNgq5aShK97eacK-7lyDYHO1ny-ySpsP0v_mzXfQ59hkD-NU8rDB-dec5-OlKOK9mWbvz7AiZ8FLJbcTmm1uRFOK7PdOd2TzVCvpFxfDbrWbfVMcWYdGoEtH86Qjy1nybj8LsggdmlMAKyToYi8YeXvaYo9jdBbJXzKqp_R4NYFSw69KEwDRT2X2OLFNf5T3zgK7tX72UzJzx6W35s_rT0f4I894bpHcOG-4SvQ5EpAFAKQiEWTKTCYksCwS4P740Ps9QwcU6zauOrHyRrddksVERJqQVbZULSs6I-MFPu4zDQbyAU51jdMytmj0sgW3OQEHIg7N2KzB-KfrtUc3RLOlPq0wJnRonqzoDUjhawMQhBcElmmcNyXz-tf6_VyIsQ5T6HTeoV3GlT-czxB890TpIdPlsXL8HxuhNNbYkTFyYMCmhY75_eao3ViTdIwaPh4AZ4NfEIfa7tVsPYKXWAPhZtxLrveMQsKs-C7MPOwXHQZ5SKeQe0Y74I1-hZLcZhJaDhRg-JN7HcQuMVKBdJSaUeelZ0A-5wSdGiBGGhl90wnb2vstICIcyta6-Ajg-hNRCVYgMD3beaIVGuSX6wHyoY3wGSL4M_v7qHCAE5p9_C4b9Upr8_3q6WxQ_sj8wzoN_kgOtAMpksQ6MmP3hK7dKSHZ6sB6TYsGn_9Xkwq-uS191JHrqjbB75BlkKFMUVJngeEOQipBfXCerIORPatM2jqQq7wwokoJYI32lkZxGv8MQq2AFPI26i41BK9bfJMw2SeqUVNCzjC7B8qqugGK0lojk-6bJBA8S8R9DihsRaaTGR8zN5eeajumVl5MQwYTDKrYVSNsfQBWxf25Q59orFbk9mMpnQlg5MSBXx53DyXRUiN8Lqw68E2n0pIsa-WYOh66IisiAu9pADAwr_ySyMtJUMZJx2oJPtbqQ7kuaWWQ0wPB0rUyzVG6ZZ7O57NZwr7DHqOrwNln7WhCJ&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsays.com%2Fmy&ds=l&xdt=1&iif=1&cor=1397997167714536200&adk=4188270525&idt=259&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 19:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
68059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Jul 2023 19:12:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C7A3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssoP4IdlNonwDb8-4UaXblY6kt6oSuWGFODml69tIj4bRrqFK8l_ZboH9bJYLJ56ugLv9LodaFJ0GMGRKZxAmBUarFT3IiXpk7KrTzqioDSvduCAdKovr5dW8twsmJc6i_7b0f4_NIOMXirYWVkChQpdnW-lEZWo0rQVPTJTmG4qtQN3-3Qon23-KRDjCJomCuKB8v1F4Y3O8V3iJF2wOTASDoewLtEXIT5TlyMfSVDbamUG0JNqzYs8qHv-UQ3QlGmCKOPfxBnr-SAfF1MkBu2JoN-8m8CVI0OF-KtULVYqDgybkDC4r_zGzoevXdJGa1Ahh3wGV2wm_XoVKzWo4H877Xsk5UesIVhf4uhiDSmjt4dQQFgsVOknIQL6bM0hYo8mbGhKqZuKCQA5aFmvwcYf8ph67fU6LGxJM5vwVR00HlPISU-hVgjcar-WHZuzJ2PmmenOI6AmaREkoFr4HbowWQicsLAQMjjId2PEjYzDhGPf8WOl0KXLK0wQLXstxXjMDUBeDkqvV5zuErtJvp8Sn_B57uy5Q8M0FkpgADctG6DJBJBjjwxMVz-mtDVBxnGaAdua9GyOKQGO8Q33DXKTl-hl9il8bf_0x7hM_HwS9DOR6dS7UHf-Rm19jCqvdmNirg4eP5rWzuU4atU8cX0LAR_o_4qhngW5mR0yaoHKJC02N-sS7UbnG3vv0DRKrgtO8Z7WrgxMqGnZXR0rCJm_ncykE_Mqlg21_Ay2AFptZunP0uh1FOvvtxVtVZnPc4_0emGmIMYR59Rt0DohQAx_x-vx2aDrxlUcCdHIGTM-LfX5aDR9bckgwlSbNf4W1wNkoLDKRYfviMnYUgIkSI4DF0bEITkuw8AbFqEjWB-e_ASlNIKm4tvndYuqYfKknAdAMIfqlYt7cdq6RXG1fNHB09Jsop5wzdtO3w9f-alXND8nqBwLbTkR424kE8eKX0BvYOYTlrjBa_slL-ubQjZ-L-zch7OknYlDEVQF_q8R1S0Fi2KMIX4L_zHib0vKpmv4de8nuHAR9UOnnCTGHIk8nQTT_eHJWgqyEDhTCHBYpS18nZwFBzhQUAYkKibUnr5q5LGKPXvD-IepwfQxNwd9BWbYOoozcKs3SvadiT6NxN_f-OwkvP6QhOiTBBWgvXg9jdAQSrS-ZPxYYB_czs5ATjDn_ek3VAjiHyEND1uDYLH8at8eJi7lTDvwvZxYuSfkXzMlCAuFiNGAOSkmOB18RTv5AJ47JrC_g&sai=AMfl-YSfTOdT-I0dAZZwTm897a_iCH0vs9TxXgdzgV33Ew0EM5bm1EZT3QhuL1c4K8rdTVfzqq7wTxNxhPhs2n5sEtPhAXwQfmlQ-MyfVFLPy07iXLxWeOcM_Dr2soUCHOHOSSv3wxxEP4qO1fh20TiWEbOx7O4F12GlMxbugYUJhMadQLT3GjuEIVbLFgZwjV_MJKlLwxIaONHZq7zbdNjtIvYhyqAdBV1UD1wrdSFPKmFCO6COI7yUyFu8ywuM3N9tsq1ojwlDhPAq1SBoArBnExXElXgkM6cmSf6l&sig=Cg0ArKJSzF65nK0flKPAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230620.85976&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIvZ1RHZhgwoedMEx_GEThJqAACROavT_Pr0twrZfNgDEkL--t1Ay9D0QiO0A3MKFxZ_5qQOdB1DMa1D9PAwYRbaOnd-blkPQ_fELBD5FI986jwrvQbSJmCDsqGthRoNPVy63_GJbtiU6iOksfdv1VVSgCv0H1I6x9sbwaSQYCHsb1i7E&dbm_d=AKAmf-DahIN9utjzS6tfGlZDFNJ65xtThLswH4ZRNWkPSHtrA_clSQLgXDS8bKEAWt_-NpEYOWxvNbz-wn29weuSdjOzLWdPp70ctHY1KW7aKWXp5iUhmIgs5LbdTUuPy_3WMWq1DgJBDUNiA_0vIUQJqRclwR119iqMeQKy55EyKVrBEamuyEGloRWNDtRt955AMMWWEdadUNFmPs3zTJnQNQ9Lz0tvzakaBMiFWiM63MkR6SLGheDgs3JOuC6q0Rx5coWSylP14mdzI18NVMRf2qb_kmh-I1b5dHC6VfTqRAu2mJCJolKGOaXcxwfS8r9HnKvkIzDZbtvZkQlqm_UmPYlOIE_vN9HAfgNg_J1-V4KJCkdBTGZ-LsRR7WoNcjO_Jwi5cZ2lqLd0UdsaKoBACFjmiJeykNPZFoWwvNZrr3y_EM9K7YaK44-oG4vb83uqQtv-o3hrNkYwbNHXNfJACzWOgDxQDe5hc1r1J0cqPK4hHDy-tor7qtYYhPf24kaQA4SZ_J0TMikePMESdsTrwTOeZ73aU5nIxZnUfSqP1TXD0Huaw2LgEL2Xs8RYZMaFlQUK2vCpyT1ppf-2GktrSQ4OYVprQAcsWksjr9R4WHDd3G3gn80V4gWRJz9fqG3LjkwKpiDtiITBmyntuvzvGADOzwu4a5LOoq0Jl8Tj6962TLaS0Cke45z2n3-10GBruV-GEbXbKtHHH45Opb-HpUWlaZ-BRzWetEHO3NAVzzHNWyEfq6j2A2oC32ZN6eWQ6rvcGhiTau5JmHPyCaAygcVh2dhzxZLSSFAloYfDaTVV1AcgPJPHqH2oFiDyr_eUY7ixaAyeUbs3logPY6HvrBmWHuP_3iiu_SC0fg82nHfZwbHz3BK_fLmHUdXIC2oM6pF9tg7pZft0vrPLRRrRoCsiHU7JKKJtgw2QArhVgZNCUKAiO_IRa3WAinhp_-0Znh6M_dYhAtUh6HcKPFRNpOZzZ1fGPFBskze9RBIPo_E9qssAsJhb123bWeUnegPwZy2Jxmsqrt4QAGFaBQR_g61Q0Sqt0mq_fkLaH5Pd01q1NQSuQ97YMqdYbgMDtwBkNeNcm5TYPozbc1bonfAJMclNbbnUkC_PPMZRWiT1mLYrLTrxt2PTlCXPZlr1JixwkSfx7N9YOINXj8FSMxldpXG3yHD6isj5Y-Ij4yYicVuOdIR6psiMF21JwVQqnU19WUvXEAKgZwVFRIKO1MoKTYb9W9pawQCeWdqX1ZOOrNRnPAYA3O1sAV-FTHRqCtRdOED6UsyKK51wq7uv7IQR165JO50aaD1yKxP_p17BipWbK-k-rdGnh2znDilj0osIxIKs6xFchdHpQP-5Ce4-1MZw1IYjyjO3T3-Hrs0VB_Pd4jK0o327z5qXPk_9qzob9gDYh6ZHEpvGeCA44ItoiqJDmdddQ7D6fLKFPpA2YGdH-VX7rTz9cT8venR2nwWgMAq6r7F06jybw2MKwDlzbyNBCUP7ON-x1cSOiYY6mAsBgy2dszulNHf45ROs2TMre04Rpjrqx3jaIp-EHtMvoi8hfBUlsREUMohwbCMoQfpN0Z3Ydedkd1WZZr0JJSTa47zu25Yun7UNLcOgwTVMIp_aivcpjWKz_rTZBH0OH1T7Fi2mKYPNHAnM5nB_wCTvJ_OpNltgHeggPCiJ-xiLDcccFnIP-LDr7mokHrEX5GeCRqeYbi5oqLpm9nZvOh0mzj_vLn8TGPMwiVMqK8gUq4ieFPv1d72oB6Yogn0ZaQvZfzS2s4popg5ZJkSwsq9viJJeTcRkR6gMtc6co_pwGIQPAsgu2-PnOl79ymIyFemSgMJbSxPq0RfQNpGWNYw2LKo90bjes4tdB1KRR7FVlZxE6RfoAs8dSA5EkCHvxLXszf4mVv6NhfO0_r6ldQYsgOHfNe0Tq-nWYd15_dlQrnsdQ-BDPtjA20clvfUU14angrvBW1mafp6HljpMyhhiMdjwdCSNVFDieGtEhLNcXtn6n3mHv3NjGOkJN-AKVROCd-nXg30BGo6_j2fSsHlB6h_jbHI-yaUcRpYIJjzlGmaUt3M9dFR5TApFnESOooJAl4kE07yy9rHJrrVQWwKLmWSivmkV6FoSIkMCH5FOm-J1bjXsdkVhYarZjtXsJ8BCnmKJcMcKEFionzHN-Sqo5Z9geaWffGzF0jWv-4cUBzki-8WIXnleXpFuqiqYPMN42g5xZ1nCOzMWyz8a_ZfCcjn2o-87mC3Fx_9MsceK2yikwO3NJbqeeopy9NqPT_drZwX8jcrY4MRazz3tiU7WI4FBZ-LkVSxcKpGl0ol92cVGJUpDaaZIyAD5S1E5e08Xq-iGA2UPJNojjgt1v5hv7BSb_Hwigmp-I11i7pb5vwyJ7uKpquWFkbh8ttfyRZi8ZhhTL5StjnNez-p9BW-U-g4mFzy2GwvmSeYPzAO_7JXCiwS5TZzkSI8RdX_7YAZwpuqyuTXaMUNloMQOZfyF4KyxFvUQ0R064V_w2NrYhsrodzpQpHVyLppharmPm_nbWHmSEP1rNgq5aShK97eacK-7lyDYHO1ny-ySpsP0v_mzXfQ59hkD-NU8rDB-dec5-OlKOK9mWbvz7AiZ8FLJbcTmm1uRFOK7PdOd2TzVCvpFxfDbrWbfVMcWYdGoEtH86Qjy1nybj8LsggdmlMAKyToYi8YeXvaYo9jdBbJXzKqp_R4NYFSw69KEwDRT2X2OLFNf5T3zgK7tX72UzJzx6W35s_rT0f4I894bpHcOG-4SvQ5EpAFAKQiEWTKTCYksCwS4P740Ps9QwcU6zauOrHyRrddksVERJqQVbZULSs6I-MFPu4zDQbyAU51jdMytmj0sgW3OQEHIg7N2KzB-KfrtUc3RLOlPq0wJnRonqzoDUjhawMQhBcElmmcNyXz-tf6_VyIsQ5T6HTeoV3GlT-czxB890TpIdPlsXL8HxuhNNbYkTFyYMCmhY75_eao3ViTdIwaPh4AZ4NfEIfa7tVsPYKXWAPhZtxLrveMQsKs-C7MPOwXHQZ5SKeQe0Y74I1-hZLcZhJaDhRg-JN7HcQuMVKBdJSaUeelZ0A-5wSdGiBGGhl90wnb2vstICIcyta6-Ajg-hNRCVYgMD3beaIVGuSX6wHyoY3wGSL4M_v7qHCAE5p9_C4b9Upr8_3q6WxQ_sj8wzoN_kgOtAMpksQ6MmP3hK7dKSHZ6sB6TYsGn_9Xkwq-uS191JHrqjbB75BlkKFMUVJngeEOQipBfXCerIORPatM2jqQq7wwokoJYI32lkZxGv8MQq2AFPI26i41BK9bfJMw2SeqUVNCzjC7B8qqugGK0lojk-6bJBA8S8R9DihsRaaTGR8zN5eeajumVl5MQwYTDKrYVSNsfQBWxf25Q59orFbk9mMpnQlg5MSBXx53DyXRUiN8Lqw68E2n0pIsa-WYOh66IisiAu9pADAwr_ySyMtJUMZJx2oJPtbqQ7kuaWWQ0wPB0rUyzVG6ZZ7O57NZwr7DHqOrwNln7WhCJ&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsays.com%2Fmy&ds=l&xdt=1&iif=1&cor=1397997167714536200&adk=4188270525&idt=259&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 22 Jun 2023 14:06:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C7A3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIvZ1RHZhgwoedMEx_GEThJqAACROavT_Pr0twrZfNgDEkL--t1Ay9D0QiO0A3MKFxZ_5qQOdB1DMa1D9PAwYRbaOnd-blkPQ_fELBD5FI986jwrvQbSJmCDsqGthRoNPVy63_GJbtiU6iOksfdv1VVSgCv0H1I6x9sbwaSQYCHsb1i7E&dbm_d=AKAmf-DahIN9utjzS6tfGlZDFNJ65xtThLswH4ZRNWkPSHtrA_clSQLgXDS8bKEAWt_-NpEYOWxvNbz-wn29weuSdjOzLWdPp70ctHY1KW7aKWXp5iUhmIgs5LbdTUuPy_3WMWq1DgJBDUNiA_0vIUQJqRclwR119iqMeQKy55EyKVrBEamuyEGloRWNDtRt955AMMWWEdadUNFmPs3zTJnQNQ9Lz0tvzakaBMiFWiM63MkR6SLGheDgs3JOuC6q0Rx5coWSylP14mdzI18NVMRf2qb_kmh-I1b5dHC6VfTqRAu2mJCJolKGOaXcxwfS8r9HnKvkIzDZbtvZkQlqm_UmPYlOIE_vN9HAfgNg_J1-V4KJCkdBTGZ-LsRR7WoNcjO_Jwi5cZ2lqLd0UdsaKoBACFjmiJeykNPZFoWwvNZrr3y_EM9K7YaK44-oG4vb83uqQtv-o3hrNkYwbNHXNfJACzWOgDxQDe5hc1r1J0cqPK4hHDy-tor7qtYYhPf24kaQA4SZ_J0TMikePMESdsTrwTOeZ73aU5nIxZnUfSqP1TXD0Huaw2LgEL2Xs8RYZMaFlQUK2vCpyT1ppf-2GktrSQ4OYVprQAcsWksjr9R4WHDd3G3gn80V4gWRJz9fqG3LjkwKpiDtiITBmyntuvzvGADOzwu4a5LOoq0Jl8Tj6962TLaS0Cke45z2n3-10GBruV-GEbXbKtHHH45Opb-HpUWlaZ-BRzWetEHO3NAVzzHNWyEfq6j2A2oC32ZN6eWQ6rvcGhiTau5JmHPyCaAygcVh2dhzxZLSSFAloYfDaTVV1AcgPJPHqH2oFiDyr_eUY7ixaAyeUbs3logPY6HvrBmWHuP_3iiu_SC0fg82nHfZwbHz3BK_fLmHUdXIC2oM6pF9tg7pZft0vrPLRRrRoCsiHU7JKKJtgw2QArhVgZNCUKAiO_IRa3WAinhp_-0Znh6M_dYhAtUh6HcKPFRNpOZzZ1fGPFBskze9RBIPo_E9qssAsJhb123bWeUnegPwZy2Jxmsqrt4QAGFaBQR_g61Q0Sqt0mq_fkLaH5Pd01q1NQSuQ97YMqdYbgMDtwBkNeNcm5TYPozbc1bonfAJMclNbbnUkC_PPMZRWiT1mLYrLTrxt2PTlCXPZlr1JixwkSfx7N9YOINXj8FSMxldpXG3yHD6isj5Y-Ij4yYicVuOdIR6psiMF21JwVQqnU19WUvXEAKgZwVFRIKO1MoKTYb9W9pawQCeWdqX1ZOOrNRnPAYA3O1sAV-FTHRqCtRdOED6UsyKK51wq7uv7IQR165JO50aaD1yKxP_p17BipWbK-k-rdGnh2znDilj0osIxIKs6xFchdHpQP-5Ce4-1MZw1IYjyjO3T3-Hrs0VB_Pd4jK0o327z5qXPk_9qzob9gDYh6ZHEpvGeCA44ItoiqJDmdddQ7D6fLKFPpA2YGdH-VX7rTz9cT8venR2nwWgMAq6r7F06jybw2MKwDlzbyNBCUP7ON-x1cSOiYY6mAsBgy2dszulNHf45ROs2TMre04Rpjrqx3jaIp-EHtMvoi8hfBUlsREUMohwbCMoQfpN0Z3Ydedkd1WZZr0JJSTa47zu25Yun7UNLcOgwTVMIp_aivcpjWKz_rTZBH0OH1T7Fi2mKYPNHAnM5nB_wCTvJ_OpNltgHeggPCiJ-xiLDcccFnIP-LDr7mokHrEX5GeCRqeYbi5oqLpm9nZvOh0mzj_vLn8TGPMwiVMqK8gUq4ieFPv1d72oB6Yogn0ZaQvZfzS2s4popg5ZJkSwsq9viJJeTcRkR6gMtc6co_pwGIQPAsgu2-PnOl79ymIyFemSgMJbSxPq0RfQNpGWNYw2LKo90bjes4tdB1KRR7FVlZxE6RfoAs8dSA5EkCHvxLXszf4mVv6NhfO0_r6ldQYsgOHfNe0Tq-nWYd15_dlQrnsdQ-BDPtjA20clvfUU14angrvBW1mafp6HljpMyhhiMdjwdCSNVFDieGtEhLNcXtn6n3mHv3NjGOkJN-AKVROCd-nXg30BGo6_j2fSsHlB6h_jbHI-yaUcRpYIJjzlGmaUt3M9dFR5TApFnESOooJAl4kE07yy9rHJrrVQWwKLmWSivmkV6FoSIkMCH5FOm-J1bjXsdkVhYarZjtXsJ8BCnmKJcMcKEFionzHN-Sqo5Z9geaWffGzF0jWv-4cUBzki-8WIXnleXpFuqiqYPMN42g5xZ1nCOzMWyz8a_ZfCcjn2o-87mC3Fx_9MsceK2yikwO3NJbqeeopy9NqPT_drZwX8jcrY4MRazz3tiU7WI4FBZ-LkVSxcKpGl0ol92cVGJUpDaaZIyAD5S1E5e08Xq-iGA2UPJNojjgt1v5hv7BSb_Hwigmp-I11i7pb5vwyJ7uKpquWFkbh8ttfyRZi8ZhhTL5StjnNez-p9BW-U-g4mFzy2GwvmSeYPzAO_7JXCiwS5TZzkSI8RdX_7YAZwpuqyuTXaMUNloMQOZfyF4KyxFvUQ0R064V_w2NrYhsrodzpQpHVyLppharmPm_nbWHmSEP1rNgq5aShK97eacK-7lyDYHO1ny-ySpsP0v_mzXfQ59hkD-NU8rDB-dec5-OlKOK9mWbvz7AiZ8FLJbcTmm1uRFOK7PdOd2TzVCvpFxfDbrWbfVMcWYdGoEtH86Qjy1nybj8LsggdmlMAKyToYi8YeXvaYo9jdBbJXzKqp_R4NYFSw69KEwDRT2X2OLFNf5T3zgK7tX72UzJzx6W35s_rT0f4I894bpHcOG-4SvQ5EpAFAKQiEWTKTCYksCwS4P740Ps9QwcU6zauOrHyRrddksVERJqQVbZULSs6I-MFPu4zDQbyAU51jdMytmj0sgW3OQEHIg7N2KzB-KfrtUc3RLOlPq0wJnRonqzoDUjhawMQhBcElmmcNyXz-tf6_VyIsQ5T6HTeoV3GlT-czxB890TpIdPlsXL8HxuhNNbYkTFyYMCmhY75_eao3ViTdIwaPh4AZ4NfEIfa7tVsPYKXWAPhZtxLrveMQsKs-C7MPOwXHQZ5SKeQe0Y74I1-hZLcZhJaDhRg-JN7HcQuMVKBdJSaUeelZ0A-5wSdGiBGGhl90wnb2vstICIcyta6-Ajg-hNRCVYgMD3beaIVGuSX6wHyoY3wGSL4M_v7qHCAE5p9_C4b9Upr8_3q6WxQ_sj8wzoN_kgOtAMpksQ6MmP3hK7dKSHZ6sB6TYsGn_9Xkwq-uS191JHrqjbB75BlkKFMUVJngeEOQipBfXCerIORPatM2jqQq7wwokoJYI32lkZxGv8MQq2AFPI26i41BK9bfJMw2SeqUVNCzjC7B8qqugGK0lojk-6bJBA8S8R9DihsRaaTGR8zN5eeajumVl5MQwYTDKrYVSNsfQBWxf25Q59orFbk9mMpnQlg5MSBXx53DyXRUiN8Lqw68E2n0pIsa-WYOh66IisiAu9pADAwr_ySyMtJUMZJx2oJPtbqQ7kuaWWQ0wPB0rUyzVG6ZZ7O57NZwr7DHqOrwNln7WhCJ&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsays.com%2Fmy&ds=l&xdt=1&iif=1&cor=1397997167714536200&adk=4188270525&idt=259&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 13:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jun 2024 13:52:35 GMT
1381133363330179423
s0.2mdn.net/simgad/ Frame C7A3 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1381133363330179423
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003ec16357887a5d46e64d65b9a909ed195fdac4c0011b4f60e499db8c2797d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 13:46:22 GMT
x-content-type-options
nosniff
age
87631
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82842
x-xss-protection
0
last-modified
Wed, 31 May 2023 15:20:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jun 2024 13:46:22 GMT
hb
hb.revid.my/ 		64 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.revid.my/hb
Requested by
Host: heartbeat.mediaprimaplus.com.my
URL: https://heartbeat.mediaprimaplus.com.my/heartbeat.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7afb5f4724c8424e942d98fcbfeca361f8ba1a427ec36f3e789029b210790f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Jun 2023 14:06:56 GMT
via
1.1 google, 1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://says.com
x-cloud-trace-context
721e167d51077f556019368728cb2844
access-control-allow-credentials
true
cf-ray
7db50df59d681e18-FRA
hb
hb.revid.my/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.revid.my/hb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://says.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://says.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7db50df308850394-FRA
content-type
text/html
date
Thu, 22 Jun 2023 14:06:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin, Access-Control-Request-Headers
via
1.1 google, 1.1 google
x-cloud-trace-context
bdfce1d0007d8e6f9066600d86639c92
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
adview
securepubads.g.doubleclick.net/pagead/ Frame 4EB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0VoDfFWUZJKkFtaNtweTi4LACcDQwehvyK6g-d4Rv9mivcABEAEgh5avIGCV2oiCmAfIAQWpArVLhbbbcrI-qAMBqgTrAU_QdWodWefoBTOPwcQpH5_Bjd6pDmGFWdVGQGtEHObmFirFnBq6W9LIGSS8o4BjcTA7E6L26Z7rHAQa7Ja7O9RrdWpX37yX5PivMK9BDACNrivFJnvz6wfWO17I_GRxuKblT_7P-eIfdrDjZKtzu21ZCou47cNHNmXyzd2RhNi9d2qMWE9t4IGm2yYmrt_8X9WsDwk7R9VhfpXwaVNZFryluQA5EqKqYODRaC05ADKgthHqcQVEYcDYju7KeX5B9OVZWFC5chEe8nDfGuYUhxqHj-Y3HwKiPZlVAPprwDF0I9Pl6YbIWwjq6knABMnDjKGrBOAEA4gF483zk0qSBQYIGxADGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB9iO674CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQo60MGIjr-egB0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAaIMCCoGCgTDsLECsBOkk-0SyBOPqJLiA9ATANgTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi03MjkwNjM3NTQ0NzUyNzA2GJ-GBugXBQ&sigh=oi5xVld_l_s&uach_m=[UACH]&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&vt=10
Requested by
Host: 1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
URL: https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
truncated
/ Frame 4EB4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e5484433ee9688a36ce75acb28252dae751fa8597fcd54ec7c5967519897919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 74A4 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bc580be684e1ba2a0f08ffeb5fdcdcda86396c16ed23cd05d55034bba1aa2e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C7A3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80fcbc7019ba45425ee3681720422bcbaaeee472697a1a4b312a714ff6c69763

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
visit
r-log.dable.io/s/says.com/u/00000000.0000000000000/ 		54 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r-log.dable.io/s/says.com/u/00000000.0000000000000/visit?url=https%3A%2F%2Fsays.com%2Fmy&ref=&lang=en-US&cid=00000000.0000000000000&gdpr=1&z=560196&callback=dbljson2
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.200.40.244 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-200-40-244.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
server
nginx/1.20.0
content-length
54
content-type
text/javascript; charset=utf-8
match2
act.ds.kakao.com/
Redirect Chain
  • https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230622%22,%22u%22:%2200000000.0000000000000%22%7D%7D
0
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230622%22,%22u%22:%2200000000.0000000000000%22%7D%7D
Protocol
H2
Server
211.249.220.158 , Korea, Republic Of, ASN7625 (DAUM-AS Kakao Corp, KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:55 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230622%22,%22u%22:%2200000000.0000000000000%22%7D%7D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm-exchange.toast.com/ 		0
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=00000000.0000000000000&toast_push
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.243.202.190 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 22 Jun 2023 14:06:54 GMT
Server
nginx
Connection
close
P3P
CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"
cs
cs.gssprt.jp/yie/ld/ 		82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=dable&uid=00000000.0000000000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.132 Bannaguro, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
82
content-type
application/octet-stream
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C65B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
173626
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Jun 2023 13:53:07 GMT
expires
