urlscan.io logo urlscan.io
SecurityTrails logo

says.com Open in urlscan Pro
2606:4700:4400::6812:23c5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://says.com/
Effective URL: https://says.com/my
Submission: On July 27 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 9 countries across 48 domains to perform 149 HTTP transactions. The main IP is 2606:4700:4400::6812:23c5, located in United States and belongs to CLOUDFLARENET, US. The main domain is says.com. The Cisco Umbrella rank of the primary domain is 199007.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 22nd 2022. Valid for: a year.
This is the only time says.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 17 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
13 142.250.185.98 15169 (GOOGLE)
1 18.66.139.7 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 23.35.236.201 16625 (AKAMAI-AS)
4 2a03:2880:f00... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.111.225.233 16625 (AKAMAI-AS)
1 5 13.32.121.17 16509 (AMAZON-02)
2 52.208.103.128 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
8 2606:4700:7::... 13335 (CLOUDFLAR...)
1 199.232.16.157 54113 (FASTLY)
1 2600:1f16:d83... 16509 (AMAZON-02)
2 2620:1ec:27::... 8075 (MICROSOFT...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 4 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 50.16.121.35 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.233.181.142 14618 (AMAZON-AES)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.66.122.88 16509 (AMAZON-02)
3 40.76.174.66 8075 (MICROSOFT...)
1 3.39.57.110 16509 (AMAZON-02)
1 216.52.2.30 30282 (AS-INAPCD...)
2 37.252.172.250 29990 (ASN-APPNEX)
1 18.156.195.47 16509 (AMAZON-02)
1 104.18.19.126 13335 (CLOUDFLAR...)
1 34.98.64.218 15169 (GOOGLE)
1 2602:803:c004... 26667 (RUBICONPR...)
1 185.86.139.58 201081 (SMARTADSE...)
1 216.52.2.48 30282 (AS-INAPCD...)
1 178.250.2.131 44788 (ASN-CRITE...)
1 198.47.127.19 3257 (GTT-BACKB...)
1 2606:4700:7::... 13335 (CLOUDFLAR...)
1 3.39.175.111 16509 (AMAZON-02)
1 2 211.249.220.158 9457 (DREAMX-AS...)
1 1 172.217.16.194 15169 (GOOGLE)
2 52.78.181.17 16509 (AMAZON-02)
1 1 183.110.238.136 4766 (KIXS-AS-K...)
1 103.243.202.190 45974 (NHN-AS-KR...)
4 52.222.209.55 16509 (AMAZON-02)
1 141.95.98.66 16276 (OVH)
1 35.71.131.137 16509 (AMAZON-02)
149 66
17    2606:4700:4400::6812:23c5 (United States)

ASN13335 (CLOUDFLARENET, US)
says.com
images.says.com
2    2606:4700:3035::ac43:a9b3 (United States)

ASN13335 (CLOUDFLARENET, US)
policy.revasia.com
5    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
13    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
1    18.66.139.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-7.fra60.r.cloudfront.net
tags.crwdcntrl.net
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.111.225.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-225-233.deploy.static.akamaitechnologies.com
static.dable.io
5    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
pagead2.googlesyndication.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e93cb24d57e10e299139bd3e0797d241.safeframe.googlesyndication.com
0ac9e36acc2eaa40077756c9ecfeb68e.safeframe.googlesyndication.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
www.googleadservices.com
2    2600:9000:223c:dc00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
8    2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)
says.api.useinsider.com
location.api.useinsider.com
log.api.useinsider.com
hit.api.useinsider.com
1    199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2600:1f16:d83:1201::6e:1 (Columbus, United States)

ASN16509 (AMAZON-02, US)
c16d-35-240-187-111.ngrok.io
2    2620:1ec:27::cafe:1375 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2606:4700:4400::ac40:9375 (United States)

ASN13335 (CLOUDFLARENET, US)
heartbeat.mediaprimaplus.com.my
heartbeat-api.mediaprimaplus.com.my
4    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
4    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    50.16.121.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-121-35.compute-1.amazonaws.com
ping.chartbeat.net
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.fr
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
1    34.233.181.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-181-142.compute-1.amazonaws.com
mabping.chartbeat.net
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2606:4700:10::6816:31fd (United States)

ASN13335 (CLOUDFLARENET, US)
tag.adbro.me
cdn.adbro.me
1    18.66.122.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-88.fra60.r.cloudfront.net
scripts.kiosked.com
3    40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
d.clarity.ms
1    3.39.57.110 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-39-57-110.ap-northeast-2.compute.amazonaws.com
api.dable.io
1    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
gslbeacon.lijit.com
2    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
kiosked-d.openx.net
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)
segment.api.useinsider.com
1    3.39.175.111 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-39-175-111.ap-northeast-2.compute.amazonaws.com
r-log.dable.io
2    211.249.220.158 (Korea, Republic Of)

ASN9457 (DREAMX-AS DREAMLINE CO., KR)
analytics.ad.daum.net
act.ds.kakao.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
2    52.78.181.17 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-181-17.ap-northeast-2.compute.amazonaws.com
adx.dable.io
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
1    103.243.202.190 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)
cm-exchange.toast.com
4    52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu
id5-sync.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
17 says.com
says.com — Cisco Umbrella Rank: 199007
images.says.com — Cisco Umbrella Rank: 289041
895 KB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
351 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
e93cb24d57e10e299139bd3e0797d241.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
0ac9e36acc2eaa40077756c9ecfeb68e.safeframe.googlesyndication.com
59 KB
9 useinsider.com
says.api.useinsider.com — Cisco Umbrella Rank: 636553
segment.api.useinsider.com — Cisco Umbrella Rank: 16416
location.api.useinsider.com — Cisco Umbrella Rank: 16707
log.api.useinsider.com — Cisco Umbrella Rank: 11457
hit.api.useinsider.com — Cisco Umbrella Rank: 14114
99 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 542
c.clarity.ms — Cisco Umbrella Rank: 1008
d.clarity.ms — Cisco Umbrella Rank: 5259
26 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 96
ampcid.google.com — Cisco Umbrella Rank: 1665
www.google.com — Cisco Umbrella Rank: 10
3 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 572
p.typekit.net — Cisco Umbrella Rank: 688
80 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 397
mug.criteo.com — Cisco Umbrella Rank: 2751
bidder.criteo.com — Cisco Umbrella Rank: 722
1 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 141
5 KB
5 dable.io
static.dable.io — Cisco Umbrella Rank: 17633
api.dable.io — Cisco Umbrella Rank: 16677
r-log.dable.io — Cisco Umbrella Rank: 18448
adx.dable.io — Cisco Umbrella Rank: 16099
36 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
42 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
495 B
4 google.fr
adservice.google.fr — Cisco Umbrella Rank: 24785
ampcid.google.fr — Cisco Umbrella Rank: 194403
www.google.fr — Cisco Umbrella Rank: 13968
2 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
196 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
141 KB
3 adbro.me
tag.adbro.me — Cisco Umbrella Rank: 25738
cdn.adbro.me — Cisco Umbrella Rank: 27890
33 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1167
mab.chartbeat.com — Cisco Umbrella Rank: 1878
35 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 485
image6.pubmatic.com — Cisco Umbrella Rank: 634
143 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1361
bcp.crwdcntrl.net — Cisco Umbrella Rank: 841
id.crwdcntrl.net — Cisco Umbrella Rank: 1472
16 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 424
59 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 234
1 KB
2 lijit.com
gslbeacon.lijit.com — Cisco Umbrella Rank: 13063
ap.lijit.com — Cisco Umbrella Rank: 699
749 B
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 988
mabping.chartbeat.net — Cisco Umbrella Rank: 5075
402 B
2 mediaprimaplus.com.my
heartbeat.mediaprimaplus.com.my — Cisco Umbrella Rank: 225496
heartbeat-api.mediaprimaplus.com.my — Cisco Umbrella Rank: 177270 Failed
39 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
111 KB
2 revasia.com
policy.revasia.com — Cisco Umbrella Rank: 299823
4 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 362
385 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 546
615 B
1 toast.com
cm-exchange.toast.com — Cisco Umbrella Rank: 4576
607 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 2740
914 B
1 kakao.com
act.ds.kakao.com — Cisco Umbrella Rank: 18553
493 B
1 daum.net
analytics.ad.daum.net — Cisco Umbrella Rank: 16997
571 B
1 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1467
315 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 516
690 B
1 openx.net
kiosked-d.openx.net — Cisco Umbrella Rank: 36209
347 B
1 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1305
670 B
1 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1033
287 B
1 kiosked.com
scripts.kiosked.com — Cisco Umbrella Rank: 33213
86 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 487
355 B
1 t.co
t.co — Cisco Umbrella Rank: 435
338 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 192
554 B
1 ngrok.io
c16d-35-240-187-111.ngrok.io
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 610
15 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226
7 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1311
5 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
149 48
Domain Requested by
13 securepubads.g.doubleclick.net says.com
www.googletagservices.com
securepubads.g.doubleclick.net
12 says.com 2 redirects says.com
static.cloudflareinsights.com
5 images.says.com
5 sb.scorecardresearch.com 1 redirects says.com
5 use.typekit.net says.com
use.typekit.net
4 c.amazon-adsystem.com says.com
c.amazon-adsystem.com
4 log.api.useinsider.com says.com
4 www.google.com tpc.googlesyndication.com
says.com
4 www.facebook.com 1 redirects says.com
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 connect.facebook.net says.com
connect.facebook.net
4 www.googletagservices.com says.com
securepubads.g.doubleclick.net
3 d.clarity.ms www.clarity.ms
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 cdn.jsdelivr.net says.com
2 adx.dable.io says.com
2 ib.adnxs.com scripts.kiosked.com
2 tag.adbro.me 1 redirects says.com
2 c.clarity.ms 1 redirects says.com
2 www.google.fr says.com
2 www.clarity.ms says.com
www.clarity.ms
2 says.api.useinsider.com www.googletagmanager.com
says.api.useinsider.com
2 static.chartbeat.com www.googletagmanager.com
says.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 adservice.google.com securepubads.g.doubleclick.net
2 www.googletagmanager.com says.com
www.googletagmanager.com
2 ads.pubmatic.com says.com
scripts.kiosked.com
2 policy.revasia.com says.com
1 0ac9e36acc2eaa40077756c9ecfeb68e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 match.adsrvr.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 hit.api.useinsider.com says.api.useinsider.com
1 cm-exchange.toast.com says.com
1 idsync.admixer.co.kr 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 act.ds.kakao.com says.com
1 analytics.ad.daum.net 1 redirects
1 r-log.dable.io static.dable.io
1 location.api.useinsider.com says.api.useinsider.com
1 segment.api.useinsider.com says.api.useinsider.com
1 image6.pubmatic.com ads.pubmatic.com
1 bidder.criteo.com scripts.kiosked.com
1 ap.lijit.com scripts.kiosked.com
1 prg.smartadserver.com scripts.kiosked.com
1 fastlane.rubiconproject.com scripts.kiosked.com
1 kiosked-d.openx.net scripts.kiosked.com
1 as-sec.casalemedia.com scripts.kiosked.com
1 c2shb.ssp.yahoo.com scripts.kiosked.com
1 gslbeacon.lijit.com scripts.kiosked.com
1 api.dable.io static.dable.io
1 heartbeat-api.mediaprimaplus.com.my heartbeat.mediaprimaplus.com.my
1 scripts.kiosked.com securepubads.g.doubleclick.net
1 cdn.adbro.me says.com
1 stats.g.doubleclick.net www.google-analytics.com
1 analytics.twitter.com
1 t.co
1 c.bing.com 1 redirects
1 mabping.chartbeat.net
1 ampcid.google.fr www.google-analytics.com
1 ping.chartbeat.net
1 mab.chartbeat.com static.chartbeat.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 ampcid.google.com www.google-analytics.com
1 heartbeat.mediaprimaplus.com.my www.googletagmanager.com
1 c16d-35-240-187-111.ngrok.io www.googletagmanager.com
1 static.ads-twitter.com says.com
1 www.googleadservices.com www.googletagmanager.com
1 e93cb24d57e10e299139bd3e0797d241.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.fr securepubads.g.doubleclick.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 static.dable.io says.com
1 cdnjs.cloudflare.com says.com
1 p.typekit.net use.typekit.net
1 tags.crwdcntrl.net says.com
1 static.cloudflareinsights.com says.com
0 api.rlcdn.com Failed ads.pubmatic.com
149 79

This site contains no links.

