urlscan.io logo urlscan.io
SecurityTrails logo

says.com Open in urlscan Pro
2606:4700::6812:12ee  Public Scan

Go To Rescan Add Verdict Report
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249...
Submission: On January 03 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 12 countries across 78 domains to perform 458 HTTP transactions. The main IP is 2606:4700::6812:12ee, located in United States and belongs to CLOUDFLARENET, US. The main domain is says.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 5th 2021. Valid for: a year.
This is the only time says.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2606:4700::68... 13335 (CLOUDFLAR...)
13 2606:2800:234... 15133 (EDGECAST)
9 216.58.212.130 15169 (GOOGLE)
3 65.9.58.29 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
3 2.18.233.180 16625 (AKAMAI-AS)
6 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
69 151.101.129.44 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 7 13.35.253.71 16509 (AMAZON-02)
1 6 63.35.242.195 16509 (AMAZON-02)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 35.244.159.8 15169 (GOOGLE)
1 23.37.38.181 16625 (AKAMAI-AS)
1 5 185.33.220.241 29990 (ASN-APPNEX)
4 185.86.139.96 201081 (SMARTADSE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
3 104.244.42.136 13414 (TWITTER)
6 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
2 2600:9000:205... 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 199.232.136.157 54113 (FASTLY)
1 2600:1f16:d83... 16509 (AMAZON-02)
1 2620:1ec:27::... 8075 (MICROSOFT...)
2 151.101.65.181 54113 (FASTLY)
7 2a03:2880:f11... 32934 (FACEBOOK)
1 104.244.42.3 13414 (TWITTER)
1 104.244.42.197 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.130 16625 (AKAMAI-AS)
2 8 2.18.234.21 16625 (AKAMAI-AS)
5 6 142.250.184.194 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
1 104.111.215.191 16625 (AKAMAI-AS)
3 3 185.33.223.38 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
2 11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.64.190.78 62713 (AS-PUBMATIC)
4 20.84.22.197 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
10 141.226.228.48 200478 (TABOOLA-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 4 37.157.6.242 198622 (ADFORM)
2 2 213.155.156.166 1299 (TWELVE99 ...)
6 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
9 185.64.190.80 62713 (AS-PUBMATIC)
3 4 151.101.2.49 54113 (FASTLY)
1 1 23.88.75.188 24940 (HETZNER-AS)
1 1 52.200.181.105 14618 (AMAZON-AES)
2 2 185.29.132.245 30419 (MEDIAMATH...)
2 185.64.190.81 62713 (AS-PUBMATIC)
3 4 51.222.80.231 16276 (OVH)
4 8 52.223.40.198 16509 (AMAZON-02)
2 2 34.254.143.3 16509 (AMAZON-02)
1 169.50.137.182 36351 (SOFTLAYER)
3 3 18.156.0.31 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 5 52.29.51.56 16509 (AMAZON-02)
1 1 146.0.227.110 29066 (VELIANET-...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 66.155.71.149 13768 (COGECO-PEER1)
1 2 52.46.154.242 16509 (AMAZON-02)
1 1 185.183.112.148 60350 (VP)
1 44.231.49.84 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
25 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2606:2800:134... 15133 (EDGECAST)
4 2a00:1450:400... 15169 (GOOGLE)
6 18.204.74.96 14618 (AMAZON-AES)
2 2600:1f18:612... 14618 (AMAZON-AES)
4 4 185.94.180.126 35220 (SPOTX-AMS)
1 13.32.27.92 16509 (AMAZON-02)
1 76.223.26.175 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
1 2 172.67.177.215 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.230 15169 (GOOGLE)
1 141.95.3.9 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 1 23.37.42.132 16625 (AKAMAI-AS)
4 23.79.143.124 16625 (AKAMAI-AS)
24 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 69.173.144.139 26667 (RUBICONPR...)
2 142.250.186.130 15169 (GOOGLE)
1 69.173.144.165 26667 (RUBICONPR...)
1 2a04:4e42:400... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 198.47.127.20 62713 (AS-PUBMATIC)
6 13.35.253.104 16509 (AMAZON-02)
1 185.64.189.226 62713 (AS-PUBMATIC)
458 104
21    2606:4700::6812:12ee (United States)