Wed, 19 Jun 2024 13:53:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C7A3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssoP4IdlNonwDb8-4UaXblY6kt6oSuWGFODml69tIj4bRrqFK8l_ZboH9bJYLJ56ugLv9LodaFJ0GMGRKZxAmBUarFT3IiXpk7KrTzqioDSvduCAdKovr5dW8twsmJc6i_7b0f4_NIOMXirYWVkChQpdnW-lEZWo0rQVPTJTmG4qtQN3-3Qon23-KRDjCJomCuKB8v1F4Y3O8V3iJF2wOTASDoewLtEXIT5TlyMfSVDbamUG0JNqzYs8qHv-UQ3QlGmCKOPfxBnr-SAfF1MkBu2JoN-8m8CVI0OF-KtULVYqDgybkDC4r_zGzoevXdJGa1Ahh3wGV2wm_XoVKzWo4H877Xsk5UesIVhf4uhiDSmjt4dQQFgsVOknIQL6bM0hYo8mbGhKqZuKCQA5aFmvwcYf8ph67fU6LGxJM5vwVR00HlPISU-hVgjcar-WHZuzJ2PmmenOI6AmaREkoFr4HbowWQicsLAQMjjId2PEjYzDhGPf8WOl0KXLK0wQLXstxXjMDUBeDkqvV5zuErtJvp8Sn_B57uy5Q8M0FkpgADctG6DJBJBjjwxMVz-mtDVBxnGaAdua9GyOKQGO8Q33DXKTl-hl9il8bf_0x7hM_HwS9DOR6dS7UHf-Rm19jCqvdmNirg4eP5rWzuU4atU8cX0LAR_o_4qhngW5mR0yaoHKJC02N-sS7UbnG3vv0DRKrgtO8Z7WrgxMqGnZXR0rCJm_ncykE_Mqlg21_Ay2AFptZunP0uh1FOvvtxVtVZnPc4_0emGmIMYR59Rt0DohQAx_x-vx2aDrxlUcCdHIGTM-LfX5aDR9bckgwlSbNf4W1wNkoLDKRYfviMnYUgIkSI4DF0bEITkuw8AbFqEjWB-e_ASlNIKm4tvndYuqYfKknAdAMIfqlYt7cdq6RXG1fNHB09Jsop5wzdtO3w9f-alXND8nqBwLbTkR424kE8eKX0BvYOYTlrjBa_slL-ubQjZ-L-zch7OknYlDEVQF_q8R1S0Fi2KMIX4L_zHib0vKpmv4de8nuHAR9UOnnCTGHIk8nQTT_eHJWgqyEDhTCHBYpS18nZwFBzhQUAYkKibUnr5q5LGKPXvD-IepwfQxNwd9BWbYOoozcKs3SvadiT6NxN_f-OwkvP6QhOiTBBWgvXg9jdAQSrS-ZPxYYB_czs5ATjDn_ek3VAjiHyEND1uDYLH8at8eJi7lTDvwvZxYuSfkXzMlCAuFiNGAOSkmOB18RTv5AJ47JrC_g&sai=AMfl-YSfTOdT-I0dAZZwTm897a_iCH0vs9TxXgdzgV33Ew0EM5bm1EZT3QhuL1c4K8rdTVfzqq7wTxNxhPhs2n5sEtPhAXwQfmlQ-MyfVFLPy07iXLxWeOcM_Dr2soUCHOHOSSv3wxxEP4qO1fh20TiWEbOx7O4F12GlMxbugYUJhMadQLT3GjuEIVbLFgZwjV_MJKlLwxIaONHZq7zbdNjtIvYhyqAdBV1UD1wrdSFPKmFCO6COI7yUyFu8ywuM3N9tsq1ojwlDhPAq1SBoArBnExXElXgkM6cmSf6l&sig=Cg0ArKJSzF65nK0flKPAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=137&vt=11&dtpt=136&dett=2&cstd=0&cisv=r20230620.85976&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIvZ1RHZhgwoedMEx_GEThJqAACROavT_Pr0twrZfNgDEkL--t1Ay9D0QiO0A3MKFxZ_5qQOdB1DMa1D9PAwYRbaOnd-blkPQ_fELBD5FI986jwrvQbSJmCDsqGthRoNPVy63_GJbtiU6iOksfdv1VVSgCv0H1I6x9sbwaSQYCHsb1i7E&dbm_d=AKAmf-DahIN9utjzS6tfGlZDFNJ65xtThLswH4ZRNWkPSHtrA_clSQLgXDS8bKEAWt_-NpEYOWxvNbz-wn29weuSdjOzLWdPp70ctHY1KW7aKWXp5iUhmIgs5LbdTUuPy_3WMWq1DgJBDUNiA_0vIUQJqRclwR119iqMeQKy55EyKVrBEamuyEGloRWNDtRt955AMMWWEdadUNFmPs3zTJnQNQ9Lz0tvzakaBMiFWiM63MkR6SLGheDgs3JOuC6q0Rx5coWSylP14mdzI18NVMRf2qb_kmh-I1b5dHC6VfTqRAu2mJCJolKGOaXcxwfS8r9HnKvkIzDZbtvZkQlqm_UmPYlOIE_vN9HAfgNg_J1-V4KJCkdBTGZ-LsRR7WoNcjO_Jwi5cZ2lqLd0UdsaKoBACFjmiJeykNPZFoWwvNZrr3y_EM9K7YaK44-oG4vb83uqQtv-o3hrNkYwbNHXNfJACzWOgDxQDe5hc1r1J0cqPK4hHDy-tor7qtYYhPf24kaQA4SZ_J0TMikePMESdsTrwTOeZ73aU5nIxZnUfSqP1TXD0Huaw2LgEL2Xs8RYZMaFlQUK2vCpyT1ppf-2GktrSQ4OYVprQAcsWksjr9R4WHDd3G3gn80V4gWRJz9fqG3LjkwKpiDtiITBmyntuvzvGADOzwu4a5LOoq0Jl8Tj6962TLaS0Cke45z2n3-10GBruV-GEbXbKtHHH45Opb-HpUWlaZ-BRzWetEHO3NAVzzHNWyEfq6j2A2oC32ZN6eWQ6rvcGhiTau5JmHPyCaAygcVh2dhzxZLSSFAloYfDaTVV1AcgPJPHqH2oFiDyr_eUY7ixaAyeUbs3logPY6HvrBmWHuP_3iiu_SC0fg82nHfZwbHz3BK_fLmHUdXIC2oM6pF9tg7pZft0vrPLRRrRoCsiHU7JKKJtgw2QArhVgZNCUKAiO_IRa3WAinhp_-0Znh6M_dYhAtUh6HcKPFRNpOZzZ1fGPFBskze9RBIPo_E9qssAsJhb123bWeUnegPwZy2Jxmsqrt4QAGFaBQR_g61Q0Sqt0mq_fkLaH5Pd01q1NQSuQ97YMqdYbgMDtwBkNeNcm5TYPozbc1bonfAJMclNbbnUkC_PPMZRWiT1mLYrLTrxt2PTlCXPZlr1JixwkSfx7N9YOINXj8FSMxldpXG3yHD6isj5Y-Ij4yYicVuOdIR6psiMF21JwVQqnU19WUvXEAKgZwVFRIKO1MoKTYb9W9pawQCeWdqX1ZOOrNRnPAYA3O1sAV-FTHRqCtRdOED6UsyKK51wq7uv7IQR165JO50aaD1yKxP_p17BipWbK-k-rdGnh2znDilj0osIxIKs6xFchdHpQP-5Ce4-1MZw1IYjyjO3T3-Hrs0VB_Pd4jK0o327z5qXPk_9qzob9gDYh6ZHEpvGeCA44ItoiqJDmdddQ7D6fLKFPpA2YGdH-VX7rTz9cT8venR2nwWgMAq6r7F06jybw2MKwDlzbyNBCUP7ON-x1cSOiYY6mAsBgy2dszulNHf45ROs2TMre04Rpjrqx3jaIp-EHtMvoi8hfBUlsREUMohwbCMoQfpN0Z3Ydedkd1WZZr0JJSTa47zu25Yun7UNLcOgwTVMIp_aivcpjWKz_rTZBH0OH1T7Fi2mKYPNHAnM5nB_wCTvJ_OpNltgHeggPCiJ-xiLDcccFnIP-LDr7mokHrEX5GeCRqeYbi5oqLpm9nZvOh0mzj_vLn8TGPMwiVMqK8gUq4ieFPv1d72oB6Yogn0ZaQvZfzS2s4popg5ZJkSwsq9viJJeTcRkR6gMtc6co_pwGIQPAsgu2-PnOl79ymIyFemSgMJbSxPq0RfQNpGWNYw2LKo90bjes4tdB1KRR7FVlZxE6RfoAs8dSA5EkCHvxLXszf4mVv6NhfO0_r6ldQYsgOHfNe0Tq-nWYd15_dlQrnsdQ-BDPtjA20clvfUU14angrvBW1mafp6HljpMyhhiMdjwdCSNVFDieGtEhLNcXtn6n3mHv3NjGOkJN-AKVROCd-nXg30BGo6_j2fSsHlB6h_jbHI-yaUcRpYIJjzlGmaUt3M9dFR5TApFnESOooJAl4kE07yy9rHJrrVQWwKLmWSivmkV6FoSIkMCH5FOm-J1bjXsdkVhYarZjtXsJ8BCnmKJcMcKEFionzHN-Sqo5Z9geaWffGzF0jWv-4cUBzki-8WIXnleXpFuqiqYPMN42g5xZ1nCOzMWyz8a_ZfCcjn2o-87mC3Fx_9MsceK2yikwO3NJbqeeopy9NqPT_drZwX8jcrY4MRazz3tiU7WI4FBZ-LkVSxcKpGl0ol92cVGJUpDaaZIyAD5S1E5e08Xq-iGA2UPJNojjgt1v5hv7BSb_Hwigmp-I11i7pb5vwyJ7uKpquWFkbh8ttfyRZi8ZhhTL5StjnNez-p9BW-U-g4mFzy2GwvmSeYPzAO_7JXCiwS5TZzkSI8RdX_7YAZwpuqyuTXaMUNloMQOZfyF4KyxFvUQ0R064V_w2NrYhsrodzpQpHVyLppharmPm_nbWHmSEP1rNgq5aShK97eacK-7lyDYHO1ny-ySpsP0v_mzXfQ59hkD-NU8rDB-dec5-OlKOK9mWbvz7AiZ8FLJbcTmm1uRFOK7PdOd2TzVCvpFxfDbrWbfVMcWYdGoEtH86Qjy1nybj8LsggdmlMAKyToYi8YeXvaYo9jdBbJXzKqp_R4NYFSw69KEwDRT2X2OLFNf5T3zgK7tX72UzJzx6W35s_rT0f4I894bpHcOG-4SvQ5EpAFAKQiEWTKTCYksCwS4P740Ps9QwcU6zauOrHyRrddksVERJqQVbZULSs6I-MFPu4zDQbyAU51jdMytmj0sgW3OQEHIg7N2KzB-KfrtUc3RLOlPq0wJnRonqzoDUjhawMQhBcElmmcNyXz-tf6_VyIsQ5T6HTeoV3GlT-czxB890TpIdPlsXL8HxuhNNbYkTFyYMCmhY75_eao3ViTdIwaPh4AZ4NfEIfa7tVsPYKXWAPhZtxLrveMQsKs-C7MPOwXHQZ5SKeQe0Y74I1-hZLcZhJaDhRg-JN7HcQuMVKBdJSaUeelZ0A-5wSdGiBGGhl90wnb2vstICIcyta6-Ajg-hNRCVYgMD3beaIVGuSX6wHyoY3wGSL4M_v7qHCAE5p9_C4b9Upr8_3q6WxQ_sj8wzoN_kgOtAMpksQ6MmP3hK7dKSHZ6sB6TYsGn_9Xkwq-uS191JHrqjbB75BlkKFMUVJngeEOQipBfXCerIORPatM2jqQq7wwokoJYI32lkZxGv8MQq2AFPI26i41BK9bfJMw2SeqUVNCzjC7B8qqugGK0lojk-6bJBA8S8R9DihsRaaTGR8zN5eeajumVl5MQwYTDKrYVSNsfQBWxf25Q59orFbk9mMpnQlg5MSBXx53DyXRUiN8Lqw68E2n0pIsa-WYOh66IisiAu9pADAwr_ySyMtJUMZJx2oJPtbqQ7kuaWWQ0wPB0rUyzVG6ZZ7O57NZwr7DHqOrwNln7WhCJ&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fsays.com%2Fmy&ds=l&xdt=1&iif=1&cor=1397997167714536200&adk=4188270525&idt=259&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 22 Jun 2023 14:06:53 GMT
csi
csi.gstatic.com/ Frame 74A4 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lj77vs4w&c=6713859823813&slotId=3356929911906.5&qqid=CJPSo6uG1_8CFdbG7Qodk4UAmA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 74A4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 17:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507096
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jun 2024 17:15:18 GMT
file.mp4
r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 74A4
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3C9316C251924C98C1199F531D851685F3A136A3.22892B248884BDD99EF5E81E90A4341677768DD4/key/cms1/cms_redirect/yes/mh/nD/mip/2a01:4a0:1338:92::3/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1687440970/mv/u/mvi/1/pl/36/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:401e:28::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 22 Jun 2023 14:06:54 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2224238
Last-Modified
Thu, 04 May 2023 10:57:00 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 22 Jun 2023 14:06:54 GMT

Redirect headers

date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
location
https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3C9316C251924C98C1199F531D851685F3A136A3.22892B248884BDD99EF5E81E90A4341677768DD4/key/cms1/cms_redirect/yes/mh/nD/mip/2a01:4a0:1338:92::3/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1687440970/mv/u/mvi/1/pl/36/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js
pagead2.googlesyndication.com/bg/ Frame C65B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YTnPKPJ-Q--T2AJ4Qj25FxWmw7bAoVXE9zhtz1eN5hc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6139cf28f27e43ef93d80278423db91715a6c3b6c0a155c4f7386dcf578de617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 13:06:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
3612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jun 2024 13:06:42 GMT
csi
csi.gstatic.com/ Frame 4EB4 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lj77vs4g&c=6198761966551&slotId=3099380983275.5&qqid=CJLSo6uG1_8CFdbG7Qodk4UAmA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 4EB4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 17:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507096
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jun 2024 17:15:18 GMT
file.mp4
r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4EB4
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7543D530228858F2A05573FFC5F6E29F63B46450.517C2A031CEB7D7CF20A1B60822D6D5A8ACAC3C1/key/cms1/cms_redirect/yes/mh/nD/mip/2a01:4a0:1338:92::3/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1687440970/mv/u/mvi/1/pl/36/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:401e:28::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 22 Jun 2023 14:06:54 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2224238
Last-Modified
Thu, 04 May 2023 10:57:00 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 22 Jun 2023 14:06:54 GMT

Redirect headers

date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
location
https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7543D530228858F2A05573FFC5F6E29F63B46450.517C2A031CEB7D7CF20A1B60822D6D5A8ACAC3C1/key/cms1/cms_redirect/yes/mh/nD/mip/2a01:4a0:1338:92::3/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1687440970/mv/u/mvi/1/pl/36/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 3300 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
132028
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Jun 2023 01:26:26 GMT
expires