Subject Issuer Validity Valid
says.com
Cloudflare Inc ECC CA-3		 2022-02-22 -
2023-02-22		 a year crt.sh
revasia.com
Cloudflare Inc ECC CA-3		 2022-02-22 -
2023-02-22		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-05 -
2022-08-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
static.dable.io
R3		 2022-07-26 -
2022-10-24		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.google.fr
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
useinsider.com
Cloudflare Inc ECC CA-3		 2022-02-22 -
2023-02-21		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.ngrok.io
R3		 2022-07-01 -
2022-09-29		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
mediaprimaplus.com.my
Cloudflare Inc ECC CA-3		 2021-08-30 -
2022-08-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-13 -
2022-12-12		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-31 -
2022-10-30		 a year crt.sh
*.kiosked.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-22 -
2022-10-02		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.dable.io
Amazon		 2022-06-26 -
2023-07-25		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.toast.com
Sectigo RSA Organization Validation Secure Server CA		 2022-06-30 -
2023-07-31		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 11 frames:

Primary Page: https://says.com/my
Frame ID: 9EAA7502FE77215812F584AACA5F5FED
Requests: 121 HTTP requests in this frame

Frame: https://e93cb24d57e10e299139bd3e0797d241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F8FF4216976BED65A852C3F4E3A66F5D
Requests: 1 HTTP requests in this frame

Frame: https://says.api.useinsider.com/worker-new.html
Frame ID: 15A5F85B1DB82E137FA70E6F29D61D97
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8AF6FA45FE0964201673FAAC1F2D9777
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B206F32D891BF48A73B8AF38D8A4CA1B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E04BB201C2F33B0A5C8BA1D724AFD56A
Requests: 2 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=kiosked1_auction_api&rand=317225&informer=13403098&type=fpads&loc=says.com&v=1.2
Frame ID: 3EC7205E9DED039924BDC8498B99B82D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 86CE9F3388B49587781AC9E45BECC4E9
Requests: 13 HTTP requests in this frame

Frame: https://0ac9e36acc2eaa40077756c9ecfeb68e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 321602F7DFA61822126D884200AFBEBE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D0E747F446D8106D5F4BFF0233A18C0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D27B0DF05FEA707B58B0DB04774096E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://says.com/ HTTP 301
    https://says.com/ HTTP 301
    https://says.com/my Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • api\.useinsider\.\w+/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

149
Requests

93 %
HTTPS

49 %
IPv6

48
Domains

79
Subdomains

66
IPs

9
Countries

2531 kB
Transfer

6662 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://says.com/ HTTP 301
    https://says.com/ HTTP 301
    https://says.com/my Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034955&cs_it=b3&cv=3.8.0.210223&ns__t=1658920188294&ns_c=UTF-8&c7=https%3A%2F%2Fsays.com%2Fmy&c8=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&cs_it=b3&cv=3.8.0.210223&ns__t=1658920188294&ns_c=UTF-8&c7=https%3A%2F%2Fsays.com%2Fmy&c8=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&c9=
Request Chain 49
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsays.com%2F&domain=says.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=vdSfRXxvdzRhalh1WDBmdEc1N0dwNFhXMXVmcU5NVnRISEVodTlPN2pkNmN5NktPalozQmVjSWE2TklHNjZGbFdjMnc3SGdvVzlXc0xobzhXUXptTm1Bbmw5MXpPUmFGSUNrb0h0aWRmWEpIanZxZ0tjSFZyMy96T2JXNUt6cjhRYVYvZDFIMXBuSEFnNWZSaUJEUlJIdnlURDE2SGlNYTYxMHBBSVg3bzZEM043aTZYY3lRM2k1VUJIVitRSWJ3bkVZbTBtK0xTOEl0aTZXVHlOMFBtN3IyL2RQc0NjSlVWb2xRSnh3M3duOVlXSGNzPXw&cppv=2
Request Chain 77
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=92738FF13AAA45A6AC0407A773567822&RedC=c.clarity.ms&MXFR=2B3723C496F26118236B322A92F26FA7 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=92738FF13AAA45A6AC0407A773567822&MUID=14C9D5B48369652D251CC45A829C64CD
Request Chain 85
  • https://www.facebook.com/tr/?id=169284420317900&ev=PageView&dl=https%3A%2F%2Fsays.com%2Fmy&rl=&if=false&ts=1658920188787&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1658920188785.870465205&it=1658920188235&coo=false&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fsays.com%2Fmy&ec=0&ev=PageView&fbp=fb.1.1658920188785.870465205&id=169284420317900&if=false&it=1658920188235&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1658920188787&v=2.9.66
Request Chain 88
  • https://tag.adbro.me/tags/ptag.js HTTP 302
  • https://cdn.adbro.me/ptag.js
Request Chain 119
  • https://analytics.ad.daum.net/match?d=111&uid=75432334.1658920189907 HTTP 307
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220727%22,%22u%22:%2275432334.1658920189907%22%7D%7D
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
  • https://adx.dable.io/pixel/google?google_error=15
Request Chain 121
  • https://idsync.admixer.co.kr/idsync?pid=120&uid=75432334.1658920189907 HTTP 302
  • https://adx.dable.io/pixel?dsp_id=11&uid=9155170851fc736d5583b4303fa969db

149 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request my
says.com/
Redirect Chain
  • http://says.com/
  • https://says.com/
  • https://says.com/my
54 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger 6.0.4
Resource Hash
69d496ce1c92c7b7e8dad43101b3c59bbce5eacb8519a507de360a561349690d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
530
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7314ecc5ba543329-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 27 Jul 2022 11:09:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 27 Jul 2022 11:39:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
status
200 OK
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger 6.0.4
x-request-id
962c3848-41e5-4775-ab79-63a88b3f012d
x-runtime
1.034543
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=1800
cf-cache-status
HIT
cf-ray
7314ecc4d9353329-CDG
content-type
text/html
date
Wed, 27 Jul 2022 11:09:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 27 Jul 2022 11:39:47 GMT
location
https://says.com/my
server
cloudflare
status
301 Moved Permanently
vary
Accept-Encoding
via
1.1 google
x-powered-by
Phusion Passenger 6.0.4
x-request-id
0cfa2854-e4f8-44bc-b708-6b2b66c65522
x-runtime
0.001585
bootstrap-9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4.css
says.com/assets/ 		154 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/bootstrap-9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4.css
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
7314ecc6184f3bbc-CDG
date
Wed, 27 Jul 2022 11:09:47 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
age
8943
etag
W/"5ddf9000-26643"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 27 Jul 2022 11:10:17 GMT
application-811f0b19d8e7a14b42c3fbdce7412dad69f47e026b47dedf97f8e533d857a181.css
says.com/assets/ 		338 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/application-811f0b19d8e7a14b42c3fbdce7412dad69f47e026b47dedf97f8e533d857a181.css
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
811f0b19d8e7a14b42c3fbdce7412dad69f47e026b47dedf97f8e533d857a181

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
7314ecc618533bbc-CDG
date
Wed, 27 Jul 2022 11:09:47 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 15:33:33 GMT
server
cloudflare
age
8943
etag
W/"624326cd-5476d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 27 Jul 2022 11:10:17 GMT
cookie.consent.css
policy.revasia.com/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://policy.revasia.com/cookie.consent.css
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a9b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe8e5168d661e94ef9fc3ae9d3f2a5b7a02093231694e1ae0573b5be6c4215a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash
crc32c=yFoefQ==, md5=/Co07jaJviW5aoG5Zrx82A==
date
Wed, 27 Jul 2022 11:09:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1165
x-guploader-uploadid
ADPycdsuxa9Pdv-S6kK8lh3y2S7Q0jDdWKTxSLrV4hwSJMK_eFAcJMZm8roAXeFcpS-aOfRNiWOv4ZupsTI6v_yBta2hIg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 27 Sep 2019 04:27:42 GMT
server
cloudflare
etag
W/"fc2a34ee3689be25b96a81b966bc7cd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Bwd1Rdj4Zj6aTC0ntgshRHRvI797IK%2Bq7j9%2FmU%2B%2FsDiQ%2BMQYtboIAzujLBwB0x8Jhi6d9Vp6H2SxcQaS%2Fs2pra4zZrIWMIaEQy6EdVpJDhF9HLqeyAhXTCZ6LGcfFkjp0ZQb6%2BNLpnrle0i1N20ZY0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1569558462623355
access-control-allow-origin
*
content-type
text/css
access-control-expose-headers
Content-Type, Authorization, Content-Length, User-Agent, x-goog-resumable, x-goog-acl, Access-Control-Allow-Origin, X-Requested-With
cache-control
public, max-age=14400
x-goog-stored-content-length
1132
cf-ray
7314ecc6699a8e15-LHR
expires
Wed, 27 Jul 2022 11:35:02 GMT
ner5wjl.css
use.typekit.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ner5wjl.css
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8fa8284e9aabdb6ef94bf9618b4d553213e42b1db54514fbb4df5f5ae8c627f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Wed, 27 Jul 2022 11:09:47 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1089
says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
says.com/assets/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://says.com/assets/says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
7314ecc628923bbc-CDG
date
Wed, 27 Jul 2022 11:09:47 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
age
1982
etag
W/"5ddf9000-86a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=60
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rocket-loader.min.js
says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 22 Jul 2022 16:05:12 GMT
server
cloudflare
etag
W/"62dacab8-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7314ecc628953bbc-CDG
vary
Accept-Encoding
expires
Fri, 29 Jul 2022 11:09:47 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://says.com/
Origin
https://says.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:47 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7314ecc67ec6edbb-CDG
typeahead.jquery.min.js
cdn.jsdelivr.net/typeahead.js/0.10.5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/typeahead.js/0.10.5/typeahead.jquery.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3dad81ae9e89995623b89e9c6f7c5c926a098f0882f66dfeb6a7bf99926c1f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8664447
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19174-FRA, cache-cdg20767-CDG
timing-allow-origin
*
server
cloudflare
etag
W/"510c-S3JXs07We2e7+mK0ogQDjPiLH0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK84qWdI5skgYz6ddRagOcXL%2BhET2gUUDCLb2ENDPS2AKbopGp%2Be%2BMQVokRGLaxPolPHXzG8vLKgHuoJVfKq3X78RQfhQeWIuFhnJvQKVZ4JOGw8HRTqvi2wXCOsoOL5096USOKbOTG%2Fqxl84NY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
7314ecc6fa2f99ee-CDG
access-control-expose-headers
*
algoliasearch.helper.min.js
cdn.jsdelivr.net/algoliasearch.helper/2/ 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/algoliasearch.helper/2/algoliasearch.helper.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38909
x-jsd-version
2.28.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19165-FRA, cache-cdg20725-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1f4ce-yhw0k44Hf5WfhCJOdgej62yDo+U"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fkvbip2MbuUuZBWiRWR572HuMX7p%2Fif67uIUchgwIGxKOjoaeCTEDAsmBhpj8fXhCYjsX3tOtl2na5dsa9dsurX8lJ7GLKavbv8IXvH%2BZBD5SAYp8ZwE1ImVpyZS%2B5sH0aQn%2B%2BXSGv9JQwqLCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7314ecc6fa3199ee-CDG
algoliasearch.min.js
cdn.jsdelivr.net/algoliasearch/3.9/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/algoliasearch/3.9/algoliasearch.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d03ca7f3ce7f1698643944490152dd091759abaae48a654dcb8c0e1fff69094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size
17039
age
11065668
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19178-FRA, cache-cdg20780-CDG
timing-allow-origin
*
server
cloudflare
etag
W/"dca7-7EOIzEqVciton1p8sULUNdzPZIc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPKdebxDq%2FM3ZdoYGXaIiuvFEFJ8s2HUM3JYgVtly03XDdxxZW7pCFYmsz8c%2B35xBPdDORas8R9kHJAN5r%2FvoE71JSWrltWZlfDcTU2Jf8faWkCWY%2BXvrvX4cz749u57um4Q%2Frs0ayOkw1oX%2FKA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
7314ecc6fa3299ee-CDG
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
6ed733851a5961457b99a32c0b1756ff035821c82e1aadeafc309081e7027144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28314
x-xss-protection
0
server
sffe
etag
"1285 / 208 of 1000 / last-modified: 1658917577"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Jul 2022 11:09:48 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/11139/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-7.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0cd9a76989bba58302b8f81273b787771f57470e8e47cb114532f3c601484ed6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 10:05:23 GMT
content-encoding
gzip
etag
W/"5cde3eff8a8dae5b4d5eeb4011530e43"
last-modified
Tue, 19 Jul 2022 17:09:56 GMT
server
AmazonS3
age
18052
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
Kq8vwClDgfwwgstquFpDSfWq6UPYIWTISbHh5xHLJaFZ9CoLLX-v4w==
bootstrap-70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8.js
says.com/assets/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/bootstrap-70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
7314ecc6b96a3bbc-CDG
date
Wed, 27 Jul 2022 11:09:47 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
age
8943
etag
W/"5ddf9000-ef1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 27 Jul 2022 11:10:17 GMT
application-cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d.js
says.com/assets/ 		492 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/application-cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/my
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
7314ecc6b96c3bbc-CDG
date
Wed, 27 Jul 2022 11:09:47 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 02 Mar 2021 15:22:36 GMT
server
cloudflare
age
8943
etag
W/"603e583c-7b1ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 27 Jul 2022 11:10:17 GMT
cookie.consent.js
policy.revasia.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://policy.revasia.com/cookie.consent.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a9b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bea71d07ca30415d598ea3dfbe6641f5aa63fe0414d3c27ed6bd0e89c603439