ASN13335 (CLOUDFLARENET, US)
says.com
images.says.com
3    2606:4700:3035::ac43:a9b3 (United States)

ASN13335 (CLOUDFLARENET, US)
policy.revasia.com
7    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2606:4700::6812:c50 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.nst.com.my
2    2606:4700::6812:eec (United States)

ASN13335 (CLOUDFLARENET, US)
themalaysianreserve.com
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
13    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
9    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
securepubads.g.doubleclick.net
3    65.9.58.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-29.fra56.r.cloudfront.net
tags.crwdcntrl.net
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
69    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    13.35.253.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-71.fra6.r.cloudfront.net
sb.scorecardresearch.com
6    63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
id.crwdcntrl.net
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
mediaprima-d.openx.net
u.openx.net
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
5    185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    2606:4700:20::681a:c52 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.skypack.dev
3    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
6    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
2    2600:9000:2057:5000:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
5    2606:4700::6811:ab72 (United States)

ASN13335 (CLOUDFLARENET, US)
says.api.useinsider.com
log.api.useinsider.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2600:1f16:d83:1200::6e:0 (Columbus, United States)

ASN16509 (AMAZON-02, US)
c16d-35-240-187-111.ngrok.io
1    2620:1ec:27::cafe:1799 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    151.101.65.181 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
7    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
3    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
8    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
6    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
3    185.33.223.38 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
11    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
f.clarity.ms
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
10    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
2    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.166 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
9    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
1    52.200.181.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-181-105.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
4    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
8    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a05:d018:d29:3601:6aba:1333:1e2b:7cf5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
5    52.29.51.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-51-56.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    44.231.49.84 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-49-84.us-west-2.compute.amazonaws.com
dmp.brand-display.com
10    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
18    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
25    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
16    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    18.204.74.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-74-96.compute-1.amazonaws.com
ping.chartbeat.net
2    2600:1f18:612b:4200:43f8:c79a:f116:17d6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    13.32.27.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-92.fra56.r.cloudfront.net
choices.truste.com
1    76.223.26.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad9411418cf2cdacd.awsglobalaccelerator.com
de1-bid.adsrvr.org
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    172.67.177.215 (United States)

ASN13335 (CLOUDFLARENET, US)
metrics.getrockerbox.com
7    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
1    141.95.3.9 (France)

ASN16276 (OVH, FR)
PTR: p32.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
24    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2606:4700::6811:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)
segment.api.useinsider.com
hit.api.useinsider.com
1    2606:4700::6811:a972 (United States)