Thu, 20 Jun 2024 01:26:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 365A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbSdcfFWUZJCkFtaNtweTi4LACQAAAAA4AeAEAg&bg=!cXKlcibNAAYQ3eRoMN07ADkAdvg8WrhP2H66j2Rw_yVODOcapqwlnDggXefF2xYDksLtIYRmKWy6VV21NwX8q8wTMj5hiBcWTaUCAAABS1IAAAADaAEHCgCSgA3xYr6zRBn8iSf7W37VDtdcZJHgJ2r7WvAf1enFCcmpy7GryZuUFDeIsU8CgAkn8qbKBiMPFo-ZfG5_iUaThAhWMheSRev1etA1wM7io7IHUiRzOkWNOk8OjpzCQJrKr1aaAy9edzZZ0KCundzELCUZcA_aA4Uejfxr9UIy9oeSF2NfIBVf7JpU_CfA9JF5mXWZAt_SBVTbE0kClytjhE6FUKMtjVLUAs7CxZUcj3u8lR9i46Rt7cGCv_EBAylHyu44N_9L5yjsG0uiCSHSEJCWKi1llfm-Q1T7UTFIHifokXtlQ0o6Fhaue6RWVu98ZOE8W65w0VKdVydpYMdMJZuHfbuCqMAP21-2df0V_AWm1jN3-mE4faJdM0xE7baPlH3ktT5Jr0G23mbfTQIaAO_dNTWpnqYJI4AbAbgiPfjJsWeATfRPFouGi6QZMF7MxH1FehannV1Wm5qZFRO8BJSFnu9UwweeZ5gkhFLHVySiAM8kbHGV-YTVTY2gaYm3ckvM_ba-vV5uTst2_6I0qaxR3YAbCUNIYcL1Jpgr8OJfXgtTou8HoR3Ohu1q2beKpDdlvU1oHwIfKhKWgfddmQzmmMmMPU9Pl9c7qZCpXIey3994I1lcbuEOcH9PL6ohYRuX9F9Yu1uLFMVOxbRRABbx_93YLGyZTIsguS6RnBKPiC_z1ahusFUtG2bdXFQB3TtX4MvWIf6xrmc0a33_IIA_OejS07sfWHmb82UeOaIGD63eKr9qZeo4b5lhEe2ClmLF55kgTe42MWpbbOOqEtr2bkmBIhrxGrTCiKzeK3hdw09-SsLPY13mR0kRd13Pg7CPEDJ2uRh1H03QYURKEQVAJbX-7vU7HCdJUEzoMvKwnKAnim8-uGPAnSDVCzn7iWVRQR37SmkDQh7Yd5gK0H6Qywt1ufn1JS0n7pV4k9cdYcrsujwYVtOuoYgzE9jwV4nbQ8yqXM5FUpZMIcN_JXRlJxtZBP892V0pW2c5u5sDdZbmwIiyMZWX-tMUCQvECzvdXft_L9HCJrJzi3PUpF06qXtDaYjaS7t4BxYtKhqWrmo_Nui8ZoYu-_UaBp_M-2HHbxwjh0Nq6Sn-gAX1Ug5NO7JwXtH5AdhuY2yPhcgWs5uS0ozvl0DFJnwRu0ldYgd1W8g4Lu1Ng-Xq1OvDDyaRUYo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 6EAB 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
132028
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Jun 2023 01:26:26 GMT
expires
Thu, 20 Jun 2024 01:26:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js
pagead2.googlesyndication.com/bg/ Frame 3300 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 19:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
153209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14804
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 19:33:25 GMT
IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js
pagead2.googlesyndication.com/bg/ Frame 6EAB 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 19:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
153209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14804
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 19:33:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C65B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_kx-fVWUZLSVJfOn9u8PlM0aAAAAADgB4AQC&bg=!DQ6lDlrNAAYQ3eRoMN07ADkAdvg8Wh2X8ohADeTPnISoVQs3R79gO1o32PVwD0HcdbxFMllxcpG-IimyrxPv9Gdg-KwZ7EEsSAoCAAAAXlIAAAACaAEHmQLeUYV-VTFsqTyGEVeeF1dbObxc5KHCI7Wg1sT5BquDiDM39Y0s0kCCAYFKi--GWE6KqoY3FOjnOXXiAV9Sp374c2RjB5IsuPqpsPQ4frw3T9Dba5Z5_yWq5yodYzDQB-IkgFdaspn46Uic4_Bml0mHCboqoqgdh_ySmPAj--R6_6T8XRUdLWzXpXzVzoQpQnBxZ41k86FU9-_fQ2NHEzTh-o-uajMtwAUogNcpprIOi2OItWrOO_DepaehHKeISoQ3cJbC6PEgeyI9VMalRfCHa5Akg9jqJJpBVlNEcogQRKYodE2V71vH06z_WczAW_0bUtlaP2cOL_ZEfCQTnAw2HNELhWVIzYvZfj78e-YcPkn38VP2DwKt3ccXJkMm-LMhUkPZIOyMyc8IWIt3W7_Y2HEU2SMlJRzMqa2m0Q2mg1dP4IbI2PNVvj8-EohIQFaLi6GvVTg4_c7yVgQlEAGGYHvWSiSr_a776u1mjuAbbmm3aR66Wp4hN3pENtk7W48deCJSzNIhSwbJXhsvIqEsaRdSVze_Qlv4ekmNWWRFc_D_wyCBPxCJAY6YXfEnyXPIczHfBNMuyAjqUMDnqjywqxfHqKoocM1-chPDerGlF5K9e76PBWBp3tfNJjnibjlDi9xukBG_-IbIkknR2SJmXuVeXRbc6dPyJcIFF0jvnmjIA7hY3HxBYoAb7kMzr-5HMOyDEjfZeDsOLiPVHqHCAihFTJMhQRLzLiZjeZCueyCYNQoPAogQvO6pBSPlmlLXixfkPr1KhHKHQtIvVk5MzFzG4tG1KYV89w68cZbYgMGRJg5q9WhAvqAvYFRzBCJriUZJPh7jOtjYq0rWPx38Weoq-MmTiKxN2FvSF_sLrz78tjs6ibWX2slAi98fPX6q8ZS6tiidkT3PZIYP8C6WIA79UKmlmbNfVikvj-2t4Dlvs0jR7xxUtg7Q_CL2brid9IoqCJ9jSk88oa_p7DU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1687442814321d195112192.d9118d9d
segment.api.useinsider.com/v4/segments/ 		927 B
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://segment.api.useinsider.com/v4/segments/1687442814321d195112192.d9118d9d?partnerid=10002153&fields=e0e252a5d8c8cdc04eacbd926868cffc,1a3e01539f4264ca05f749a0c0b39d41&
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca79b17283dd424f6e491d2effc14b0a4861b5c8ea6580950551ba8e49b948a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cf-ray
7db50df63d4492ab-FRA
info.min.css
assets.api.useinsider.com/css/ 		70 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.api.useinsider.com/css/info.min.css
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34692b432f55be19b52784ef9da14cd88c3bb8c6f9e4240e236ee74623d45464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12534
x-xss-protection
1
pragma
public
last-modified
Thu, 22 Jun 2023 04:00:18 GMT
server
cloudflare
etag
W/"6493c752-1196b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=259200
cf-ray
7db50df5d9189a1d-FRA
expires
Sun, 25 Jun 2023 14:06:54 GMT
info.js
eitri.api.useinsider.com/static/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eitri.api.useinsider.com/static/info.js
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
345bba914ae691dbc8d85ead5d9c4b7e0c5e4a83eb817eaf7b9f6e4e58d70473

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
x-amz-version-id
KIJ8Uwp.I1UPf.TijKZz2R4p2AaQNSNg
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Jun 2023 09:41:13 GMT
server
cloudflare
x-amz-request-id
3DT40869BEBSQB3X
age
1488
etag
W/"92cd72a2b84c09e27bd9fa079d4830f5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
7db50df5d9179a1d-FRA
x-amz-id-2
5b5i7HMwcwuEpWZj0qfSsyTfrqbJWvdGsS+/sB4jSQEIVhfiF3KyHYonoat4fxV8ZnrX6x2Euv8=
expires
Thu, 22 Jun 2023 14:36:54 GMT
/
locationv2.api.useinsider.com/ 		267 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://locationv2.api.useinsider.com/?v=2&pId=10002153&
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cd51d12649ff55912eb08f36f1daebe078249d42d4c51ebb6806be06e6928d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cf-ray
7db50df65fbc91e1-FRA
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-27970811-1&cid=281384666.1687442812&jid=1999173053&gjid=8324359&_gid=1022371719.1687442813&_u=6CDAiUABBAQCAGAEK~&z=312474827
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7S9H066JJ6&gtm=45je36e2&_p=1865468640&cid=281384666.1687442812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1687442812&sct=1&seg=0&dl=https%3A%2F%2Fsays.com%2Fmy&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&_s=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7S9H066JJ6&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
log.api.useinsider.com/v2/ 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215IiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkiLCJ1c2VySWQiOiIxNjg3NDQyODE0MzIxZDE5NTExMjE5Mi5kOTExOGQ5ZCIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6ImNtc3diSFZxTWpjdGJqVnNNUzF2WlRSbExYbDBOMm90YUc5a01HTnZlR0ptTW5KMlh6RTJPRGMwTkRJNE1UUT0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2ODc0NDI4MTQiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjODEiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=says
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7db50df619599a1d-FRA
content-length
42
content-type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1865468640&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy&ul=en-us&de=UTF-8&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=Cookie%20Consent%20Button%20Clicks-impressions-custom&el=(builder%20ID%3A%20382)%20-%20Variation%20Ratio%3A%2095%25&_u=6CDAiUABBAQCACAEK~&jid=1999173053&gjid=8324359&cid=281384666.1687442812&tid=UA-27970811-1&_gid=1022371719.1687442813&gtm=45He36e2n815WNLRMX&z=103087800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Jun 2023 17:16:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75037
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
log.api.useinsider.com/v2/ 		42 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215IiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkiLCJ1c2VySWQiOiIxNjg3NDQyODE0MzIxZDE5NTExMjE5Mi5kOTExOGQ5ZCIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6ImNtc3diSFZxTWpjdGJqVnNNUzF2WlRSbExYbDBOMm90YUc5a01HTnZlR0ptTW5KMlh6RTJPRGMwTkRJNE1UUT0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2ODc0NDI4MTQiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjODciLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=says
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7db50df619609a1d-FRA
content-length
42
content-type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1865468640&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy&ul=en-us&de=UTF-8&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=NST%20Suggested%20Articles%20Track-impressions-custom&el=(builder%20ID%3A%20438)%20-%20Variation%20Ratio%3A%2095%25&_u=6CDAiUABBAQCAGAEK~&jid=&gjid=&cid=281384666.1687442812&tid=UA-27970811-1&_gid=1022371719.1687442813&gtm=45He36e2n815WNLRMX&z=407672408