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash
crc32c=9GWciA==, md5=u1V6Wme8uXWjBAwtr2LbJw==
date
Wed, 27 Jul 2022 11:09:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1246
x-guploader-uploadid
ADPycdsT__a-SnY0RIt5S2S8Uia1Tob4YLLe0ZL9nkvOGKCem_KyhfXM20XqvNFkorvifiHYmbToC2CXDs5mjqYSQOt_oaexvUdy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 29 Oct 2019 04:03:50 GMT
server
cloudflare
etag
W/"bb557a5a67bcb975a3040c2daf62db27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7CI9maAKcj5c63MbEYh6eHh67GGo%2BhvPMrF3jw17Sq7vhS1tvHZ4dkTrL2keGybOGY%2BEk%2F%2BpnfsCH9Jq25lDkNj6jOVfP7LL8IIXi7jtzKYvrapFhYgJO1eUMUlf%2BXMfoPagL%2F4%2FtkIndd2JC67iE8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572321830602698
access-control-allow-origin
*
content-type
text/javascript
access-control-expose-headers
Content-Type, Authorization, Content-Length, User-Agent, x-goog-resumable, x-goog-acl, Access-Control-Allow-Origin, X-Requested-With
cache-control
public, max-age=14400
x-goog-stored-content-length
3234
cf-ray
7314ecc6ebc57467-LHR
expires
Wed, 27 Jul 2022 11:23:54 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24e395439b4e5266f01111069b4e154cb8a27dd22b7199726e3e18c8d1e051e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28337
x-xss-protection
0
server
sffe
etag
"1285 / 14 of 1000 / last-modified: 1658919872"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Jul 2022 11:09:48 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=ner5wjl&ht=tk&f=139.140.173.174.175.176.10444.10739.10741.17001.17005&a=526275&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
pwt.js
ads.pubmatic.com/AdServer/js/pwt/121793/1376/ 		425 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1c293f25e76e29a8e6f1bfe880dd40ef03d11751bc80a37a136ee8e38bb2e67e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
last-modified
Tue, 26 Apr 2022 06:58:29 GMT
server
Apache
etag
"1701087-6a23e-5dd893857fe79"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=47912
accept-ranges
bytes
content-type
text/javascript
content-length
131612
expires
Thu, 28 Jul 2022 00:28:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be7fd4a76d16eaf0869c22ccbe53a3baa540ae5cabcc08dd9dc40f68268b883d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26085
x-xss-protection
0
pragma
public
x-fb-debug
l08B761ZQryIi0ylR9OoBOx6LsWADe2deucvf9Qd5jxZlyOOWpU300w/r0gEVHTMuS/6wHy/hTKMV2XwCopxpA==
x-fb-trip-id
720026100
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 27 Jul 2022 11:09:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
Origin
https://says.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
460968
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6646
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmD7E3ZEV29Xa4n3c0LzQXKGz%2FPCDfjNrzJR2Bmhu8aAuKYUsXNncDac610S94UPTryuSduabKyHTmkJtJbIru5zNR5AUzCyt3EojahjZU549kJqIKUCl9XxFuFeidvYPVzEqIAOYGOsjiFq202Hj9Ld"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7314ecc7cfe6407b-CDG
expires
Mon, 17 Jul 2023 11:09:48 GMT
l
use.typekit.net/af/27776b/00000000000000003b9b0939/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/27776b/00000000000000003b9b0939/27/l?subset_id=2&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
407a888e655899d02d89088205b185e854860ae1d600eb91602b16df0c6a08a6

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
server
nginx
etag
"e1ccbb4a993cd81acf325a5b5760f522404cc494"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19664
fa-brands-400.woff2
says.com/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://says.com/fonts/fa-brands-400.woff2
Requested by
Host: says.com
URL: https://says.com/assets/application-811f0b19d8e7a14b42c3fbdce7412dad69f47e026b47dedf97f8e533d857a181.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d

Request headers

Referer
https://says.com/assets/application-811f0b19d8e7a14b42c3fbdce7412dad69f47e026b47dedf97f8e533d857a181.css
Origin
https://says.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
via
1.1 google
cf-cache-status
HIT
age
2780
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74524
last-modified
Tue, 19 Jul 2022 05:03:31 GMT
server
cloudflare
etag
"62d63b23-1231c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
7314ecc79adc3bbc-CDG
expires
Wed, 27 Jul 2022 11:39:48 GMT
fa-solid-900.woff2
says.com/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://says.com/fonts/fa-solid-900.woff2
Requested by
Host: says.com
URL: https://says.com/assets/application-811f0b19d8e7a14b42c3fbdce7412dad69f47e026b47dedf97f8e533d857a181.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Referer
https://says.com/assets/application-811f0b19d8e7a14b42c3fbdce7412dad69f47e026b47dedf97f8e533d857a181.css
Origin
https://says.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
via
1.1 google
cf-cache-status
HIT
age
2780
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75408
last-modified
Tue, 19 Jul 2022 05:03:31 GMT
server
cloudflare
etag
"62d63b23-12690"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
7314ecc79add3bbc-CDG
expires
Wed, 27 Jul 2022 11:39:48 GMT
l
use.typekit.net/af/86b539/00000000000000003b9b093a/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/86b539/00000000000000003b9b093a/27/l?subset_id=2&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ced14124fdcf5b1197ef003df3f4b4e65c5b0bd8f74138c77de429f38f278fee

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
server
nginx
etag
"7a571531ba8746780d4709c32909a81a6b90fc36"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20572
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6b2b4de8c5528c92aaf3c7aaad67bdd0714df23bbcc85c5238e02581dd21deda

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
server
nginx
etag
"2c0b6e23328e638bb18899aafbc85ad950333c16"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19372
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
72b8d224b5745db5b3c242047a76edc6e27f5868a1c01a94d90d2048f3efcf44

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
server
nginx
etag
"642d9266d1f9c63e0e36cec5fe51c6a1134c359a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19924
pubads_impl_2022072101.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
d3112ae98e17f0ef1646d3c2a0dc0d89260387d4575be3f7a73d16dc1b6af5b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 10:25:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2664
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131903
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 08:37:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 27 Jul 2023 10:25:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		340 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=says.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
f477059c0bc27fcb5a2d8bf79b71912badc7a5f83be3a6042a14e13248990b77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
expires
Wed, 27 Jul 2022 11:09:48 GMT
gtm.js
www.googletagmanager.com/ 		260 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb0b3d50b3681f172f14afb2e21ec12a520d67342d070402129413663648e6c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71362
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Jul 2022 11:09:48 GMT
plugin.min.js
static.dable.io/dist/ 		108 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/plugin.min.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
a815319861beaab11efcbd20da38cd0c8e9bcc30f6640bc62b49ba4f7d3d146d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
7Q2p_QtXcOAbViUOr1.y1oiNujSTQiCw
Content-Encoding
gzip
Last-Modified
Tue, 19 Jul 2022 00:09:22 GMT
Server
nginx/1.20.0
x-amz-request-id
5FHFVV5X7G7T4NE0
ETag
"e37b164e518eeb1c8cc3bcce8f24f479"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=67885
Date
Wed, 27 Jul 2022 11:09:48 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34675
x-amz-id-2
qqAtUnd3JvkYnHhKw57lCN9QcLfVPBHr5PfnRi38TzPtszwg5O40tLRWvtl9WcYM0ch5DCh8d8o=
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 07:50:23 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
11966
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
pPltEa_1AAf6YlYuZtcrCyfse4Cvi9OniLfY0M57SmIOBeo0RXukxQ==
mobile_f082.jpg
images.says.com/uploads/story/cover_image/56221/ 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/56221/mobile_f082.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c7127fbc437c7e0404baf5228f86d9afd08823e00a8db747163d83528cb1763

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
cf-cache-status
HIT
age
2047
cf-polished
origSize=161361, status=vary_header_present
x-guploader-uploadid
ADPycdt8jupHAnbG0yNSH48azoQEvGtE5P6MUhmAWFSmjt7kJoHPfGIPLUnGy0vluXrJtmbQfj4xk874gHLRSw71gY092LM30SIv
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
131175
last-modified
Wed, 27 Jul 2022 06:46:10 GMT
server
cloudflare
etag
"ad932577717ee1e0b96a0dd910d2e31b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
x-goog-hash
crc32c=NPBesw==, md5=rZMld3F+4eC5ag3ZENLjGw==
x-goog-generation
1658904370565432
content-type
image/jpeg
expires
Mon, 26 Jul 2032 23:09:48 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
161361
accept-ranges
bytes
cf-ray
7314ecc84d393329-CDG
cf-bgj
imgq:100,h2pri
mobile_057d.png
images.says.com/uploads/story/cover_image/56223/ 		171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/56223/mobile_057d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb886234076c2e705383bfddf367a0cff749fe4f86e0cbf2759f3bbfded9c17d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
cf-cache-status
HIT
age
125
cf-polished
origSize=199625, status=vary_header_present
x-guploader-uploadid
ADPycdu7ztfPk1bsiGcAoV3fNX-n2fQTB-_fX0A603hLibDyshqVA4CXNMWD0peulMTqHjIdjCRjXBvu3fDibscLMtbnrw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
175561
last-modified
Wed, 27 Jul 2022 08:36:47 GMT
server
cloudflare
etag
"4eebfd1e6e9233c0ab7cbd1e64cd57fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
x-goog-hash
crc32c=peStTw==, md5=Tuv9Hm6SM8CrfL0eZM1X/Q==
x-goog-generation
1658911007747924
content-type
image/png
expires
Mon, 26 Jul 2032 23:09:48 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
199625
accept-ranges
bytes
cf-ray
7314ecc84d373329-CDG
cf-bgj
imgq:100,h2pri
mobile_e662.jpg
images.says.com/uploads/story/cover_image/56182/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/56182/mobile_e662.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898e143645e94eecf5727872f4734e22f198a29955612520fab3fd599289dcd9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
cf-cache-status
HIT
age
13849
cf-polished
origSize=95411, status=vary_header_present
x-guploader-uploadid
ADPycdv9UFKKP_Ol-9AX9vKXoBTad7xMyICsWCJF6nzKj1pSgvtEb6XiGmAdW6xTgd4hJyEdCXHXpI7uAKFEleaSg298qQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68099
last-modified
Wed, 27 Jul 2022 03:27:07 GMT
server
cloudflare
etag
"c3318c3f1c974c46b432088dd4324da8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
x-goog-hash
crc32c=/KAGug==, md5=wzGMPxyXTEa0MgiN1DJNqA==
x-goog-generation
1658892427074576
content-type
image/jpeg
expires
Mon, 26 Jul 2032 23:09:48 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
95411
accept-ranges
bytes
cf-ray
7314ecc84d333329-CDG
cf-bgj
imgq:100,h2pri
mobile_54d4.jpg
images.says.com/uploads/story/cover_image/56227/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/56227/mobile_54d4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1122ca46b5a3a66d6d69ed5c6915b40711dea27e7e23cc9e69a99c8d6be25466

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
cf-cache-status
HIT
age
114
cf-polished
origSize=42155, status=vary_header_present
x-guploader-uploadid
ADPycdsiMdlEtgILzeDCQvx5_ONe-ujtd0dOAMTVl4vHAPE9nic-r2pTpkbMVgeKX41G7rA3Kyf3RcOc5HUaenj46VC1CA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40231
last-modified
Wed, 27 Jul 2022 09:22:14 GMT
server
cloudflare
etag
"4a7bca3b0e6be4e21105d42eef5e83f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
x-goog-hash
crc32c=DD2GHw==, md5=SnvKOw5r5OIRBdQu716D8g==
x-goog-generation
1658913733996145
content-type
image/jpeg
expires
Mon, 26 Jul 2032 23:09:48 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
42155
accept-ranges
bytes
cf-ray
7314ecc84d363329-CDG
cf-bgj
imgq:100,h2pri
mobile_3329.jpg
images.says.com/uploads/story/cover_image/56226/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/56226/mobile_3329.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e62bc622899f7f9d847abe7d983e3b7a1600d9c6aa14fdaa093fc0f9e215b6e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
cf-cache-status
HIT
age
113
cf-polished
origSize=95130, status=vary_header_present
x-guploader-uploadid
ADPycdvo1uIjgF8QAFTq--7UV3C4wjdyCj1ZJvPSOiEplPqcSB128wvSb-wTgGU5cd1dah63X6BbdsrXt2C_uLJXHmPrK20SCBN7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67967
last-modified
Wed, 27 Jul 2022 10:08:44 GMT
server
cloudflare
etag
"96380aa5634eaf774950c6f09075b904"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
x-goog-hash
crc32c=Q8rVsA==, md5=ljgKpWNOr3dJUMbwkHW5BA==
x-goog-generation
1658916524506619
content-type
image/jpeg
expires
Mon, 26 Jul 2032 23:09:48 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
95130
accept-ranges
bytes
cf-ray
7314ecc84d353329-CDG
cf-bgj
imgq:100,h2pri
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c5878046056ffdc415d91718df30b3c4023d12216a5e82bb4b6b6513ec4718a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
8O5AnSOUj6W4ZqwwSJ0nQg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1684
x-fb-rlafr
0
x-fb-debug
VlL8OVeknX4MniqdK5L+9BQgc96alN4CZxBEOOjELhfbFk73TAUc4dbiP9sDuC6+wD+lhxwjdUyPcBrhOLb4vw==
x-fb-content-md5
fbe3fa50b1219e3c45fa5ff9971f12b4
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 27 Jul 2022 11:09:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ff61e53376d5479a15b6e80978e5c65a"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Jul 2022 11:24:05 GMT
data
bcp.crwdcntrl.net/6/ 		24 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:48 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://says.com
expires
0
cache-control
no-cache
x-server
10.45.27.189
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
24
x-consent
absent
rum
says.com/cdn-cgi/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://says.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:23c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://says.com/my
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
application/json