ASN13335 (CLOUDFLARENET, US)
location.api.useinsider.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
6    13.35.253.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-104.fra6.r.cloudfront.net
choices.trustarc.com
1    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
Apex Domain
Subdomains		 Transfer
81 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
am-trc-events.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
pips.taboola.com
cds.taboola.com
3 MB
38 googlesyndication.com
d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
234 KB
28 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
static.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
245 KB
24 2mdn.net
s0.2mdn.net
200 KB
24 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
t.pubmatic.com
150 KB
21 says.com
says.com
images.says.com
757 KB
18 youtube.com
www.youtube.com
1 MB
17 twitter.com
platform.twitter.com
syndication.twitter.com
analytics.twitter.com
440 KB
16 ampproject.org
cdn.ampproject.org
322 KB
13 google.com
ampcid.google.com
adservice.google.com
www.google.com
29 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
120 KB
9 adsrvr.org
match.adsrvr.org
de1-bid.adsrvr.org
5 KB
9 useinsider.com
says.api.useinsider.com
segment.api.useinsider.com
location.api.useinsider.com
log.api.useinsider.com
hit.api.useinsider.com
97 KB
9 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
23 KB
9 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
id.crwdcntrl.net
21 KB
8 twimg.com
cdn.syndication.twimg.com
pbs.twimg.com
182 KB
8 typekit.net
use.typekit.net
p.typekit.net
120 KB
7 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
22 KB
7 facebook.com
www.facebook.com
839 B
7 clarity.ms
www.clarity.ms
f.clarity.ms
c.clarity.ms
25 KB
7 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
7 KB
7 scorecardresearch.com
sb.scorecardresearch.com
5 KB
6 trustarc.com
choices.trustarc.com
17 KB
6 chartbeat.net
ping.chartbeat.net
1 KB
6 google-analytics.com
www.google-analytics.com
20 KB
6 facebook.net
connect.facebook.net
308 KB
6 googletagservices.com
www.googletagservices.com
147 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 skypack.dev
cdn.skypack.dev
42 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
4 spotxchange.com
sync.search.spotxchange.com
3 KB
4 googleapis.com
fonts.googleapis.com
3 KB
4 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
2 KB
4 onaudience.com
pixel.onaudience.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 adform.net
c1.adform.net
2 KB
4 smartadserver.com
prg.smartadserver.com
2 KB
3 google.de
adservice.google.de
ampcid.google.de
www.google.de
2 KB
3 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
33 KB
3 jsdelivr.net
cdn.jsdelivr.net
58 KB
3 revasia.com
policy.revasia.com
28 KB
2 ytimg.com
i.ytimg.com
62 KB
2 ggpht.com
yt3.ggpht.com
6 KB
2 getrockerbox.com
metrics.getrockerbox.com
1 KB
2 tremorhub.com
taboola-supply-partners.tremorhub.com
365 B
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 exelator.com
loada.exelator.com
2 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 rlcdn.com
idsync.rlcdn.com
api.rlcdn.com
739 B
2 indexww.com
js-sec.indexww.com
2 KB
2 perfectmarket.com
widget.perfectmarket.com
32 KB
2 openx.net
mediaprima-d.openx.net
u.openx.net
465 B
2 themalaysianreserve.com
themalaysianreserve.com
2 nst.com.my
assets.nst.com.my
339 KB
1 id5-sync.com
id5-sync.com
526 B
1 mookie1.com
odr.mookie1.com
324 B
1 truste.com
choices.truste.com
9 KB
1 brand-display.com
dmp.brand-display.com
261 B
1 adotmob.com
sync.adotmob.com
307 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 admixer.net
inv-nets.admixer.net
584 B
1 quantserve.com
pixel.quantserve.com
541 B
1 simpli.fi
um.simpli.fi
616 B
1 stackadapt.com
sync.srv.stackadapt.com
643 B
1 loopme.me
csync.loopme.me
217 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 bing.com
c.bing.com
555 B
1 bluekai.com
tags.bluekai.com
304 B
1 t.co
t.co
471 B
1 ngrok.io
c16d-35-240-187-111.ngrok.io
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 googleadservices.com
www.googleadservices.com
14 KB
1 googletagmanager.com
www.googletagmanager.com
75 KB
1 cloudflare.com
cdnjs.cloudflare.com
7 KB
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
458 78
Domain Requested by
34 images.taboola.com vidstat.taboola.com
25 tpc.googlesyndication.com securepubads.g.doubleclick.net
says.com
tpc.googlesyndication.com
d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
s0.2mdn.net
24 s0.2mdn.net says.com
s0.2mdn.net
19 says.com says.com
static.cloudflareinsights.com
18 www.youtube.com www.youtube.com
16 cdn.ampproject.org securepubads.g.doubleclick.net
16 cdn.taboola.com says.com
cdn.taboola.com
13 platform.twitter.com says.com
platform.twitter.com
11 www.google.com 2 redirects says.com
tpc.googlesyndication.com
www.youtube.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
s0.2mdn.net
9 simage2.pubmatic.com ads.pubmatic.com
9 securepubads.g.doubleclick.net says.com
www.googletagservices.com
securepubads.g.doubleclick.net
8 match.adsrvr.org 4 redirects ssum-sec.casalemedia.com
imprammp.taboola.com
am-match.taboola.com
ads.pubmatic.com
7 www.gstatic.com d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
www.youtube.com
www.gstatic.com
7 pbs.twimg.com
7 www.facebook.com bcp.crwdcntrl.net
7 sb.scorecardresearch.com 1 redirects says.com
widget.perfectmarket.com
7 use.typekit.net says.com
use.typekit.net
6 choices.trustarc.com choices.truste.com