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Jun 2023 17:16:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75037
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
log.api.useinsider.com/v2/ 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215IiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkiLCJ1c2VySWQiOiIxNjg3NDQyODE0MzIxZDE5NTExMjE5Mi5kOTExOGQ5ZCIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6ImNtc3diSFZxTWpjdGJqVnNNUzF2WlRSbExYbDBOMm90YUc5a01HTnZlR0ptTW5KMlh6RTJPRGMwTkRJNE1UUT0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2ODc0NDI4MTQiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjMTQxIiwidHlwZSI6ImltcHJlc3Npb24iLCJvdGhlciI6IiIsImN1c3RvbVN1YklkIjoiTi9BIiwicHJvZHVjdFR5cGUiOiJjdXN0b20ifQ%3D%3D&t=cu&pn=says
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7db50df649a09a1d-FRA
content-length
42
content-type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1865468640&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy&ul=en-us&de=UTF-8&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=%5BD%5D%20Back%20To%20Top%20Button%20Custom-impressions-custom&el=(builder%20ID%3A%201314)%20-%20Variation%20Ratio%3A%20100%25&_u=6CDAiUABBAQCAGAEK~&jid=&gjid=&cid=281384666.1687442812&tid=UA-27970811-1&_gid=1022371719.1687442813&gtm=45He36e2n815WNLRMX&z=873019980
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Jun 2023 17:16:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75037
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
file.mp4
r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 74A4 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3C9316C251924C98C1199F531D851685F3A136A3.22892B248884BDD99EF5E81E90A4341677768DD4/key/cms1/cms_redirect/yes/mh/nD/mip/2a01:4a0:1338:92::3/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1687440970/mv/u/mvi/1/pl/36/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401e:28::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
392e35da9115da1fb34a2eff0eb366f98454ad057ca78c167de73b2c007bcc5f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 22 Jun 2023 14:06:54 GMT
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2224237/2224238
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2224238
last-modified
Thu, 04 May 2023 10:57:00 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
client-protocol
quic
file.mp4
r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4EB4 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/922a249db4c0bf2d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1718978813/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7543D530228858F2A05573FFC5F6E29F63B46450.517C2A031CEB7D7CF20A1B60822D6D5A8ACAC3C1/key/cms1/cms_redirect/yes/mh/nD/mip/2a01:4a0:1338:92::3/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1687440970/mv/u/mvi/1/pl/36/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401e:28::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
392e35da9115da1fb34a2eff0eb366f98454ad057ca78c167de73b2c007bcc5f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 22 Jun 2023 14:06:54 GMT
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2224237/2224238
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2224238
last-modified
Thu, 04 May 2023 10:57:00 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
client-protocol
quic
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3300 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BOFuCfVWUZIS6N4Ps1waXqKDIDAAAAAA4AeAEAg&bg=!ICOlI3fNAAYQ3eRoMN07ADkAdvg8Wq6W9Hh84vnvOZgsYb0LPLLQtxUkkfNeK5rk5C7aSdYI9qh_yNk8NpkHoXnQ6jC2sWw99NoCAAAAiFIAAAADaAEHmQLdxQvgQajZ1po827q7GgqbclOvaJWO1GrjXsKru7DRCV0Y6m_dy6m9wp-XbomUxLMmJfXjsgvLiuWjhQTuOxIbNl0F9WFs9VfI5vuG9VaNV7WrMcwTkvbp3CMlGbsL4hyTeKtaSaTHICK1XvfVsDdwBObz9HbEB28_P-gF5MirgT53x42oIFvOjgzvV5kE6c27cwLpgEotBLLcBq9ppPV747K1Ldzxog0c3hyNEf9qXh5zC-12EUivizcPaMCeL9-u0B0hSNoMZvK-lqf-A_tvYL04HQHmHC9j56qhPiOr-CCk76SFRr3g_ajwZxedQTaQFXXyHIazOMCFGi2USuaD2LtLl1XgrsEvzdXFMg52FR6_XmIHF1AjRBTFpDyzpOCIpmfgB5RonhcMG_hOKfRJ8pBA_2zYedA-ZxFFX28QkuKZosWvvZDXd9V_pjpXjHWJMktWZIufUIfm5dq8uA4rHqYQucQ26GB9ft1gWOJvqlEaDbqHXzZiG9OOHTysSJP-Bd3H3EXukOune3Kpyi9ehIYkaT6LE-AD4sk0MPEBy37_NU-96Hu_IGAfbs47E85uj9CzqT1dJieW-WozmXe1PfKpXhKZmwCeR_878IW3pUFiVyJgk7OeoknOzlbIqX1qQ3LMHYcnEwDqmZHDFSqoImCHbucmf-EhaLfGRQeuc7w-DViomieekaq4h5aq9BQUnwo8ZOR1qzGgvMErqkMLOZ8z8JKjXv59RZu49jmAV6Qu1YzCpLVV5TlaiDDtgAEntQ6n6sEEEOBF48hzcwKxTdg17RDXA9AHU5NTt_VuBEM9Pv2GWtzBK525wCi6ll_cPtQoiqvXp9w1zPgPQ-3C4FUGD_ZZ4qMCs04PZppZ9EbMvsAkmGIgheQpjfDRd2sOa28jWpKv4KBfnCb8r67Z-E8Wtx-zgVHDDU2YXrj3qqZIYeZxZGu44PEJrHLm9QrEnwUmk6B8uOLR18PTMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27970811-1&cid=281384666.1687442812&jid=1999173053&_u=6CDAiUABBAQCAGAEK~&z=1455347080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27970811-1&cid=281384666.1687442812&jid=1999173053&_u=6CDAiUABBAQCAGAEK~&z=1455347080
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306150101&jk=266413778548866&bg=!zM-lz5vNAAYQ3eRoMN07ADkAdvg8Wgzdak1c3lzHcblwNkWQUKHK1grgQz0rRXNvrPFPuKMhcup7YyX5scHrpzKjog_jctouSYsCAAABJVIAAAAGaAEHmQKVUxECqJaOakVbm6coCgLBq9KSa_FSUjnxuMhVa1qJnd60i_8OUlL3Yoyix647VjjO5VMoZoR33R8pRvoIOg2PFIJaF7GYi4Hv0sTrXsq7M6bdY5pJjCNtRe2wH6WV7KBteFEoiKDVeFsuN4iVBUChbdI9fTmI22xb40mpQuE6KzR-C-ykb75b9FDNkKSXkOEjjvYYzOKZWTgjTaWhtOYBVxscY6efth6iUpclXqrNFOzau3ZlwKrgEzLncoEwmWBamFX1KcxHw-nyhXFgSMzXVkwsssZ61E4smrrNkHXGzKgCk6BsCSqCmvHCPz_F0rsw5jhPz9Kxn96_rMagpR2UpHX7RsMN3tIK9SvMY9pnnoq-fpu9NVhBalPTZ5n24C_aLCmEvbP4emPPdbj4WlduMQ0_GXzv-DQwzoqacY00TPEMNy-pVSF1JbUhvJl7lozis8CLN60fJPeSW1Dc9UxVu-HpRbiDlEn6rW3G8pPzqzq7iPh5I9Cbn8q-7LbuICX606OrWYmsxW9I3CuA4U16-6fV3bBEt-wozzCBEIRsIzNcXn-wd1aeUGPLU6jK4cf2AWHrLWXnRzBquMu_T7oJ_RQfc1y-NBsbWa4Cz2hfcw3-IR-7zWggxLc2KWb1Eex_ZhxHUIRz0xlNH3oNwOork7VgJkPapwl-okvyWK1cweOHjd-KEg3cITBLYcxWXCUou3WA6oGCB2l_wlXXgmU7bKXUK3knJIKbmphDxLvLgHmsmTLBhjIjBUR2wQRDnq9uxGxkX2PxjKeEXpBi4DPjTVXuPoMQks-Q2dQktZYA-2UEcv0M3gtOrz2pptgcdWKdRBLW1x_WRaMbXUgQsAX_9mJt6uhrTY6WhtrAzref26cFiNA1VA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
3478.24
says.api.useinsider.com/api/info/ 		48 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://says.api.useinsider.com/api/info/3478.24?pa=shopping-trigger&
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
328974a79d1c3c188d8fe4e9eefb97c18d431da7fc63ffa4c9d247e7a37b0751

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
x-amz-version-id
1.Pj.csjmlueSL_zBnzoZzoAV3yuTbw0
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Jun 2023 12:44:11 GMT
server
cloudflare
x-amz-request-id
K6SXGY77VRESWR3K
etag
W/"3e9d924288d1d8f278a1b248d5fbeae9"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7db50df6bdbb92ab-FRA
x-amz-id-2
XbaLSEZgrwTWW0kw6WwZWy9+qmXLLb+Ag9PMFQaZDkWf+eRXytJqUmxK71HP14k2zRBweVsNp0U=
expires
Thu, 22 Jun 2023 18:06:54 GMT
hit
hit.api.useinsider.com/ 		16 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hit.api.useinsider.com/hit
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
request-id
9a9e988a-05ac-467a-8f1e-8c3acd747db7
cf-ray
7db50df70e1692ab-FRA
content-length
16
hit
hit.api.useinsider.com/ 		16 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hit.api.useinsider.com/hit
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
request-id
eba0b7ac-e97e-4054-bd80-eee4223c6c5f
cf-ray
7db50df71e2c92ab-FRA
content-length
16
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EAB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bg4MAfVWUZJnTN9KU9fgPkoiw0AIAAAAAOAHgBAI&bg=!MDOlM2fNAAYQ3eRoMN07ADkAdvg8WqqEgWBRkz3KZy8sZzPoEAWzvxh8UvZ1Uik1PBoCpSdXku4oy3flzFyt0FmXjT6OUByL36ICAAABJ1IAAAADaAEHCgANXgfNpEXAj1T0Ce79NpkC_RNOLsoGmPY7eqclDji4UPElSQaGpik3DSSJnnyLYxeFJnXH6XOICk4yka6ejYjNhxL2oyZTB3UQHWWlx7aI1tQ7FDgTrlnd8ZeAaOf53ll6K_OW7DcHKK1AJ8eWh68ToZ7r5cfMgv-BJOZdS3zFtkJZFzEdmMysg3QS1FOolqyT1W1e6swvt-VPuyjBXWNa6cCkR9NaPB8adtO-MDee5F0Rq0zr8W61hbu_TGuFUgECczR6L0QOE3kEEycAYIWdhBXG8wWVzy8flBwksCV5pDEEioglUlry_1J91ZkETh_8c5qXRMqo1B32ubHnczPfmV6cKYu-60TPXA94SGHgUl3nxAbskqsVXQke5ou8DoozvlFLNkMCM_t9gA3zHrFxwSdZr1sBMhjkOd7Ie3h2qzUjruxB_02EHV0dWBmvdA_eEwcLJvdwVFlOvzWzFYfQb_-arpXGPGySLNVLL1avR2G6WjH6gGPGy8G3OLD8VEeFP0p-HXLTS6uUQ770ozUnsXQ8mhZAXKyh3_bylMWxmhjmS3HPlckYAFgBQN6rbwzkAcceVD7A2Vmt4k4Qs4Swq4QXXq3Ib8JRlaJRc2Sx1ekoicAcHsExTHAZ-VDneblXYWV-Hk8k6nVzWrlOfPpjGDN7lUjs-bTeOcmArctSPYp8tAVPnMky9IGwVlcTAcFdfuErwqMKuCCZ2BbFQ1jLrg-Bw2nMPwI-seGz7VhotbdZv4Eys0jODCscHUc923vkdvj6EYdnN_YI5J2GqIbkzjR47YyMKcNYb75rcxWBhaf_urmAYc-WoEpEF0Ojdb-K4VY5wIxinsMv2Sqfl9Vy6oDKGEncwXDPBHen7QFFSOaMpkt1bLoVkTUIHKesvxQURDXv8KzcRJc9s4WjYigIyUhKMtpo5Lkf6PiS212YcxaRDk2sW_xKwsQJoehRKC9LrCFouKpqf7u4gOSXM1FzZPNY4OZPJcdMF3z8-nYcGOg2rcDVKrVAvCpePRYCUe4oecawcnh16rQW74y67A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EA36 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseSWtEW0Xn3rATfKxAhURtO2PcxbcSdv1o6RUC-Bno531-l2yBNeBvTtcH6S5IY88mRVjm0q_-ZxTAqDE0hAJm2XcnhQfFr3C4w9q4Z7lgEG4ZxCeR0AArTL9J6lm3ajRZ_5ZyMaPQDXRQ&sai=AMfl-YSbB9uU9d2cPe2HxPj5nLU8tdZBf2TLvK8IQoOkxu0guav8iW07Dtd4x2yXJA5mrAyBKLCaz4BMXwIc9y8Q0l0-ZfZn31R4T9i-M2ML4XhiRoWT-KVlN-HkVvOpxqQOehxwTm0W2Au2OUytjw&sig=Cg0ArKJSzNJaAS3-oE8nEAE&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&id=lidar2&mcvt=1000&p=911,236,1001,964&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=126976903&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687442813196&rpt=395&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		210 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VTGFSRF3VN