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://says.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
7314ecc87c443bbc-CDG
vary
Origin
169284420317900
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/169284420317900?v=2.9.66&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8f49b81b32ac6a82e7b7360eef7e77c623b43e4351a3bd30d9a78b6a14280ae5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
SiNvoTeJmnXA28ZEtOudr6x+FXCaEf/F/KpR4h/5P6923Nq1wgyVFbtFoMm37X3+WhFshP6iIWeDffqmz8F5hw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 27 Jul 2022 11:09:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658920188659
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=says.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=says.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2354494586928951&correlator=2525257380746002&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022072101&ptt=17&impl=fifs&iu_parts=1009103%2CSAYS_STO%2CSAYS_desktop_outofpage%2CSAYS_desktop_billboard%2CSAYS_desktop_leaderboard%2CSAYS_halfpage%2CSAYS_desktop_mrec%2CSAYS_desktop_mrec_2%2Csays_inskin%2CSays_Web_Interstitial%2CSays_Andbeyond_Pixel&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=1x1%2C1x1%2C970x250%2C728x90%2C300x600%2C300x250%2C300x250%2C1x1%2C1x1%2C1x1&ifi=1&adks=1476963904%2C1585380070%2C3455604261%2C126976903%2C205075962%2C2214189924%2C2187976013%2C1044105006%2C765343895%2C468646908&sfv=1-0-38&ecs=20220727&ists=258&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0&fsapi=false&cust_params=section%3Dhomepage%26pos%3Dlisting%26environment%3Dproduction%26Brands%3D%26tagsSays%3D&sc=1&cookie_enabled=1&abxe=1&dt=1658920188276&lmt=1658920188&dlt=1658920187837&idt=407&adxs=0%2C1015%2C315%2C236%2C1015%2C1015%2C1015%2C0%2C-9%2C1015&adys=4489%2C4487%2C105%2C901%2C4104%2C4104%2C4104%2C4488%2C-9%2C4104&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C0%7C0%7C3%7C4%7C5%7C6%7C-1%7C7&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fsays.com%2Fmy&frm=20&vis=1&psz=1600x4488%7C400x3629%7C1600x303%7C770x90%7C400x3629%7C400x3629%7C400x3629%7C1600x4488%7C0x-1%7C400x3629&msz=1600x0%7C370x0%7C970x-1%7C728x-1%7C370x0%7C370x0%7C370x0%7C1x-1%7C0x-1%7C1x-1&fws=0%2C4%2C4%2C4%2C4%2C4%2C4%2C0%2C2%2C4&ohw=0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0%2C0%2C1600&ga_vid=1574527764.1658920188&ga_sid=1658920188&ga_hid=1525161495&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d16b463c72ac6e6c44285116a95900d2d6990a9059113030d1279f12d3662524
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11630
x-xss-protection
0
google-lineitem-id
5106952532,-2,-2,-2,-2,5986037246,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138381430713,-2,-2,-2,-2,138388950052,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://says.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec95d857fd8a4f61082466f0e5bd19cdb43608e55d4703ad2741cd5e112cb941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10586
x-xss-protection
0
container.html
e93cb24d57e10e299139bd3e0797d241.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F8FF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e93cb24d57e10e299139bd3e0797d241.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://says.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 11:09:48 GMT
expires
Thu, 27 Jul 2023 11:09:48 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022072101.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022072101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f1d760c1ce0a632fc16adab88f286afeb1c477d8a11f4c942721a2cdda649a8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 15:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
503824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13567
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 08:37:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 21 Jul 2023 15:12:44 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034955&cs_it=b3&cv=3.8.0.210223&ns__t=1658920188294&ns_c=UTF-8&c7=https%3A%2F%2Fsays.com%2Fmy&c8=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&cs_it=b3&cv=3.8.0.210223&ns__t=1658920188294&ns_c=UTF-8&c7=https%3A%2F%2Fsays.com%2Fmy&c8=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&cs_it=b3&cv=3.8.0.210223&ns__t=1658920188294&ns_c=UTF-8&c7=https%3A%2F%2Fsays.com%2Fmy&c8=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&c9=
Protocol
H2
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
q-nUCfAwCKZ0yXM3fquPnup-FLV6vQAU5e7MneApbvW2jj9CN8LHIA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6034955&cs_it=b3&cv=3.8.0.210223&ns__t=1658920188294&ns_c=UTF-8&c7=https%3A%2F%2Fsays.com%2Fmy&c8=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&c9=
date
Wed, 27 Jul 2022 11:09:48 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
fe66YQqYGorpNO7eIskq_kVQdBWdjp4xfkV1HSwpg7INrPDte0sZhw==
x-cache
Miss from cloudfront
sdk.js
connect.facebook.net/en_US/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2f5dd6b4e51cf407a6621738b6b3d2cb
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8ecb2f4f713355aa54a5c40d284264b1e9075f16a7fc3c9ec1bd8ae5b3db7966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://says.com/
Origin
https://says.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
XIIA2P7CJZG9HHrVemzU8Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85975
x-fb-rlafr
0
x-fb-debug
AyxOLpvXUhT7xsXR5T/QwLx2B7vqQHH8lAjwohECiTMSHAgbvIcUljtxDrjBHinWJAW11brOZNvlEF4MRT2pYg==
x-fb-content-md5
e63b139544c6b456b741fda2f09bd429
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 27 Jul 2022 11:09:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"822dd484b9b8d1e0704e7e88fad53b2c"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 27 Jul 2023 10:27:41 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsays.com%2F&domain=says.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://says.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 27 Jul 2022 11:09:48 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1311
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsays.com%2F&domain=says.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=vdSfRXxvdzRhalh1WDBmdEc1N0dwNFhXMXVmcU5NVnRISEVodTlPN2pkNmN5NktPalozQmVjSWE2TklHNjZGbFdjMnc3SGdvVzlXc0xobzhXUXptTm1Bbmw5MXpPUmFGSUNrb0h0aWRmWEpIanZxZ0tjSFZyMy96T2JXNU...
355 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=vdSfRXxvdzRhalh1WDBmdEc1N0dwNFhXMXVmcU5NVnRISEVodTlPN2pkNmN5NktPalozQmVjSWE2TklHNjZGbFdjMnc3SGdvVzlXc0xobzhXUXptTm1Bbmw5MXpPUmFGSUNrb0h0aWRmWEpIanZxZ0tjSFZyMy96T2JXNUt6cjhRYVYvZDFIMXBuSEFnNWZSaUJEUlJIdnlURDE2SGlNYTYxMHBBSVg3bzZEM043aTZYY3lRM2k1VUJIVitRSWJ3bkVZbTBtK0xTOEl0aTZXVHlOMFBtN3IyL2RQc0NjSlVWb2xRSnh3M3duOVlXSGNzPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
82d56a27c92697889decd89bc612db935bd9607b4011826bc35fe1fdbbf9d2df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2598
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:47 GMT
location
https://mug.criteo.com/sid?cpp=vdSfRXxvdzRhalh1WDBmdEc1N0dwNFhXMXVmcU5NVnRISEVodTlPN2pkNmN5NktPalozQmVjSWE2TklHNjZGbFdjMnc3SGdvVzlXc0xobzhXUXptTm1Bbmw5MXpPUmFGSUNrb0h0aWRmWEpIanZxZ0tjSFZyMy96T2JXNUt6cjhRYVYvZDFIMXBuSEFnNWZSaUJEUlJIdnlURDE2SGlNYTYxMHBBSVg3bzZEM043aTZYY3lRM2k1VUJIVitRSWJ3bkVZbTBtK0xTOEl0aTZXVHlOMFBtN3IyL2RQc0NjSlVWb2xRSnh3M3duOVlXSGNzPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1395
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c18c6f8b06ceaf0958b202ce492a3a0f7f6f93c40f4f9420445eeaa0789bf073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28426
x-xss-protection
0
server
sffe
etag
"1285 / 722 of 1000 / last-modified: 1658917577"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Jul 2022 11:09:48 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
468
date
Wed, 27 Jul 2022 11:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 27 Jul 2022 13:02:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15165
x-xss-protection
0
server
cafe
etag
6365998374961989006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 11:09:48 GMT
chartbeat_mab_image.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab_image.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:dc00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 10:58:13 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
age
695
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
h1P2wL661_zv5N6SVelN3g5mjyGGOerS8n7C_sY5k6wKOdhYFQNUHg==
expires
Wed, 27 Jul 2022 12:58:13 GMT
ins.js
says.api.useinsider.com/ 		359 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.api.useinsider.com/ins.js?id=10002153
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2c728d755a96bf1ebf3a8ef6a07545571498691a2c2663df5a08ce23b7b5cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
905
vary
Accept-Encoding
x-amz-request-id
0H4STDQ89FD1HWQZ
x-amz-id-2
19VeYjbRknDT+W3FxW43bWpyVOPd+CQv+xpHcui6GXKlXb0dH4h5rTAh50yDNG3M5tcYCCBfz8Y=
pragma
public
last-modified
Wed, 27 Jul 2022 10:53:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"94cd35c3c7e1bcf47cd2d6fb5e364d8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-xss-protection
1
cache-control
public, max-age=300
x-amz-version-id
g5.YqXU5raFua1cBw4shovRXY0IFmMAi
cf-ray
7314ecc9cb12edcf-CDG
expires
Wed, 27 Jul 2022 11:14:48 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 07:50:23 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
11966
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
xLbIJpaLXz1DhM09n6xKxRd7tZChp2pf_g_voKuxe2O4jCJ9QRAYoA==
uwt.js
static.ads-twitter.com/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
last-modified
Fri, 22 Jul 2022 01:17:20 GMT
etag
"f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15166
x-served-by
cache-iad-kjyo7100112-IAD, cache-vie6350-VIE
pcto.js
c16d-35-240-187-111.ngrok.io/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c16d-35-240-187-111.ngrok.io/pcto.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f16:d83:1201::6e:1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
9zgdxuyjho
www.clarity.ms/tag/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/9zgdxuyjho
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a1506d421844df0a51eb2b7ad2a361ea3f7a6a83c9ebfb9065ab0c06d8f8c0ca

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
x-powered-by
ASP.NET
x-azure-ref
0/BzhYgAAAABa0BsNiRPYQoPDgIEd51Z9VklFRURHRTA2MTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
heartbeat.min.js
heartbeat.mediaprimaplus.com.my/ 		110 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heartbeat.mediaprimaplus.com.my/heartbeat.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bf04738b0339f9f22115a3aee30620bf2e3d81e96f8cc7f0a0eeb96a62693b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
br
cf-cache-status
HIT
age
1
x-guploader-uploadid
ADPycdt6CQhdAMrLYWleRwvKOZNrhl4zdGw3SCCzOT9tznQNh2PermV4mPS6s0OmoS8nC9PWkouE56zklXbHNT7sq7r9NtXu8t8W
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Jun 2022 23:25:01 GMT
server
cloudflare
etag
W/"e4c3516d455a44997b7d38f7393fef79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=yB635g==, md5=5MNRbUVaRJl7fTj3OT/veQ==
x-goog-generation
1655767501318616
content-type
application/javascript
cache-control
public, max-age=31535969
x-goog-stored-content-length
112979
cf-ray
7314ecc9f9ae3bc8-CDG
expires
Thu, 27 Jul 2023 11:09:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 11:09:48 GMT
b
sb.scorecardresearch.com/ 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034955&comscorekw=fbia&cs_it=b3&cv=3.8.0.210223&ns__t=1658920188451&ns_c=UTF-8&c7=https%3A%2F%2Fsays.com%2Fmy&c8=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
69klSlhAEPV8CvcDj3u7umVO2IGT4RoTyeiae_eY2JDte3e7TLoCmw==
x-cache
Miss from cloudfront
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=204299389728697&ev=fb_page_view&dl=https%3A%2F%2Fsays.com%2Fmy&rl=&if=false&ts=1658920188473&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 27 Jul 2022 11:09:48 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e19df9861f0432ff8edbfef8f3b1691c13046884667322788733eb72596b60fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://says.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/830366072/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830366072/?random=1658920188504&cv=9&fst=1658920188504&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsays.com%2Fmy&tiba=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
369316dace3aea681eab9e5c4582fca1833259fd2652e35b7b87a390404027e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1052
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:dc00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 10:52:33 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:51:11 GMT
server
nginx
age
1035
etag
W/"62d7517f-1181e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
vLudc9gKK3wW1MSUOZQcnKJf_9iSX5EFVLzDGgLZxlF21HkTJ-EMuA==
expires
Wed, 27 Jul 2022 12:52:33 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		957 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=says.com&domain=says.com&path=%2Fmy
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab_image.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
847135a98b144510b4b5c7c090041008b5240c00fd9e1f76798fd9f2e380c86a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-cache-hits
1
age
123
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
497
x-served-by
cache-cdg20776-CDG
access-control-allow-origin
*
x-timer
S1658920189.621744,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 25 Jul 2022 11:07:45 GMT
worker-new.html
says.api.useinsider.com/ Frame 15A5 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://says.api.useinsider.com/worker-new.html
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a11b762d8970d24fb363fd01415e89647b04c5ec0d52f55576d47cbbe638b9d8