choices.trustarc.com
6 ping.chartbeat.net
6 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
6 image2.pubmatic.com ads.pubmatic.com
6 cm.g.doubleclick.net 5 redirects bcp.crwdcntrl.net
6 googleads.g.doubleclick.net www.googleadservices.com
says.com
www.youtube.com
d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 connect.facebook.net says.com
connect.facebook.net
bcp.crwdcntrl.net
6 www.googletagservices.com says.com
d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
www.googletagservices.com
5 imprammp.taboola.com says.com
vidstat.taboola.com
5 x.bidswitch.net 3 redirects imprammp.taboola.com
am-match.taboola.com
5 am-trc-events.taboola.com
5 15.taboola.com cdn.taboola.com
5 cdn.skypack.dev says.com
5 ib.adnxs.com 1 redirects ads.pubmatic.com
acdn.adnxs.com
ssum-sec.casalemedia.com
4 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
4 sync.search.spotxchange.com 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 fonts.googleapis.com securepubads.g.doubleclick.net
d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
4 pixel.onaudience.com 3 redirects ads.pubmatic.com
4 sync-tm.everesttech.net 3 redirects ssum-sec.casalemedia.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 f.clarity.ms www.clarity.ms
f.clarity.ms
4 prg.smartadserver.com ads.pubmatic.com
3 log.api.useinsider.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 ups.analytics.yahoo.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 secure.adnxs.com 3 redirects
3 d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 trc.taboola.com cdn.taboola.com
3 syndication.twitter.com platform.twitter.com
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 ads.pubmatic.com says.com
ads.pubmatic.com
3 tags.crwdcntrl.net says.com
tags.crwdcntrl.net
3 cdn.jsdelivr.net says.com
3 policy.revasia.com says.com
2 googleads4.g.doubleclick.net says.com
2 hit.api.useinsider.com says.api.useinsider.com
2 i.ytimg.com www.youtube.com
2 yt3.ggpht.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 metrics.getrockerbox.com 1 redirects d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
2 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
2 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 loada.exelator.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 stats.g.doubleclick.net www.google-analytics.com
2 c.clarity.ms 1 redirects
2 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
2 js-sec.indexww.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 says.api.useinsider.com www.googletagmanager.com
says.api.useinsider.com
2 static.chartbeat.com www.googletagmanager.com
says.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 themalaysianreserve.com says.com
2 assets.nst.com.my says.com
2 images.says.com says.com
1 t.pubmatic.com ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 pixel.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 location.api.useinsider.com says.api.useinsider.com
1 segment.api.useinsider.com says.api.useinsider.com
1 secure-assets.rubiconproject.com 1 redirects
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 ad.doubleclick.net www.googletagservices.com
1 odr.mookie1.com d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
1 de1-bid.adsrvr.org d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
1 choices.truste.com d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
1 sync.taboola.com imprammp.taboola.com
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 cdn.syndication.twimg.com platform.twitter.com
1 mab.chartbeat.com static.chartbeat.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 pixel.quantserve.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 c.bing.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 www.google.de
1 ampcid.google.de www.google-analytics.com
1 tags.bluekai.com bcp.crwdcntrl.net
1 idsync.rlcdn.com bcp.crwdcntrl.net
1 u.openx.net ads.pubmatic.com
1 acdn.adnxs.com ads.pubmatic.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 ampcid.google.com www.google-analytics.com
1 t.co
1 analytics.twitter.com static.ads-twitter.com
1 www.clarity.ms says.com
1 c16d-35-240-187-111.ngrok.io www.googletagmanager.com
1 static.ads-twitter.com says.com
1 www.googleadservices.com www.googletagmanager.com
1 hbopenbid.pubmatic.com ads.pubmatic.com
1 htlb.casalemedia.com ads.pubmatic.com
1 mediaprima-d.openx.net ads.pubmatic.com
1 www.googletagmanager.com says.com
1 cdnjs.cloudflare.com says.com
1 p.typekit.net use.typekit.net
1 static.cloudflareinsights.com says.com
458 138
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-05 -
2022-09-04		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
nst.com.my
Cloudflare Inc ECC CA-3		 2021-08-31 -
2022-08-30		 a year crt.sh
themalaysianreserve.com
Cloudflare Inc ECC CA-3		 2021-07-28 -
2022-07-27		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-05 -
2022-12-06		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-12 -
2022-01-10		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
useinsider.com
Cloudflare Inc ECC CA-3		 2021-09-20 -
2022-09-19		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.ngrok.io
R3		 2022-01-02 -
2022-04-02		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-01 -
2022-06-01		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.knorex.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.truste.com
Amazon		 2021-02-16 -
2022-03-17		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh