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38ebd62b94d8143fb7fd86d1fd6498ebc3363d9e5371c9620a7a791f781bfbf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77542
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Jun 2023 14:06:54 GMT
js
www.googletagmanager.com/gtag/ 		210 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VTGFSRF3VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f6922399409f62acc25ba12b2c4222128a9eeef489540410c0ee13d915bdbf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77563
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Jun 2023 14:06:54 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C7A3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubrROSBNCPGUeM4XTckhmGg1IxGfdPFfYLVGk4RLQYDrkrY0DHkjDC378aV8e26X9uAny5nRJJIxkE6fIvB1ile5D0xH9ZXeXNHW-Q9X24uev4619UCR3O_1KdEY9SohuOSFWMxz3B85Ip&sai=AMfl-YRRYWJ7NxLCUN9akbTDH45O8nOuzlojONCmOSoyVQEN2Hz8fGp1WSdSIEZSfrsnm2LJ_j9JYgGhQlCQ6_c-sQ2AXItrXrXVJ6ZPKg2SvyDZ8I3SS4CFReBocKSzrdVodcPWHYGXBGUoyLrcOw&sig=Cg0ArKJSzDQol34iVB4AEAE&cid=CAQSTABygQiDXrGSYtVz0teowkmfY_2cbpnTEikePe00lqK0lB9Cj1MRL9K-MwfvGBNvJAPG1Uga-A2XYysUyzs7ibpbEA2A4gMjh-2Z0SMYAQ&id=lidar2&mcvt=1000&p=115,315,365,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3455604261&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687442813179&rpt=710&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VTGFSRF3VN&gtm=45je36e2&_p=1865468640&_gaz=1&cid=281384666.1687442812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687442814&sct=1&seg=0&dl=https%3A%2F%2Fsays.com%2Fmy&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VTGFSRF3VN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VTGFSRF3VN&cid=281384666.1687442812&gtm=45je36e2&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VTGFSRF3VN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VTGFSRF3VN&cid=281384666.1687442812&gtm=45je36e2&aip=1&z=1457845809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C7A3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5852783493089&version=m202301230201&ct=76&x=1&cor=1397997167714536200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4EB4 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lj77vscj&c=6198761966551&slotId=3099380983275.5&qqid=CJLSo6uG1_8CFdbG7Qodk4UAmA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=986&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1cm&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4006:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 74A4 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lj77vsbn&c=6713859823813&slotId=3356929911906.5&qqid=CJPSo6uG1_8CFdbG7Qodk4UAmA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=986&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1br&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4006:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
p.clarity.ms/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://says.com
Date
Thu, 22 Jun 2023 14:06:55 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7S9H066JJ6&gtm=45je36e2&_p=1865468640&cid=281384666.1687442812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1687442812&sct=1&seg=0&dl=https%3A%2F%2Fsays.com%2Fmy&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&_s=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7S9H066JJ6&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://says.com/my
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
log.api.useinsider.com/v2/ 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215IiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkiLCJ1c2VySWQiOiIxNjg3NDQyODE0MzIxZDE5NTExMjE5Mi5kOTExOGQ5ZCIsInBsYXRmb3JtIjoid2ViIiwiY2FtcElkIjozNDc4LCJ0eXBlIjoiY2FtcC1zdGVwMSIsInRhYmxlIjoiY2FtcExvZ3MifQ%3D%3D&t=c&pn=says
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:59 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7db50e16c8c39a1d-FRA
content-length
42
content-type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1865468640&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy&ul=en-us&de=UTF-8&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=%5BD%5D%20Hello%20bar%20-%20Variation-impressions-shoppingtrigger&el=(builder%20ID%3A%201754)%20-%20Variation%20Ratio%3A%20100%25&_u=6CDAiUABBAQCAGAEKAB~&jid=&gjid=&cid=281384666.1687442812&tid=UA-27970811-1&_gid=1022371719.1687442813&gtm=45He36e2n815WNLRMX&z=249336082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Jun 2023 17:16:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75042
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Features%2C%20Makeup%2C%20Fashion%20%26%20More%21%20Join%20The%20Movement%20That%20Celebrates%20Every%20Body._Desktop-1685957110.png
image.useinsider.com/says/defaultImageLibrary/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.useinsider.com/says/defaultImageLibrary/Features%2C%20Makeup%2C%20Fashion%20%26%20More%21%20Join%20The%20Movement%20That%20Celebrates%20Every%20Body._Desktop-1685957110.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e60c8811af7668afeafc7fe49e25623e8d150afb5bef079b238911d3856f8ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 22 Jun 2023 14:06:59 GMT
x-amz-version-id
dAGBSL02MXS2XIOaL0bhnHiODKgdS16n
cf-cache-status
HIT
x-amz-request-id
XJT2J9R7T3EBQ1A5
age
5646
content-length
107254
x-amz-id-2
G/mRxsYehGtvuH6P+aGzV38E5ryI6L20rhDOrFMvFdZRzNbHUEW5K0Lrqu/M09uF5bKB0ze+lIg=
last-modified
Mon, 05 Jun 2023 09:25:13 GMT
server
cloudflare
etag
"678be43c6030dd299f3c66c8e42bfbed"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
7db50e16d8d09a1d-FRA
expires
Fri, 23 Jun 2023 02:06:59 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VTGFSRF3VN&gtm=45je36e2&_p=1865468640&cid=281384666.1687442812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1687442814&sct=1&seg=1&dl=https%3A%2F%2Fsays.com%2Fmy&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&en=page_view&_ee=1&epn.dimension1=13280&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VTGFSRF3VN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jun 2023 14:06:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

465 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 boolean| credentialless object| onbeforetoggle object| onscrollend object| __cfQR object| __cfBeacon number| _sf_startpt string| envTargeting string| env object| dfpTargetingParams object| PWT object| googletag object| lotame_11139 function| fbq function| _fbq object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state function| Popper object| cookieConsent function| LazyLoad function| buildPrivatePub function| loadNextStory function| premiumHeader function| reCalcAffix function| validateImage function| popupCenter object| PrivatePub boolean| scrollLock object| resizeTimer object| Says object| isMobile boolean| searching function| $ function| jQuery object| jQuery1124047245148083888533 function| autosize function| _ object| NProgress function| EventEmitter object| eventie function| imagesLoaded function| CoverImageCropper function| swal function| sweetAlert function| Instafeed object| bootstrap object| dataLayer function| fbAsyncInit function| dable object| _comscore function| scrollFunction function| backToTop object| defaultParams object| cookieMain object| wrapper object| setting object| settingContent object| acceptBtn string| seurl function| showFlash boolean| __cfRLUnblockHandlers function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| gaGlobal function| lotameIsCompatible function| lt11139_ba function| lt11139_b undefined| lt11139_c undefined| lt11139_ca undefined| lt11139_da function| lt11139_ea object| lt11139_e function| lt11139_fa function| lt11139_g function| lt11139_ha object| lt11139_ object| lt11139_na object| lt11139_oa object| lt11139_Na object| lt11139_Xa object| lt11139_Ya