Request headers

Referer
https://says.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
age
901
cache-control
public, max-age=1382400
cf-cache-status
HIT
cf-ray
7314ecca6bc3edcf-CDG
content-encoding
br
content-type
text/html
date
Wed, 27 Jul 2022 11:09:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 12 Aug 2022 11:09:48 GMT
last-modified
Wed, 27 Jul 2022 04:00:50 GMT
server
cloudflare
vary
Accept-Encoding
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8AF6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://says.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
2484
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 10:28:24 GMT
expires
Thu, 27 Jul 2023 10:28:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B206 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e2a5a1f23b987e754ae01b2850ef0b9af1ac52b037082a159772ef58daa9be6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nuc23PtVhw8oBDYZG4JMSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://says.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-nuc23PtVhw8oBDYZG4JMSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 11:09:48 GMT
expires
Wed, 27 Jul 2022 11:09:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=says.com&p=%2Fmy&u=BjUiJQDXIX5PCS-s2u&d=says.com&g=65124&g0=n%2Fa&g1=n%2Fa&n=1&f=00001&c=0&x=0&m=0&y=4489&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=557&_s=%7B%22ga%22%3Anull%7D&t=D_xjlmBDEgkJBsNMZyDZvc2ak9qRY&V=136&i=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&tz=0&sn=1&sv=e_7qtBFAi_dDrah4txt-GUD3LYWX&sd=1&im=067b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.121.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-121-35.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:48 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
publisher:getClientId
ampcid.google.fr/v1/ 		3 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.fr/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://says.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/830366072/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/830366072/?random=1658920188504&cv=9&fst=1658919600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7p0&sendb=1&frm=0&url=https%3A%2F%2Fsays.com%2Fmy&tiba=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&async=1&fmt=3&is_vtc=1&random=353651602&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/830366072/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-user-list/830366072/?random=1658920188504&cv=9&fst=1658919600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7p0&sendb=1&frm=0&url=https%3A%2F%2Fsays.com%2Fmy&tiba=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&async=1&fmt=3&is_vtc=1&random=353651602&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=says.com&p=%2Fmy&d=says.com&u=BjUiJQDXIX5PCS-s2u&c=0&V=136&x=jZ74jMrMll9dU&v=A&ml=m&sl=DomEEu&e=-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.181.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-181-142.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:48 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
pagead2.googlesyndication.com/bg/ Frame 8AF6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 07:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
12501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13921
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 07:41:27 GMT
clarity.js
www.clarity.ms/eus/s/0.6.36/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus/s/0.6.36/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9zgdxuyjho
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
br
etag
"1d8a0dd52834126"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0/BzhYgAAAADUIgV8rCRMRroN6ARyn2eGVklFRURHRTA2MTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges
bytes
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=92738FF13AAA45A6AC0407A773567822&RedC=c.clarity.ms&MXFR=2B3723C496F26118236B322A92F26FA7
  • https://c.clarity.ms/c.gif?CtsSyncId=92738FF13AAA45A6AC0407A773567822&MUID=14C9D5B48369652D251CC45A829C64CD
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=92738FF13AAA45A6AC0407A773567822&MUID=14C9D5B48369652D251CC45A829C64CD
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:48 GMT
last-modified
Wed, 13 Jul 2022 17:48:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"96611cd5e096d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 92076D4B6CF540C6AC0204BB8D4B467A Ref B: AMBEDGE0714 Ref C: 2022-07-27T11:09:48Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=92738FF13AAA45A6AC0407A773567822&MUID=14C9D5B48369652D251CC45A829C64CD
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B206 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022072101&jk=2354494586928951&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
adsct
t.co/i/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=1e7aed6d-1f58-4915-983a-5a137c61f388&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=4ecdfbc3-d54e-4ff8-91fe-b7cb019c55ef&tw_document_href=https%3A%2F%2Fsays.com%2Fmy&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1blg&type=javascript&version=2.4.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time
98
date
Wed, 27 Jul 2022 11:09:48 GMT
server
tsa_f
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
1b8d78452e9695d983a88bd3d13fa1719f82750cb0a501b266127e154a4598e2
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1e7aed6d-1f58-4915-983a-5a137c61f388&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=4ecdfbc3-d54e-4ff8-91fe-b7cb019c55ef&tw_document_href=https%3A%2F%2Fsays.com%2Fmy&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1blg&type=javascript&version=2.4.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time
92
date
Wed, 27 Jul 2022 11:09:48 GMT
server
tsa_f
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
d229e597fd8de8c575f01ef48550a258b92c816f5622cc76d00c9e1283e1fb97
content-length
43
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=vdSfRXxvdzRhalh1WDBmdEc1N0dwNFhXMXVmcU5NVnRISEVodTlPN2pkNmN5NktPalozQmVjSWE2TklHNjZGbFdjMnc3SGdvVzlXc0xobzhXUXptTm1Bbmw5MXpPUmFGSUNrb0h0aWRmWEpIanZxZ0tjSFZyMy96T2JXNUt6cjhRYVYvZDFIMXBuSEFnNWZSaUJEUlJIdnlURDE2SGlNYTYxMHBBSVg3bzZEM043aTZYY3lRM2k1VUJIVitRSWJ3bkVZbTBtK0xTOEl0aTZXVHlOMFBtN3IyL2RQc0NjSlVWb2xRSnh3M3duOVlXSGNzPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 27 Jul 2022 11:09:48 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1028
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
destination
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=UA-27970811-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e053f0de4263c40c68eebfed0e20629477f1feff4d187268df150019cc6b10ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41657
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Jul 2022 11:09:48 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1525161495&t=pageview&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy&ul=en-us&de=UTF-8&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDhACAABBAQCAC~&jid=1404489456&gjid=1239180777&cid=1574527764.1658920188&tid=UA-27970811-1&_gid=1655851085.1658920189&_r=1&gtm=2wg7p05WNLRMX&cd3=n%2Fa&z=722336278
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1525161495&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy&ul=en-us&de=UTF-8&dt=SAYS%20-%20Creating%20content%20for%20Malaysia%E2%80%99s%20social%20media%20generation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fmy&el=25%25&_u=aDjACAABBAQCAC~&jid=&gjid=&cid=1574527764.1658920188&tid=UA-27970811-1&_gid=1655851085.1658920189&gtm=2wg7p05WNLRMX&z=15789705
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 09:12:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7023
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=169284420317900&ev=PageView&dl=https%3A%2F%2Fsays.com%2Fmy&rl=&if=false&ts=1658920188787&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1658920188785.870465205...
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fsays.com%2Fmy&ec=0&ev=PageView&fbp=fb.1.1658920188785.870465205&id=169284420317900&if=false&it=1658920188235&o=30&r=stable&redirect=0&rl=&rqm...
44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fsays.com%2Fmy&ec=0&ev=PageView&fbp=fb.1.1658920188785.870465205&id=169284420317900&if=false&it=1658920188235&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1658920188787&v=2.9.66
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 27 Jul 2022 11:09:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:48 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain
location
/tr/?coo=false&dl=https%3A%2F%2Fsays.com%2Fmy&ec=0&ev=PageView&fbp=fb.1.1658920188785.870465205&id=169284420317900&if=false&it=1658920188235&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1658920188787&v=2.9.66
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27970811-1&cid=1574527764.1658920188&jid=1404489456&gjid=1239180777&_gid=1655851085.1658920189&_u=aDhACAAABAQCAC~&z=475004940
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 27 Jul 2022 11:09:48 GMT
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7-OISuxMZhmTFQdKuydgNg1Y6IJgcAV7e_CpAdBE4Anxkvp2zCzRo3_Go2b1JFfTzOJjf53_O6Re9g7iLC0XF6J56M0JGrZqlax6X__DfSCwR-YNPvWeVFRgDHkqUag9glPN01B01ljr84t8qDy2kS-elcSCqldiJgSZYEwKC_Td-CCIwdvcxyEuzTZhHJrxlOtSfKGuhAPxse1VEiD_zG2W_YZWn4LlU-GRDOJGq4w0NEzdi_8oipcSzIiStARJGCaOiCH2w8sazlOqtiqzUqAN7mKuujHaGvPLwbJUiTaycAA&sai=AMfl-YQcUKgE0EiOF9tl0HXEoV8PMowQu3IZsDK0ER5HO7aa-nJrsJ9qt9tb2CusKg0f6dGcXRz90ICsVSa4Ri05n7ATPDk8x6wzPE16gEnd&sig=Cg0ArKJSzMjsHfG0kt6fEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 11:09:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 27 Jul 2022 11:09:48 GMT
ptag.js
cdn.adbro.me/
Redirect Chain
  • https://tag.adbro.me/tags/ptag.js
  • https://cdn.adbro.me/ptag.js
106 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adbro.me/ptag.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
91c90926e067942ddf4c93eac3e959a3c49eabf7e59be9ff1e33f645e8b496b7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10363
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 14:06:04 GMT
server
cloudflare
etag
W/"06e3734f88ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-polished
origSize=137667
cf-ray
7314eccd2e543b55-CDG
cf-bgj
minify

Redirect headers

date
Wed, 27 Jul 2022 11:09:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://cdn.adbro.me/ptag.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7314ecccedeb3b55-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
yz4nimbs.js
tag.adbro.me/configs/ 		1 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/yz4nimbs.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b52738e87efadef898523d80973f7a95e1853f1025731138a39544035bd2e8b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 Jul 2022 11:09:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2046
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 02 Mar 2021 10:16:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
dff28a9c-301e-006b-24fa-db63c0000000
cache-control
max-age=7200
x-ms-version
2009-09-19
cf-ray
7314ecccedf03b55-CDG
cf-bgj
minify
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		0
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUFrVpufg9yFR0irRfBwKOIggczt6uBaR98f7UvJKW8nB42AMwKg6rl7yMyEu1bY-MI5pTZ6B9LXOVwrc4zL_gVhi4bGn0Ph5TgHJfMlx9IBzABAN_vAP6m6RT-u7TvCLjBNiZn_CIJKw7GpZDlPRj4o6qZedA0ocQA3XgP5Y_Kam3ijcWINZ5HGeMYeRCcCrQDp5CndJi8omYSiJcph51jZMqu-Wa_mdwL3lpPBXwctOaCu7Cx0jTO29qcUdQQd0GoBaZZR_jDuZjb5F6-wmO27rqGUGM-paz2r6wgw3txs4-U_ojIJ3H&sai=AMfl-YR8vlAKjagnRfrGft626vGiO-HrUcbqnATRRf02atuHxpRxwsrMumw_aJCiGf5ARn0trX72Aul3gpGys9iNPqBjlJgGrcQeXezCjOvu&sig=Cg0ArKJSzCaAihqxNvGVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 11:09:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 27 Jul 2022 11:09:48 GMT
kiosked-ad.js
scripts.kiosked.com/loader/ 		310 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-88.fra60.r.cloudfront.net
Software
nginx/1.14.2 /
Resource Hash
df3cdcc4fee17c23a1a595e05f4d39e89290e763b555fce4ea265488e70b8d61

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 27 Jul 2022 11:09:49 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P2
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
P3P
CP="KIOSKED"
Connection
keep-alive
Pragma
no-cache
Server
nginx/1.14.2
ETag
W/"df3cdcc4fee17c23a1a595e05f4d39e89290e763b555fce4ea265488e70b8d61"
Content-Type
application/javascript; charset=utf-8
Via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
Cache-Control
private, max-age=0, must-revalidate, no-cache
Timing-Allow-Origin
*
X-Amz-Cf-Id
KoX_selAQGcYXD4DsUOM2OsJrQz6uE3CzVuAn7YVGbGBHhl9UWKVpw==
Expires
0
hb
heartbeat-api.mediaprimaplus.com.my/ 		0
0
hb
heartbeat-api.mediaprimaplus.com.my/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://heartbeat-api.mediaprimaplus.com.my/hb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://says.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7314eccd3baa99bc-CDG
content-type
text/html
date
Wed, 27 Jul 2022 11:09:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
9affbc6c7469e08afc6a41e8ef2cf66e
collect
d.clarity.ms/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
https://says.com
date
Wed, 27 Jul 2022 11:09:48 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27970811-1&cid=1574527764.1658920188&jid=1404489456&_u=aDhACAAABAQCAC~&z=1997933892
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27970811-1&cid=1574527764.1658920188&jid=1404489456&_u=aDhACAAABAQCAC~&z=1997933892
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prefs2
api.dable.io/plugin/services/says.com/ 		704 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/plugin/services/says.com/prefs2?cached_uid=&callback=dbljson1
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.39.57.110 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-39-57-110.ap-northeast-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
3505ea75b07462f02abfbeefbad8e13c11b62ed614d9dddc9c9bc63dbce1c5b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
etag
W/"2c0-jqIlyiHLu52c34ppkDMA7frPYkY"
content-type
text/javascript; charset=utf-8
x-envoy-upstream-service-time
4
Connection
keep-alive
Content-Length
388
showad.js
ads.pubmatic.com/AdServer/js/ Frame E04B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://says.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141888
content-encoding
gzip
content-length
13946
content-type
text/html
date
Wed, 27 Jul 2022 11:09:49 GMT
expires
Fri, 29 Jul 2022 02:34:37 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
gslbeacon.lijit.com/ Frame 3EC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gslbeacon.lijit.com/beacon?viewId=kiosked1_auction_api&rand=317225&informer=13403098&type=fpads&loc=says.com&v=1.2
Requested by
Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://says.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Wed, 27 Jul 2022 11:09:49 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
prebid
ib.adnxs.com/ut/v3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://says.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

AN-X-Request-Uuid
87b9a70b-60db-44b1-8757-aac296d29bce
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
https://says.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Wed, 27 Jul 2022 11:09:49 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
178.33.144.176; 178.33.144.176; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691760174744956574a3dd4ec01ec&pos=8a969558018080038b3c089b6c1f0099&cmd=bid&secure=1&gdpr=1
Requested by
Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
3c6644a91b9495766879b5ca5717a77675a5a2012d2d3eda604a9db20455cbdd

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 27 Jul 2022 11:09:49 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://says.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		212 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
92034fac8c59417f135721df887508e2922a6919dece6261708cc21b3668e904
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 11:09:49 GMT
X-Proxy-Origin
178.33.144.176; 178.33.144.176; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
28508fc3-2862-4390-93e5-231b479899fa
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://says.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
212
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		72 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=810734&v=7.2&r=%7B%22id%22%3A%22b.01g8znjf6z0ky63vzw0fk1vzpf_q8nyqce40qcd7fx2ccare%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22b.01g8znjf6z0ky63vzw0fk1vzpf_q8nyqce40qcd7fx2ccare_300x250%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250%22%2C%22siteID%22%3A%22810734%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsays.com%2Fmy%22%2C%22ref%22%3A%22%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22kiosked.com%22%2C%22sid%22%3A%2212289%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%7D&ac=j&sd=1
Requested by
Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a99147429fc50a309ce8a0056283c9f656bf8bf8415bdfac386fdc10ed4a165a

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 27 Jul 2022 11:09:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ff6EaarH7BtC7tkaXGer2Nn2pYfdEND3K9%2BEynPhxsUmeVyi8iLp7AcSGnbzfHcV5lbUuq7edkOEhG3OkX5WsIiMBbcH%2FI17J6xQpnvR58x65LVxkXmYU9blvNq8cdyR7jIGxq6hvSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://says.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7314eccede0a404f-CDG
expires
0
arj
kiosked-d.openx.net/w/1.0/ 		89 B
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kiosked-d.openx.net/w/1.0/arj?be=1&auid=557074601&o=687372&aus=300x250&jr=https%3A%2F%2Fsays.com%2Fmy&callback=kskdOxCB687372&schain=1.0,1!kiosked.com,12289,1,,,&gdpr=1&x_gdpr_f=1&gdpr_consent=null
Requested by
Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
096c6b3e1291a5e1ee801c38fc262ae73b132d3c28a265c4f9f78721865fc7c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:49 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17558&site_id=422422&zone_id=2398708&size_id=15&rp_secure=1&rp_schain=1.0%2C1!kiosked.com%2C12289%2C1%2C%2C%2C&p_screen_res=1600x1200&rand=469131&rf=https%3A%2F%2Fsays.com%2Fmy&gdpr=1&gdpr_consent=null
Requested by
Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6c0a53fd1b8f932b49a86dc64192f78157eea1acba5512cff83981dd71c3a5ea

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 11:09:49 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://says.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ac
prg.smartadserver.com/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/ac?siteid=503397&pgid=1570226&fmtid=78526&visit=M&tmstp=148238&gdpr=1&out=json&gdpr_consent=null
Requested by
Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:49 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://says.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json
content-length
0
/
ap.lijit.com/rtb/bid/ 		108 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid/?callback=kskdSovrnCB861959&br=%7B%22id%22%3A%22kskd861959%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22b.01g8znjf6z0ky63vzw0fk1vzpf_q8nyqce40qcd7fx2ccare%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%2C%22tagid%22%3A%221028272%22%7D%5D%2C%22site%22%3A%7B%22domain%22%3A%22says.com%22%2C%22page%22%3A%22%2Fmy%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22kiosked.com%22%2C%22sid%22%3A%2212289%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3Anull%7D%7D%7D
Requested by
Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
3e7b272a1cff1756b6637a8e2312197f7a15306ca1ca9f2a938d5efc11bff37c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 11:09:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
115
cdb
bidder.criteo.com/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=11&cb=780066
Requested by
Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://says.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43394
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658749242091060"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 11:09:50 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E04B 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88395533&p=156195&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=null&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:48 GMT
content-length
0
165892019006862aec29cb6.e40042a4
segment.api.useinsider.com/v4/segments/ 		927 B
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://segment.api.useinsider.com/v4/segments/165892019006862aec29cb6.e40042a4?partnerid=10002153&fields=e0e252a5d8c8cdc04eacbd926868cffc,1a3e01539f4264ca05f749a0c0b39d41&
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca79b17283dd424f6e491d2effc14b0a4861b5c8ea6580950551ba8e49b948a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cf-ray
7314ecd42d5632c8-CDG
/
location.api.useinsider.com/ 		267 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://location.api.useinsider.com/?v=2&pId=10002153&
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947c9dfa0c6c01f1578efc98c132d56cf36be784b2b237d3b851801f46a5042b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-cache, private
cf-ray
7314ecd43d5399aa-CDG
content-type
application/json
collect
log.api.useinsider.com/v2/ 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215IiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkiLCJ1c2VySWQiOiIxNjU4OTIwMTkwMDY4NjJhZWMyOWNiNi5lNDAwNDJhNCIsInBsYXRmb3JtIjoid2ViIiwiY3VzdG9tU2VnbWVudElkIjoxMywibG9nVHlwZSI6ImltcHJlc3Npb24ifQ%3D%3D&t=cs&pn=says
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
7314ecd40d96edcf-CDG
content-length
42
collect
log.api.useinsider.com/v2/ 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215IiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkiLCJ1c2VySWQiOiIxNjU4OTIwMTkwMDY4NjJhZWMyOWNiNi5lNDAwNDJhNCIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6Ik1EZHpNR05qTVdJdE5tWmxheTFuTkdsbUxUSjRabkl0Y1hNMk1HaHhjalZuWnpocFh6RTJOVGc1TWpBeE9UQT0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2NTg5MjAxOTAiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjODEiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=says
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
7314ecd40d98edcf-CDG
content-length
42
collect
log.api.useinsider.com/v2/ 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215IiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkiLCJ1c2VySWQiOiIxNjU4OTIwMTkwMDY4NjJhZWMyOWNiNi5lNDAwNDJhNCIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6Ik1EZHpNR05qTVdJdE5tWmxheTFuTkdsbUxUSjRabkl0Y1hNMk1HaHhjalZuWnpocFh6RTJOVGc1TWpBeE9UQT0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2NTg5MjAxOTAiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjODciLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=says
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
7314ecd40d97edcf-CDG
content-length
42
collect
log.api.useinsider.com/v2/ 		42 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215IiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkiLCJ1c2VySWQiOiIxNjU4OTIwMTkwMDY4NjJhZWMyOWNiNi5lNDAwNDJhNCIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6Ik1EZHpNR05qTVdJdE5tWmxheTFuTkdsbUxUSjRabkl0Y1hNMk1HaHhjalZuWnpocFh6RTJOVGc1TWpBeE9UQT0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2NTg5MjAxOTAiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjNjIiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=says
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
7314ecd40d94edcf-CDG
content-length
42
visit
r-log.dable.io/s/says.com/u/75432334.1658920189907/ 		54 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r-log.dable.io/s/says.com/u/75432334.1658920189907/visit?url=https%3A%2F%2Fsays.com%2Fmy&ref=&lang=en-US&cid=75432334.1658920189907&z=225527&callback=dbljson2
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.39.175.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-39-175-111.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 27 Jul 2022 11:09:50 GMT
x-content-type-options
nosniff
server
nginx/1.20.0
content-length
54
content-type
text/javascript; charset=utf-8
match2
act.ds.kakao.com/
Redirect Chain
  • https://analytics.ad.daum.net/match?d=111&uid=75432334.1658920189907
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220727%22,%22u%22:%2275432334.1658920189907%22%7D%7D
0
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220727%22,%22u%22:%2275432334.1658920189907%22%7D%7D
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Server
211.249.220.158 , Korea, Republic Of, ASN9457 (DREAMX-AS DREAMLINE CO., KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:51 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/plain;charset=UTF-8
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:50 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220727%22,%22u%22:%2275432334.1658920189907%22%7D%7D
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
0
google
adx.dable.io/pixel/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
  • https://adx.dable.io/pixel/google?google_error=15
35 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.dable.io/pixel/google?google_error=15
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Server
52.78.181.17 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-181-17.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
server
nginx
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://adx.dable.io/pixel/google?google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
adx.dable.io/
Redirect Chain
  • https://idsync.admixer.co.kr/idsync?pid=120&uid=75432334.1658920189907
  • https://adx.dable.io/pixel?dsp_id=11&uid=9155170851fc736d5583b4303fa969db
0
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.dable.io/pixel?dsp_id=11&uid=9155170851fc736d5583b4303fa969db
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Server
52.78.181.17 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-181-17.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:52 GMT
server
nginx

Redirect headers

Pragma
no-cache
Date
Wed, 27-Jul-2022 20:09:51 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Location
https://adx.dable.io/pixel?dsp_id=11&uid=9155170851fc736d5583b4303fa969db
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Length
0
Expires
Mon, 01 Jan 2000 00:00:00 +0900
pixel
cm-exchange.toast.com/ 		0
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=75432334.1658920189907&toast_push
Requested by
Host: says.com
URL: https://says.com/my
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.243.202.190 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 11:09:51 GMT
Server
nginx
Connection
close
P3P
CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"
hit
hit.api.useinsider.com/ 		16 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hit.api.useinsider.com/hit
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
request-id
73be9438-f1e9-4e63-98a5-8a71d8209cb9
cf-ray
7314ecd4bee299aa-CDG
content-length
16
collect
d.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
https://says.com
date
Wed, 27 Jul 2022 11:09:49 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 86CE 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
905cd1424bbd003065eac8b24fb411a303f8e050b5519c0412bd3466a9143c8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28577
x-xss-protection
0
server
sffe
etag
"1285 / 729 of 1000 / last-modified: 1658917577"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Jul 2022 11:09:50 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 86CE 		140 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 27 Jul 2022 10:43:33 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 20:51:39 GMT
server
AmazonS3
age
1578
etag
W/"72916dde70b34122b394074010b382ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
6wIeK6bA4IpYgI62jbjoFuL7GEqIHTkGKizeotA-_32sfnHkLgGt0g==
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169284420317900&ev=Microdata&dl=https%3A%2F%2Fsays.com%2Fmy&rl=&if=false&ts=1658920190292&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.66&r=stable&ec=1&o=30&fbp=fb.1.1658920188785.870465205&it=1658920188235&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 27 Jul 2022 11:09:50 GMT
pubads_impl_2022072601.js
securepubads.g.doubleclick.net/gpt/ Frame 86CE 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072601.js?cb=31068645
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
a17112c6650d6f634330d28b099bc01ab1b8de59c09738fe9573a2a734e06e0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 06:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132528
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 08:37:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 27 Jul 2023 06:32:19 GMT
622.json
id5-sync.com/g/v2/ 		213 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/622.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
62d88d4361fcc26d2fd2bbab286765856b4aeaa9431304e3830c4ed2bc22129a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://says.com
date
Wed, 27 Jul 2022 11:09:50 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0a19fa60ceb034b6b02bdfc65b8af35de51052c29cbd7d9c691d93fe9e8ffdd0

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 11:09:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://says.com
cache-control
no-cache
x-server
10.45.7.192
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
feef3eb8f920527b7272539e72bbc92f30748088233263067bbcf7faf9debbb5

Request headers

Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://says.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 26 Aug 2022 11:09:50 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 86CE 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsays.com&pubid=0aa5f97c-34d0-438e-a448-1fd311575d67
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
https://says.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
dO-HSkj5ueoh0KKu0H0yaYWZoWQ8MjT-SY3E2azIshs1bApZBl3S3A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 86CE 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
29587
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 29 Jun 2022 23:14:57 GMT
server
AmazonS3
date
Wed, 27 Jul 2022 02:56:44 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
3uwDv84eYYzfV4WAh-z92a8QvVsDlMeknR4aWVqJg_-OngdIz4EQNg==
bid
c.amazon-adsystem.com/e/dtb/ Frame 86CE 		23 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsays.com%2Fmy&pid=9R5zjJKvwDxqy&cb=0&ws=300x250&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-01g8znjf6z0ky63vzw0fk1vzpf-za9f897a41b3de61237a7e66e16fbf9b8-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F208190592%2C1009103%2Fda%2F12289%2F17242%2FDA_says.com_static_300x250_desktop%22%7D%5D&schain=1.0%2C1!kiosked.com%2C12289%2C1%2C%2C%2C&pubid=0aa5f97c-34d0-438e-a448-1fd311575d67&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
H36MHWNP0BTXTPZ91QMX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://says.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
023s5-HpKWPZr2ExzjTMplmvEoB3FtSi3bSlbBdb_6Dv6TGDzHNIyw==
integrator.js
adservice.google.com/adsid/ Frame 86CE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=says.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072601.js?cb=31068645
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 11:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 86CE 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4030701177399649&correlator=3765634921194976&eid=31064690%2C31068590%2C31068630%2C31068645%2C31068650%2C21068766%2C44768682%2C42531607%2C44764001&output=ldjh&gdfp_req=1&vrg=2022072601&ptt=17&impl=fifs&npa=1&iu_parts=208190592%3A1009103%2Cda%2C12289%2C17242%2CDA_says.com_static_300x250_desktop&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=1&adks=4157277426&sfv=1-0-38&ecs=20220727&fsapi=false&prev_scp=hb_pb_kiosked%3D0.04%26hb_size_kiosked%3D300x250%26hb_plctype_kiosked%3Dstatic%26hb_medver_kiosked%3D1%26hb_device_kiosked%3Ddesktop%26hb_outcome_kiosked%3Dn%26personalization%3Dnon-personalized%26data-proc-restricted%3Dunrestricted%26amznbid%3D2%26amznp%3D2&eri=5&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie=ID%3D5f8f0e07eb54a89e%3AT%3D1658920188%3AS%3DALNI_MYKp2Ndw_fO0aaVF1Vufjlrqud5aQ&gpic=UID%3D0000093505ec49d5%3AT%3D1658920188%3ART%3D1658920188%3AS%3DALNI_Max7x41E5Oq4Ym0P6HYuv6uh1W79g&abxe=1&dt=1658920190517&dlt=1658920190276&idt=150&adxs=0&adys=0&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=teyum1jhnmiu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fsays.com%2Fmy&top=says.com&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1574527764.1658920188&ga_sid=1658920191&ga_hid=1360651798&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072601.js?cb=31068645
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
51c92cc1bffc5bb9a50d236c039816028a7cd89ee1e6d8c2acacd5ebeb18bcac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9017
x-xss-protection
0
google-lineitem-id
5014347048
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138265714420
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://says.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 86CE 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072601.js?cb=31068645
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f8727b759818c4d8c89ff0274598ec6dd5cd17738cc7e69b890301bb93e9893
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 11:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10634
x-xss-protection
0
container.html
0ac9e36acc2eaa40077756c9ecfeb68e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3216 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ac9e36acc2eaa40077756c9ecfeb68e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072601.js?cb=31068645
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://says.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 11:09:50 GMT
expires
Thu, 27 Jul 2023 11:09:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 86CE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072601.js?cb=31068645
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 11:09:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://says.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
2486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 10:28:24 GMT
expires
Thu, 27 Jul 2023 10:28:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D27B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xMXWniCmfxMbl_AM5L0xUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://says.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-xMXWniCmfxMbl_AM5L0xUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 11:09:50 GMT
expires
Wed, 27 Jul 2022 11:09:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 86CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqehj8kh0PJVxDM6I7u8o75HoiYVPDvmsbMvJSPGd6Kx_Ct89UQLmmkw2rUStkdFtq0yiGcZbPO_bwo1mXbqEbaf4FXcncAxhJrebF29iUI3wwYLSam0xq3zBTK1Q_nVrDdoImxu6gLRB1yA5SYtE8EORIIw2DyzGX9PdqrXM_QxzCOLmLxZX-Qzp8kBNvKQ5PYGVSda0JQDdXqYXi9jtCuz-RY4itki5lmnHlINlxjsru6q1eOjwMVZf1twvCHb61I7t5f3-s-H4hX69W0eUyiLcmM-XcC-jt_KQp-A0il92jJd0aBqlUzgTrLToqEp5M1sU0MdEL67he_W6uUQEMGlIUSddbazUjUVIfxKs&sig=Cg0ArKJSzJUoZQHVmXDnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: says.com
URL: https://says.com/my
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 11:09:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 86CE 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072601.js?cb=31068645
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 11:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43394
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658749242091060"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 11:09:50 GMT
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2daf62d5204250bf152e5b83f87b293d4c06e94ae19314953bcb2ff96d85820