object| lt11139_7 function| lt11139_aa function| lt11139_a function| lt11139_d function| lt11139_f function| lt11139_h function| lt11139_ga function| lt11139_ia function| lt11139_i function| lt11139_ja function| lt11139_j function| lt11139_k function| lt11139_l function| lt11139_m function| lt11139_n function| lt11139_la function| lt11139_ka function| lt11139_o function| lt11139_p function| lt11139_ma function| lt11139_q function| lt11139_r function| lt11139_s function| lt11139_t function| lt11139_u function| lt11139_sa function| lt11139_pa function| lt11139_qa function| lt11139_w function| lt11139_ra function| lt11139_x function| lt11139_y function| lt11139_z function| lt11139_A function| lt11139_v function| lt11139_B function| lt11139_C function| lt11139_ta function| lt11139_D function| lt11139_E function| lt11139_ua function| lt11139_F function| lt11139_G function| lt11139_va function| lt11139_H function| lt11139_I function| lt11139_J function| lt11139_L function| lt11139_M function| lt11139_N function| lt11139_K function| lt11139_wa function| lt11139_xa function| lt11139_O function| lt11139_ya function| lt11139_za function| lt11139_Aa function| lt11139_Ba function| lt11139_Ca function| lt11139_Da function| lt11139_Ea function| lt11139_Ia function| lt11139_Fa function| lt11139_Ga function| lt11139_Ha function| lt11139_Ja function| lt11139_La function| lt11139_Ka function| lt11139_Ma function| lt11139_P function| lt11139_Oa function| lt11139_Pa function| lt11139_Qa function| lt11139_Ra function| lt11139_Sa function| lt11139_Ta function| lt11139_Ua function| lt11139_Va function| lt11139_Wa function| lt11139_Q function| lt11139_Za function| lt11139__a function| lt11139_0a function| lt11139_R function| lt11139_S function| lt11139_1a function| lt11139_T function| lt11139_U function| lt11139_2a function| lt11139_3a function| lt11139_4a function| lt11139_V function| lt11139_W function| lt11139_X function| lt11139_Y function| lt11139_5a function| lt11139_8a function| lt11139_7a function| lt11139_6a function| lt11139_Z function| lt11139__ function| lt11139_0 function| lt11139_1 function| lt11139_4 function| lt11139_$a function| lt11139_bb function| lt11139_ab function| lt11139_db function| lt11139_cb function| lt11139_2 function| lt11139_fb function| lt11139_hb function| lt11139_gb function| lt11139_3 function| lt11139_9a function| lt11139_eb function| lt11139_ib function| lt11139_jb function| lt11139_kb function| lt11139_lb function| lt11139_5 function| lt11139_6 function| lt11139_mb function| lt11139_nb function| lt11139_ob function| lt11139_pb function| lt11139_qb function| lt11139_rb function| lt11139_sb function| lt11139_tb function| lt11139_ub function| lt11139_vb function| lt11139_8 function| lt11139_yb function| lt11139_zb function| lt11139_xb function| lt11139_wb function| lt11139_Bb function| lt11139_Ab function| lt11139_Db function| lt11139_Cb function| lt11139_Eb function| lt11139_Fb function| lt11139_Gb function| lt11139_Hb function| lt11139_Ib function| lt11139_Jb function| lt11139_Lb function| lt11139_Ob function| lt11139_Nb function| lt11139_Kb function| lt11139_Rb function| lt11139_Mb function| lt11139_Pb function| lt11139_Tb function| lt11139_Sb function| lt11139_Ub function| lt11139_Qb function| lt11139_Vb function| lt11139_Wb function| lt11139_Xb function| lt11139_9 function| lt11139_Yb function| lt11139_Zb function| lt11139__b function| lt11139_0b function| lt11139_1b function| lt11139_$ function| lt11139_2b function| lt11139_3b function| lt11139_4b function| lt11139_5b function| lt11139_6b function| lt11139_7b function| lt11139_8b function| lt11139_9b function| lt11139_ac function| lt11139_bc function| lt11139_cc function| lt11139_$b object| pbjs function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| owpbjsChunk object| owpbjs object| mnet object| ucTag object| OWT string| partnerName string| key object| regeneratorRuntime object| ox_esp function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_137 object| Criteo object| Criteo_identitytag_137 object| __uid2SecureSignalProvider object| __uid2 object| COMSCORE object| ns_p object| signal_decrypted object| google_tag_manager function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| _sf_async_config string| str object| patt boolean| res function| twq function| clarity function| onYouTubeIframeAPIReady object| gaplugins object| twttr object| gsapVersions string| $attrib object| $hits object| SaysDevice object| _cb_shared object| _cbv function| AlgoliaSearch function| AlgoliaSearchHelper function| AlgoliaExplainResults object| ALGOLIA_MIGRATION_LAYER object| __algolia function| algoliasearch function| algoliasearchHelper string| __INSIDER_SCRIPT_VERSION_says__ object| FB function| pm function| sQuery object| spApi object| Insider object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies function| dbljson1 object| _cbm object| __buffer object| GoogleGcLKhOms function| gtagH object| gaData function| _UA-27970811-1_sendHitTask function| dbljson2 object| google_image_requests function| gtag

44 Cookies

Domain/Path Name / Value
says.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.criteo.com/ Name: uid
Value: 80ab2af2-b263-4350-8ccf-f0ff086914a7
.openx.net/ Name: i
Value: 679e7495-800a-4e0a-beeb-12bc79889caa|1687442812
.useinsider.com/ Name: __cf_bm
Value: 4Na0GnNa9foSaw2nO0O4Jqf_o566kAmItueVxgExRY8-1687442812-0-AbF3am/2bCkl1iChFMmBss9ILNOXSd0Bq5T4RgV4OSGErfkBHi0PIAsvCC7/66RpnM+wK5R6enL4rsT+f+voIrs=
www.clarity.ms/ Name: CLID
Value: 8cf267cbec754e6eafdcee2c81ee95d8.20230622.20240621
.says.com/ Name: _fbp
Value: fb.1.1687442812760.1013371559
.says.com/ Name: _cb
Value: DbV9tJBUsnlpDJ09yD
.says.com/ Name: _chartbeat2
Value: .1687442812807.1687442812807.1.GXJ-pDj9Ax3psV30B1tzzci0gwm.1
.says.com/ Name: _cb_svref
Value: null
.says.com/ Name: cto_bundle
Value: cwxWr19ENzZ6MHhkUEZSV3lsMWNWNCUyQjRwWFklMkIlMkZ5ZldpcWpsWFZOdVNsWFRacUg1cGVxVGpGd2UlMkJybE5PZ0hZVUxIb2xSM0NPQXRlNEQwQVlvVDdSS01EWktBcklzT0ZSeFptdWtqZGRCTDBZRU94QSUyRmJtZW80bDJoc2F0OFduRUNCSnJFJTJCN1BRU2NkMmZTaDg3bTRHdnRCQ2clM0QlM0Q
.says.com/ Name: _clck
Value: zmeabb|2|fco|0|1268
.t.co/ Name: muc_ads
Value: 300e7efb-76e6-4a95-bd87-3714aed02bf0
.says.com/ Name: __cf_bm
Value: 5kppVRpFapHMB3k5uMp0AiPHNArTn8iaWn8r3tVcmOg-1687442812-0-AZs1PdV8siyxT3kfY/6bVnt518KZ1nuT4Y/rxe742xluQYCGeZP12rRptmtGJ/Dd5btP+sO5akRBX2VCltOxa2s=
.twitter.com/ Name: personalization_id
Value: "v1_zDBqCih0z0oAW6InmsolgQ=="
.says.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.says.com/ Name: _gid
Value: GA1.2.1022371719.1687442813
.says.com/ Name: _gat_UA-27970811-1
Value: 1
.says.com/ Name: __gads
Value: ID=9adfc30c41b8b1f8:T=1687442812:RT=1687442812:S=ALNI_MYnlTihvnWDcla7vaF-Idrsmadcyg
.says.com/ Name: __gpi
Value: UID=00000c4cbc04bce1:T=1687442812:RT=1687442812:S=ALNI_MZ-0M8K75kthUata6PztqeSfwHNHw
.bing.com/ Name: MUID
Value: 276190A5D3446319236A839DD2CF622E
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 276190A5D3446319236A839DD2CF622E
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 276190A5D3446319236A839DD2CF622E
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUnyx0NZn_9fP5wd0Mgw3YSwa2JP8mOYye8-nTlomsJzXNwn4nGOatBWZPdu
.says.com/ Name: _clsk
Value: cpc2s4|1687442813440|1|1|p.clarity.ms/collect
.dable.io/ Name: _gg_ck_match
Value: 1
.dable.io/ Name: _nas_ck_match
Value: 1
.dable.io/ Name: _nh_ck_match
Value: 1
.dable.io/ Name: _gn_ck_match
Value: 1
.dable.io/ Name: _kko_ck_match
Value: 1
.says.com/ Name: dable_uid
Value: undefined
.says.com/ Name: _dc_gtm_UA-27970811-1
Value: 1
.says.com/ Name: _ga_7S9H066JJ6
Value: GS1.1.1687442812.1.0.1687442814.58.0.0
.toast.com/ Name: BID
Value: X6QP7MCYQ3VV67CAD9RIX3KLA
.toast.com/ Name: txmed_1440080439
Value: 00000000.0000000000000_:_EXP_:_1702994814
.toast.com/ Name: txsync
Value: 1687442814
.says.com/ Name: _ga
Value: GA1.1.281384666.1687442812
.says.com/ Name: _ga_VTGFSRF3VN
Value: GS1.1.1687442814.1.1.1687442814.60.0.0
.ad.daum.net/ Name: DSPR
Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220230622%22%2C%22u%22%3A%2200000000.0000000000000%22%7D%7D
.ds.kakao.com/ Name: DSPR
Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220230622%22%2C%22u%22%3A%2200000000.0000000000000%22%7D%7D
hb.revid.my/ Name: revid
Value: O6BBV5ectr7A2meDscEMh

6 Console Messages

Source Level URL
Text
other warning URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A preload for 'https://pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/sto.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error
Message:
A bad HTTP response code (403) was received when fetching the script.