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 86CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmdZCMv_qlJz9SCACwxmgmgZPOVsAXGaiqYWAvhwwFtgp3mSO_axEswiOG-Tbtce7LTUMDCt8XIAnKkekmiuY-Tc7zYeH136Kh0mpzNoO63qIW4qa6QUCgPRfseJfV8Z_HIhzA8MiFqJVuG8_U24hpfLCLISAcCfzXEsvBPEJvz2ZzAJ2q-OsVnIxjN1cyjOCW7eh9o2lGCiqiAVH9vd-P2vPEtCz5pL0sOj2_IiJbGB0nWQgSNh8UyCm7Kk0HrpNREL_K4AdmMfe2F1BAGaeonDMi56Om8_V2gD0QIav_keXX7_aa09J2qFm5uIHjv8O8LEz2YQ5hZbA8t6sy8SHro1w4FANNJHE5pFKmRBnosA&sig=Cg0ArKJSzJFc9knkY4PwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 11:09:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 27 Jul 2022 11:09:51 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstr1hlsyWb30Nsq_1IS521TTUQt-Cb_l8-deoov2GuonfCeaaaGUx-T8y5TANfbzLGeX6wApGb7J5fbhsKPj5hy8Gh1atBVYLzR8vVUuh-PtaH7YHT5JJ2kPU8iFRbpvq69HVjz9jQWYE__iliBtUFnJGXcZji2rY5VYNVZcFXrk-bBl2_fRJ9iL8DVQQD1JVCiyIpUuCow85Kl5Mk7sa7k7c4z2ol8en1gzlSorTucPkLp8Z3iXtZ38sXjlRzyacLmaXiDr8fQDqL_GTu6KgLUm83x4LACPnFSPjp5l1JUiC88pYjK51q2Z1g&sai=AMfl-YQN45RGe8WMJeoVIjrkCivMIdzLXba8dOGKaISqclHsr5PyrDLh7aYZtH_NKJhF1CACy7R0ptYBGg-j1_FiAshhwWYAl0CWFK4UizUR&sig=Cg0ArKJSzJjVLjyjUNE-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 11:09:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 27 Jul 2022 11:09:51 GMT
collect
d.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
https://says.com
date
Wed, 27 Jul 2022 11:09:51 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
heartbeat-api.mediaprimaplus.com.my
URL
https://heartbeat-api.mediaprimaplus.com.my/hb
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

328 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __cfQR object| __cfBeacon number| _sf_startpt string| envTargeting string| env object| dfpTargetingParams object| PWT object| googletag object| lotame_11139 function| fbq function| _fbq object| ggeac object| google_tag_data object| google_js_reporting_queue function| Popper object| cookieConsent function| LazyLoad function| buildPrivatePub function| loadNextStory function| premiumHeader function| reCalcAffix function| validateImage function| popupCenter object| PrivatePub boolean| scrollLock object| resizeTimer object| Says object| isMobile boolean| searching function| $ function| jQuery object| jQuery112401726560370602639 function| autosize function| _ object| NProgress function| EventEmitter object| eventie function| imagesLoaded function| CoverImageCropper function| swal function| sweetAlert function| Instafeed object| bootstrap object| dataLayer function| fbAsyncInit function| dable object| _comscore object| defaultParams object| cookieMain object| wrapper object| setting object| settingContent object| acceptBtn string| seurl function| showFlash boolean| __cfRLUnblockHandlers string| $attrib object| $hits object| SaysDevice function| lotameIsCompatible function| lt11139_ba function| lt11139_b undefined| lt11139_c undefined| lt11139_ca undefined| lt11139_da function| lt11139_ea object| lt11139_e function| lt11139_fa function| lt11139_ga object| lt11139_ object| lt11139_Oa object| lt11139_7 function| lt11139_aa function| lt11139_a function| lt11139_d function| lt11139_f function| lt11139_g function| lt11139_h function| lt11139_i function| lt11139_j function| lt11139_k function| lt11139_ia function| lt11139_ha function| lt11139_l function| lt11139_m function| lt11139_ja function| lt11139_n function| lt11139_o function| lt11139_p function| lt11139_q function| lt11139_r function| lt11139_na function| lt11139_ka function| lt11139_la function| lt11139_t function| lt11139_ma function| lt11139_u function| lt11139_v function| lt11139_w function| lt11139_s function| lt11139_x function| lt11139_y function| lt11139_z function| lt11139_A function| lt11139_oa function| lt11139_B function| lt11139_C function| lt11139_pa function| lt11139_D function| lt11139_E function| lt11139_F function| lt11139_qa function| lt11139_H function| lt11139_I function| lt11139_G function| lt11139_ra function| lt11139_J function| lt11139_K function| lt11139_sa function| lt11139_ta function| lt11139_L function| lt11139_ua function| lt11139_va function| lt11139_wa function| lt11139_Aa function| lt11139_xa function| lt11139_ya function| lt11139_za function| lt11139_Ba function| lt11139_Da function| lt11139_Ca function| lt11139_M function| lt11139_Ea function| lt11139_Fa function| lt11139_Ga function| lt11139_Ha function| lt11139_Ia function| lt11139_Ja function| lt11139_Ka function| lt11139_La function| lt11139_Ma function| lt11139_N function| lt11139_O function| lt11139_P function| lt11139_Q function| lt11139_R function| lt11139_S function| lt11139_T function| lt11139_U function| lt11139_V function| lt11139_W function| lt11139_X function| lt11139_Y function| lt11139_Z function| lt11139_Na function| lt11139__ function| lt11139_0 function| lt11139_1 function| lt11139_2 function| lt11139_Pa function| lt11139_4 function| lt11139_Qa function| lt11139_Sa function| lt11139_Ra function| lt11139_Ua function| lt11139_Ta function| lt11139_3 function| lt11139_Va function| lt11139_Wa function| lt11139_Xa function| lt11139_Ya function| lt11139_Za function| lt11139__a function| lt11139_5 function| lt11139_6 function| lt11139_0a function| lt11139_1a function| lt11139_2a function| lt11139_3a function| lt11139_4a function| lt11139_5a function| lt11139_6a function| lt11139_7a function| lt11139_8a function| lt11139_9a function| lt11139_8 function| lt11139_bb function| lt11139_cb function| lt11139_ab function| lt11139_$a function| lt11139_eb function| lt11139_db function| lt11139_gb function| lt11139_fb function| lt11139_hb function| lt11139_ib function| lt11139_jb function| lt11139_kb function| lt11139_lb function| lt11139_mb function| lt11139_ob function| lt11139_rb function| lt11139_qb function| lt11139_nb function| lt11139_ub function| lt11139_pb function| lt11139_sb function| lt11139_wb function| lt11139_vb function| lt11139_xb function| lt11139_tb function| lt11139_yb function| lt11139_zb function| lt11139_Ab function| lt11139_9 function| lt11139_Bb function| lt11139_Cb function| lt11139_Db function| lt11139_Eb function| lt11139_Fb function| lt11139_$ function| lt11139_Gb function| lt11139_Hb function| lt11139_Ib function| lt11139_Jb function| lt11139_Kb function| lt11139_Lb function| lt11139_Mb function| lt11139_Ob function| lt11139_Pb function| lt11139_Qb function| lt11139_Nb function| AlgoliaSearch function| AlgoliaSearchHelper function| AlgoliaExplainResults object| ALGOLIA_MIGRATION_LAYER object| __algolia function| algoliasearch function| algoliasearchHelper undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| COMSCORE function| udm_ object| ns_p object| FB object| google_tag_manager function| postscribe object| google_tag_manager_external function| owpbjsChunk object| owpbjs object| mnet object| ucTag object| OWT string| partnerName string| key string| GoogleAnalyticsObject function| ga object| _sf_async_config string| str object| patt boolean| res function| twq function| clarity object| GoogleGcLKhOms object| __buffer object| gaplugins function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _cb_shared object| _cbv string| __INSIDER_SCRIPT_VERSION_says__ function| pm function| sQuery object| spApi object| Insider object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies function| onYouTubeIframeAPIReady object| _cbm object| regeneratorRuntime object| twttr function| heartbeat function| heartbeatSSOID function| gtagH object| gaData function| _UA-27970811-1_sendHitTask boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu function| ptag object| adbro function| dbljson1 function| abdro_init_function object| Handlebars object| Kiosked object| kskdOxCB687372 object| kskdSovrnCB861959 boolean| _requestAnimationFramePolyfilled function| dbljson2 string| kskdPageEventID number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_

50 Cookies

Domain/Path Name / Value
.says.com/ Name: __cf_bm
Value: rNn6BdVe2hl_B4vCivKC3fXNwpeu7W6jyKhPDZVO0Hw-1658920188-0-AULuUUDikaAHgmU0WsN9JBkKBKwWSMRbLEZpyLeCU/aCKKOMGj7I6+vHBz9iIp/MFiB4JH3r+1JoZ7/vC+mkCY4=
.scorecardresearch.com/ Name: UID
Value: 1BEfe662ae20cfd787e208e1658920188
says.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.says.com/ Name: pbjs-pubCommonId
Value: 6423fbf7-09cf-43e1-8b85-527e37e9562c
.useinsider.com/ Name: __cf_bm
Value: hIHR1cO8rX4pNa1qQGtPnkr1h.77xwcxdgyXSpxDsRE-1658920188-0-AQDm1ELOQsczLDsm5/o3Oi+TbjPO7r4IzBQOSG4m0FpOYuI2J1K8mv+SUhyGF82d+RAN5c4pVBN4QwlDOSlwN54=
.says.com/ Name: _cb
Value: BjUiJQDXIX5PCS-s2u
.says.com/ Name: _chartbeat2
Value: .1658920188565.1658920188565.1.e_7qtBFAi_dDrah4txt-GUD3LYWX.1
.says.com/ Name: _cb_svref
Value: null
.says.com/ Name: _t_tests
Value: eyJqWjc0ak1yTWxsOWRVIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEb21FRXUiXX0sImxpZnRfZXhwIjoibSJ9
www.clarity.ms/ Name: CLID
Value: c483a0575d024babaf8fa7af7d0d1041.20220727.20230727
.says.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.says.com/ Name: _ga
Value: GA1.2.1574527764.1658920188
.says.com/ Name: _gid
Value: GA1.2.1655851085.1658920189
.says.com/ Name: _gat_UA-27970811-1
Value: 1
.says.com/ Name: _fbp
Value: fb.1.1658920188785.870465205
.says.com/ Name: _clck
Value: 1oygbzo|1|f3i|0
.says.com/ Name: __gads
Value: ID=5f8f0e07eb54a89e:T=1658920188:S=ALNI_MYKp2Ndw_fO0aaVF1Vufjlrqud5aQ
.says.com/ Name: __gpi
Value: UID=0000093505ec49d5:T=1658920188:RT=1658920188:S=ALNI_Max7x41E5Oq4Ym0P6HYuv6uh1W79g
.twitter.com/ Name: personalization_id
Value: "v1_3AB/6vWxxXxM/M8LKbc5IQ=="
.c.bing.com/ Name: SRM_B
Value: 14C9D5B48369652D251CC45A829C64CD
.t.co/ Name: muc_ads
Value: 29e5d34d-cfce-4728-b35c-4f6a29627ec5
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 14C9D5B48369652D251CC45A829C64CD
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUnM68XFGxYW2XPJpRGyzFeVGS7tttQAA6GRIoOOgAjswmGHcIBEWvmOGGeDbUI
says.com/ Name: cto_bidid
Value: Gk7VQ18zWVhuN09EMCUyQmtwcDVaUWJpQkclMkJsblE4VmglMkJRTGh6bWw3MFRna3olMkJRaHE5NUhzRXdSMiUyQnZJWGt2TlR6Sjk5RWd5QWNnQmJuQlNienJhanI5bHhOMVElM0QlM0Q
says.com/ Name: cto_bundle
Value: 2S4dKl9mREF4b2NMM2FQelNwZXJtak5BYTNqemNtOXBUTFZQbjltMU95MGJMaFU1bDZKamlIV0olMkJMelhIVk1wRE1vMjVra1BYNzV6MG1OcnVxMXlrMkFhNVNpWHF1TWRHVk5LNXNKR0cxRU9hNzYlMkYyeFVmRk5tJTJCRzElMkJWU3c2U1FEQ0th
.says.com/ Name: _clsk
Value: 1e9xxu9|1658920189333|1|1|d.clarity.ms/collect
.adnxs.com/ Name: icu
Value: ChgI-Jl8EAoYASABKAEw_bmElwY4AUABSAEQ_bmElwYYAA..
.adnxs.com/ Name: uuid2
Value: 4363041061341336194
.dable.io/ Name: uid
Value: 75432334.1658920189907
.dable.io/ Name: _skp
Value: 1
.dable.io/ Name: _gg_ck_match
Value: 1
.dable.io/ Name: _nas_ck_match
Value: 1
.dable.io/ Name: _nh_ck_match
Value: 1
.says.com/ Name: dable_uid
Value: 75432334.1658920189907
says.com/ Name: _lr_retry_request
Value: true
says.com/ Name: _lr_env_src_ats
Value: false
.says.com/ Name: panoramaId_expiry
Value: 1659006590404
says.com/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-07-27T11%3A09%3A50.440839Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
says.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-27T11%3A09%3A50%22%7D
.ad.daum.net/ Name: DSPR
Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220727%22%2C%22u%22%3A%2275432334.1658920189907%22%7D%7D
.toast.com/ Name: BID
Value: E7DNMI2LO5GF4E2F6CXCUQKBA
.toast.com/ Name: txmed_1440080439
Value: 75432334.1658920189907_:_EXP_:_1661512191
.toast.com/ Name: txsync
Value: 1658920191
.ds.kakao.com/ Name: DSPR
Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220727%22%2C%22u%22%3A%2275432334.1658920189907%22%7D%7D
.admixer.co.kr/ Name: __auid
Value: 9155170851fc736d5583b4303fa969db
.admixer.co.kr/ Name: __puid_120
Value: 75432334.1658920189907
.admixer.co.kr/ Name: __id_utm
Value: 20220727
.admixer.co.kr/ Name: __id_inf_120
Value: 0_75432334.1658920189907

12 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (403) was received when fetching the script.
network error URL: https://c16d-35-240-187-111.ngrok.io/pcto.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://scripts.kiosked.com/loader/kiosked-ad.js?staticTagId=2601, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://says.com/my
Message:
Access to XMLHttpRequest at 'https://heartbeat-api.mediaprimaplus.com.my/hb' from origin 'https://says.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://heartbeat-api.mediaprimaplus.com.my/hb
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://says.com/my
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://says.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ac9e36acc2eaa40077756c9ecfeb68e.safeframe.googlesyndication.com
act.ds.kakao.com
ads.pubmatic.com
adservice.google.com
adservice.google.fr
adx.dable.io
ampcid.google.com
ampcid.google.fr
analytics.ad.daum.net
analytics.twitter.com
ap.lijit.com
api.dable.io
api.rlcdn.com
as-sec.casalemedia.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c16d-35-240-187-111.ngrok.io
c2shb.ssp.yahoo.com
cdn.adbro.me
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm-exchange.toast.com
cm.g.doubleclick.net
connect.facebook.net
d.clarity.ms
e93cb24d57e10e299139bd3e0797d241.safeframe.googlesyndication.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
gslbeacon.lijit.com
gum.criteo.com
heartbeat-api.mediaprimaplus.com.my
heartbeat.mediaprimaplus.com.my
hit.api.useinsider.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.admixer.co.kr
image6.pubmatic.com
images.says.com
kiosked-d.openx.net
location.api.useinsider.com
log.api.useinsider.com
mab.chartbeat.com
mabping.chartbeat.net
match.adsrvr.org
mug.criteo.com
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
policy.revasia.com
prg.smartadserver.com
r-log.dable.io
says.api.useinsider.com
says.com
sb.scorecardresearch.com
scripts.kiosked.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
static.ads-twitter.com
static.chartbeat.com
static.cloudflareinsights.com
static.dable.io
stats.g.doubleclick.net
t.co
tag.adbro.me
tags.crwdcntrl.net
tpc.googlesyndication.com
use.typekit.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
api.rlcdn.com
heartbeat-api.mediaprimaplus.com.my
www.googletagservices.com
103.243.202.190
104.111.225.233
104.18.19.126
104.244.42.197
104.244.42.67
13.32.121.17
141.95.98.66
142.250.185.98
172.217.16.194
172.217.18.98
178.250.2.131
178.250.2.146
18.156.195.47
18.66.122.88
18.66.139.7
183.110.238.136
185.86.139.58
198.47.127.19
199.232.16.157
20.234.93.27
211.249.220.158
216.52.2.30
216.52.2.48
23.35.236.201
2600:1f16:d83:1201::6e:1
2600:9000:223c:dc00:18:1fcd:351:7bc1
2602:803:c004:200::140
2606:4700:10::6816:31fd
2606:4700:3035::ac43:a9b3
2606:4700:4400::6812:23c5
2606:4700:4400::ac40:9375
2606:4700:440e::ac40:9c1a
2606:4700:7::a29f:853d
2606:4700:7::a29f:863d
2606:4700::6810:5614
2606:4700::6811:180e
2620:1ec:27::cafe:1375
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:801::200e
2a00:1450:4001:808::2004
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:400c:c07::9b
2a02:2638::1c
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:14a0
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f173:81:face:b00c:0:25de
2a04:4e42:600::714
3.39.175.111
3.39.57.110
34.233.181.142
34.98.64.218
35.71.131.137
37.252.172.250
40.76.174.66
50.16.121.35
52.208.103.128
52.222.209.55
52.78.181.17
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096c6b3e1291a5e1ee801c38fc262ae73b132d3c28a265c4f9f78721865fc7c1
0a19fa60ceb034b6b02bdfc65b8af35de51052c29cbd7d9c691d93fe9e8ffdd0
0cd9a76989bba58302b8f81273b787771f57470e8e47cb114532f3c601484ed6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1122ca46b5a3a66d6d69ed5c6915b40711dea27e7e23cc9e69a99c8d6be25466
1b52738e87efadef898523d80973f7a95e1853f1025731138a39544035bd2e8b
1bea71d07ca30415d598ea3dfbe6641f5aa63fe0414d3c27ed6bd0e89c603439
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c293f25e76e29a8e6f1bfe880dd40ef03d11751bc80a37a136ee8e38bb2e67e
1c5878046056ffdc415d91718df30b3c4023d12216a5e82bb4b6b6513ec4718a
24e395439b4e5266f01111069b4e154cb8a27dd22b7199726e3e18c8d1e051e1
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59
3505ea75b07462f02abfbeefbad8e13c11b62ed614d9dddc9c9bc63dbce1c5b1
369316dace3aea681eab9e5c4582fca1833259fd2652e35b7b87a390404027e9
3c6644a91b9495766879b5ca5717a77675a5a2012d2d3eda604a9db20455cbdd
3e2a5a1f23b987e754ae01b2850ef0b9af1ac52b037082a159772ef58daa9be6
3e7b272a1cff1756b6637a8e2312197f7a15306ca1ca9f2a938d5efc11bff37c
3f8727b759818c4d8c89ff0274598ec6dd5cd17738cc7e69b890301bb93e9893
406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b
407a888e655899d02d89088205b185e854860ae1d600eb91602b16df0c6a08a6
45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4c7127fbc437c7e0404baf5228f86d9afd08823e00a8db747163d83528cb1763
4d03ca7f3ce7f1698643944490152dd091759abaae48a654dcb8c0e1fff69094
51c92cc1bffc5bb9a50d236c039816028a7cd89ee1e6d8c2acacd5ebeb18bcac
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d88d4361fcc26d2fd2bbab286765856b4aeaa9431304e3830c4ed2bc22129a
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
69d496ce1c92c7b7e8dad43101b3c59bbce5eacb8519a507de360a561349690d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2b4de8c5528c92aaf3c7aaad67bdd0714df23bbcc85c5238e02581dd21deda
6c0a53fd1b8f932b49a86dc64192f78157eea1acba5512cff83981dd71c3a5ea
6ed733851a5961457b99a32c0b1756ff035821c82e1aadeafc309081e7027144
70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8
72b8d224b5745db5b3c242047a76edc6e27f5868a1c01a94d90d2048f3efcf44
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9
7ca79b17283dd424f6e491d2effc14b0a4861b5c8ea6580950551ba8e49b948a
7e62bc622899f7f9d847abe7d983e3b7a1600d9c6aa14fdaa093fc0f9e215b6e
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
811f0b19d8e7a14b42c3fbdce7412dad69f47e026b47dedf97f8e533d857a181
82d56a27c92697889decd89bc612db935bd9607b4011826bc35fe1fdbbf9d2df
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847135a98b144510b4b5c7c090041008b5240c00fd9e1f76798fd9f2e380c86a
898e143645e94eecf5727872f4734e22f198a29955612520fab3fd599289dcd9
8ecb2f4f713355aa54a5c40d284264b1e9075f16a7fc3c9ec1bd8ae5b3db7966
8f49b81b32ac6a82e7b7360eef7e77c623b43e4351a3bd30d9a78b6a14280ae5
8fa8284e9aabdb6ef94bf9618b4d553213e42b1db54514fbb4df5f5ae8c627f5
9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4
905cd1424bbd003065eac8b24fb411a303f8e050b5519c0412bd3466a9143c8f
91c90926e067942ddf4c93eac3e959a3c49eabf7e59be9ff1e33f645e8b496b7
92034fac8c59417f135721df887508e2922a6919dece6261708cc21b3668e904
92bf04738b0339f9f22115a3aee30620bf2e3d81e96f8cc7f0a0eeb96a62693b
947c9dfa0c6c01f1578efc98c132d56cf36be784b2b237d3b851801f46a5042b
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a11b762d8970d24fb363fd01415e89647b04c5ec0d52f55576d47cbbe638b9d8
a1506d421844df0a51eb2b7ad2a361ea3f7a6a83c9ebfb9065ab0c06d8f8c0ca
a17112c6650d6f634330d28b099bc01ab1b8de59c09738fe9573a2a734e06e0e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2daf62d5204250bf152e5b83f87b293d4c06e94ae19314953bcb2ff96d85820
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a815319861beaab11efcbd20da38cd0c8e9bcc30f6640bc62b49ba4f7d3d146d
a99147429fc50a309ce8a0056283c9f656bf8bf8415bdfac386fdc10ed4a165a
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
bb0b3d50b3681f172f14afb2e21ec12a520d67342d070402129413663648e6c0
bd2c728d755a96bf1ebf3a8ef6a07545571498691a2c2663df5a08ce23b7b5cd
be7fd4a76d16eaf0869c22ccbe53a3baa540ae5cabcc08dd9dc40f68268b883d
c18c6f8b06ceaf0958b202ce492a3a0f7f6f93c40f4f9420445eeaa0789bf073
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ced14124fdcf5b1197ef003df3f4b4e65c5b0bd8f74138c77de429f38f278fee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe8e5168d661e94ef9fc3ae9d3f2a5b7a02093231694e1ae0573b5be6c4215a
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d16b463c72ac6e6c44285116a95900d2d6990a9059113030d1279f12d3662524
d3112ae98e17f0ef1646d3c2a0dc0d89260387d4575be3f7a73d16dc1b6af5b0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3cdcc4fee17c23a1a595e05f4d39e89290e763b555fce4ea265488e70b8d61
e053f0de4263c40c68eebfed0e20629477f1feff4d187268df150019cc6b10ef
e19df9861f0432ff8edbfef8f3b1691c13046884667322788733eb72596b60fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dad81ae9e89995623b89e9c6f7c5c926a098f0882f66dfeb6a7bf99926c1f2
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
ec95d857fd8a4f61082466f0e5bd19cdb43608e55d4703ad2741cd5e112cb941
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d760c1ce0a632fc16adab88f286afeb1c477d8a11f4c942721a2cdda649a8d
f477059c0bc27fcb5a2d8bf79b71912badc7a5f83be3a6042a14e13248990b77
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
fb886234076c2e705383bfddf367a0cff749fe4f86e0cbf2759f3bbfded9c17d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
feef3eb8f920527b7272539e72bbc92f30748088233263067bbcf7faf9debbb5