network error URL: https://c16d-35-240-187-111.ngrok.io/pcto.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cs.gssprt.jp/yie/ld/cs?dspid=dable&uid=00000000.0000000000000
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://says.com/my
Message:
The resource https://pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/sto.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://says.com/my
Message:
The resource https://pcto.revmedia.my/2023/06/inclusivebeauty-floatWidget/sto.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: 'self'; connect-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; font-src 'self' data: https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; frame-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; img-src 'self' https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; script-src 'self' data: https: wss: about: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com; style-src 'self' data: https: 'unsafe-eval' 'unsafe-inline' api.useinsider.com says.api.useinsider.com
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1110dfb1bffd3b5b1696f6fc94030650.safeframe.googlesyndication.com
act.ds.kakao.com
ads.pubmatic.com
adservice.google.com
ampcid.google.com
ampcid.google.de
analytics.ad.daum.net
analytics.twitter.com
api.dable.io
assets.api.useinsider.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
c.bing.com
c.clarity.ms
c16d-35-240-187-111.ngrok.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.skypack.dev
cdnjs.cloudflare.com
cm-exchange.toast.com
cm.g.doubleclick.net
connect.facebook.net
cs.gssprt.jp
csi.gstatic.com
eitri.api.useinsider.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.revid.my
heartbeat.mediaprimaplus.com.my
hit.api.useinsider.com
id5-sync.com
image.useinsider.com
images.says.com
imasdk.googleapis.com
invstatic101.creativecdn.com
locationv2.api.useinsider.com
log.api.useinsider.com
mab.chartbeat.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.clarity.ms
p.typekit.net
pagead2.googlesyndication.com
pcto.revmedia.my
ping.chartbeat.net
policy.revasia.com
r-log.dable.io
r1---sn-4g5ednsr.c.2mdn.net
region1.analytics.google.com
s0.2mdn.net
says.api.useinsider.com
says.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
static.ads-twitter.com
static.chartbeat.com
static.cloudflareinsights.com
static.criteo.net
static.dable.io
stats.g.doubleclick.net
t.co
tags.crwdcntrl.net
tpc.googlesyndication.com
use.typekit.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
103.243.202.190
104.244.42.133
104.244.42.3
108.138.36.46
13.209.159.148
142.250.185.226
142.250.186.98
146.75.116.157
162.19.138.118
178.250.7.13
18.155.129.81
20.122.63.128
2001:4860:4802:34::36
211.249.220.158
222.230.178.132
23.32.184.192
2600:1f16:d83:1202::6e:5
2600:9000:225b:8600:a:e047:753:be1
2600:9000:237d:8e00:18:1fcd:353:c61
2606:4700:10::6816:3556
2606:4700:20::681a:c52
2606:4700:3035::ac43:a9b3
2606:4700:7::a29f:853d
2606:4700::6810:3865
2606:4700::6811:190e
2606:4700::6812:101f
2606:4700::6812:16f3
2606:4700::6812:1917
2606:4700::6812:1f22
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:4006:809::2003
2a00:1450:400c:c03::9a
2a00:1450:401e:28::6
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:3100::1735:28b8
2a02:26f0:3100::1735:28c8
2a03:2880:f03d:1c:face:b00c:0:3
2a03:2880:f13d:83:face:b00c:0:25de
2a04:4e42:400::714
2a04:4e42:600::485
34.102.146.192
34.120.135.53
34.236.209.240
34.96.70.87
35.190.39.111
35.244.159.8
43.200.40.244
54.229.86.74
68.219.88.97
74.125.133.157
92.122.97.233
003ec16357887a5d46e64d65b9a909ed195fdac4c0011b4f60e499db8c2797d3
026245284ba166828b5a5732c6008a251450c53991ae9fc3965bacfde0240f48
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e5484433ee9688a36ce75acb28252dae751fa8597fcd54ec7c5967519897919
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
17b295bed6000f3ca4ac4e362963d4062a7160e326399b786f07509272fa1ea2
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bc580be684e1ba2a0f08ffeb5fdcdcda86396c16ed23cd05d55034bba1aa2e8
1bea71d07ca30415d598ea3dfbe6641f5aa63fe0414d3c27ed6bd0e89c603439
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03
256de1accbccc4ffee65cf0ae6ddda99d1a056e669ddb390c959b942df9a5358
267db6787a4c101c76c6b5d81ad9af6bd0aa0f86d8b8a1de513cac0d404e1a11
2a790e525c33bebd856b2b470474ea66ce6c54649c4aca6e93680c49783e4130
2ab96b9e52cbe8650963aa8a23c6c83637e3421fa4ef6c95f495644ebe7d84de
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328974a79d1c3c188d8fe4e9eefb97c18d431da7fc63ffa4c9d247e7a37b0751
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
345bba914ae691dbc8d85ead5d9c4b7e0c5e4a83eb817eaf7b9f6e4e58d70473
34692b432f55be19b52784ef9da14cd88c3bb8c6f9e4240e236ee74623d45464
35b97eb85e99457b46ff1988c720e7e0dfedd93cc64b5c189d0ee3f9d34ff2a9
38ebd62b94d8143fb7fd86d1fd6498ebc3363d9e5371c9620a7a791f781bfbf2
392e35da9115da1fb34a2eff0eb366f98454ad057ca78c167de73b2c007bcc5f
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3c06a55d3d62d6ee014e4a184baa5631320cb1d5768dcf3b6b3b1671c3337eae
407a888e655899d02d89088205b185e854860ae1d600eb91602b16df0c6a08a6
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42bfcc13f63c3b068a4f59c188ad224ab48d2e3d91ce033311da926be2327249
45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512
45c79d1c4cd96087923670cbc2e41b8f877a0fdfb24f7b27251f45e6c3263b46
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47aa51a3e65b3ab865fe1a74177c6c854a92bec2066493dcbbfc66f714f83937
48def9fc317d6149517f215bf8942fd2e29cbdb15c40e1ec04e0c82f7e581b87
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4cd51d12649ff55912eb08f36f1daebe078249d42d4c51ebb6806be06e6928d3
4d03ca7f3ce7f1698643944490152dd091759abaae48a654dcb8c0e1fff69094
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e7a7c127c402622431c23053b3fa26b28db7f7f89ba61a37ea1a77852561a7
58eac2409ac9874ccf4f8b51bc6e55f0ff315d1f511be42785ce85fc4849e444
5aca048656ddd794fc94bdd18209073e12d2f7bbc63c18efc431ac9376e0632a
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5f6922399409f62acc25ba12b2c4222128a9eeef489540410c0ee13d915bdbf5
6139cf28f27e43ef93d80278423db91715a6c3b6c0a155c4f7386dcf578de617
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624a018da5fe1ab118f1cfd1e583668d88a0604cabe3d912c16c71b5de43bf4f
64a043d0cdfe465517886b5a4c2cb81f7fbe997ab4002e09249836381f0bb554
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
69fb789d8300db9cc4e1a3bd522075c11d53f01f2e6fcd600acd8dde84b69c79
6b2b4de8c5528c92aaf3c7aaad67bdd0714df23bbcc85c5238e02581dd21deda
6db540001c49985d6c5c5b10a1ee34de47f9a0bb31d5cf72b0c7fd0a9409f97b
6e0adbdc7469e73957dea0d2c0e6317aa6d597e5ca6e0c96a77321614aa0ae42
70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8
72b8d224b5745db5b3c242047a76edc6e27f5868a1c01a94d90d2048f3efcf44
76a94da62f29e9e2be1a115b3967855f565feb162e1c3b027c4e5d10753a8b11
76d3becc6af6d4d98d42f0847e9c93d00099ead96869d101ff1ac3015db0844c
7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9
7c493318ef3bc1d4822fb55ac4469891fb714551e5586332a54527a19797ef60
7ca79b17283dd424f6e491d2effc14b0a4861b5c8ea6580950551ba8e49b948a
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7f1348466162207cad88b69aa63979034c54685aec12c5d13e831b7065519ad6
7f134ce352c4d1868e8344e9ef332e1ec2994e33b8088e164b3d653a8a674699
7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
80fcbc7019ba45425ee3681720422bcbaaeee472697a1a4b312a714ff6c69763
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
81150896f16cea7524287f2fc9088553ac8469a0d094356dc1c1dfbe9ce41a7d
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
8207e7639d4d23b685b42877546eddd62dd9705488a485b246383fc9c9b615ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c3d3f8f234c097ceffd6fa4f04eb721a627e0149d07e68125f318b1be1bb841
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4
90559f5e491ed19ce3385e5654a7052df154f9098b6f971998b54b47af5d02a9
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9233c0c01ce219c102432f8da76d92d40bee603d575e238540da05da0ad17c
9facd749d1c22778d8b707291d9713152d6b6f4bb2f20e3fdf32ce854758e633
a094fd5f349ad0ec442ca3349e6f253958eeee9211168a636e9ab9bf72f90288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a9625257ab40695983ebddf135603dc65d8fe2da06216a579c6b68d35ba9c5f1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4cd481eb129c2435c8c8fe40472fb12ddb4f02c0806750b3a2a5a717be50e12
b7afb5f4724c8424e942d98fcbfeca361f8ba1a427ec36f3e789029b210790f1
b947a3efe23b4827fa6e4f7c6c0364baa2f66d27d0eb8074d5ab36380876e952
b9d9c248d1c87f59c7f19b198c5ed7310a4bfd0f57759dd87d649b00ec9fdb5b
bf9a7bd0d1f8dd577caf130232ada8bb215ac2f278fd31aebe6521ddea1fe47c
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c984bd61d999adf9c50e220bb76b1177e9bb6a43509b7fafe8ba4333573992b7
c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ced14124fdcf5b1197ef003df3f4b4e65c5b0bd8f74138c77de429f38f278fee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfe8e5168d661e94ef9fc3ae9d3f2a5b7a02093231694e1ae0573b5be6c4215a
d6a95cc97c0c446becb8c554a77cb3d6828c7f257d92c6aad183450148f3b13d
dcc156f774f770c9969f60f278f977ce3a561b5927bf0acb682f4834e1729c3c
ddf85037fd1f04c4684ed0357cf80a71a3c4aa19049bfccdaec678b4b18dc8e2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e053d1e1ddf3c48f8ae2511f83f8a7f809b9d69259d2488e144feeafd781d554
e3549acf5339d941c30da7c96a2ae79e3d33b536045e15bce3ec0c19cf23c081
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dad81ae9e89995623b89e9c6f7c5c926a098f0882f66dfeb6a7bf99926c1f2
e44df4baa939d63f675d6d39c423d4dd31a8bd6831efd92e91cc6957d5a6ffb6
e60c8811af7668afeafc7fe49e25623e8d150afb5bef079b238911d3856f8ad5
e700adec3385a87d1a99fa9418e13d70fdcd1a55412f19fbeaf4fcb172228f39
eb97ae42500ac290cc6b1e1c63b0784a790777a63883f57ee7f418b09f448657
ec6520581b6bc6b23f8fc54e738fbe4f8b3bc7926ef49ae2c8d5ae42cb1976c8
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5301a2d7f41df0ef668b39ff04271e202844a6fa8290793b5f3bc3fe499db05
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8e49be0af43563816d9a0344daae7b4fcd5d7e6734349dee459205ec5625c48
f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2
fdd7484124391aa4b62cc73fc68831ebef65c20608d8f5f1d485a6a19bc20491
fe3c54e1f5d601927b3a7f42697ba0de2f8a80e055f55b6001412f8fb02955f8