This page contains 42 frames:

Primary Page: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Frame ID: 343853BEA5C590377D347C2264192446
Requests: 213 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fsays.com
Frame ID: B2F5F9CEDBB59FC175E4AD121B6BD029
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11139
Frame ID: 03E6184D99D4419C5BA14392F77C7356
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=22%2C14%2C12%2C2&b=797747%2C1769168&c=11139
Frame ID: 29E12EABCC1F4B8490B18E915DF7087B
Requests: 10 HTTP requests in this frame

Frame: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8620EF873554647B3AB3185F387B13A7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 11465D5DF92C590DCAC296DE0D5215A2
Requests: 20 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C8F110152A97CA56F98B5AFDD63B6F5E
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 20C9784AD95DAD567C1F3618A51D086F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: FE55BE08C34C2F1383B0E745028DC34C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Frame ID: 20B0E983150466B7DB540909B9B9A6CE
Requests: 20 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: AA2C33E20D75D81AE24F0FB52C1E4A6F
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=118016C3-32FE-4D31-9E24-716BFDCF41AC
Frame ID: 379982BEC80F86AFB5DFAABDAFB973BE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5518196809362772532
Frame ID: DDA7350A4C8F8396AB9A3B6C21BFBC18
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 53B7D3BB2AE7B1D00860FEDF7550BE5A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7048791478841702549
Frame ID: B84E6485C0CBA88C155BF7F5D77FB519
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdJWgQACrDaoqwAF&gdpr=0&gdpr_consent=&_test=YdJWgQACrDaoqwAF
Frame ID: 32433E2A769C2CFE5D9E63ABD12F6257
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 81A261E4203280E043990763E0F0351F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CjHmtK5yRKZKhs4jabh-C1vHdkg
Frame ID: E25F128A0D6702B03D4DA743B70D56D4
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jz-pDMezRjA
Frame ID: A06A95627DE4450851E67A80C884034E
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/WDILsWklJuw
Frame ID: 7C3ADC2E6400895029A8A90D9A6A56EE
Requests: 18 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=5C448A689798140121049109836&cicmp=1337627&cijs=1&dast=V7wKkCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGbUhjYYL2nC5Ww4Xo8FiMVwOVrvBaLWEiVksFqPhajUaaxaLxWgyWw2nYLCFz-nubkMEmk6Hz3Wv1zycn7vG7_bLAQAAAOABgKglGmLHt6E9AgAAAECCZ-RagSKg4t9C4AIAAAAAA4BALFwDAIpD4S0uy-d08ltu_gAAeFAAAQAQwAgBIOB_FQEAAAAYAQAAACABEEgsLAFwuFs0AQAI8OsIRa88AQAAOKiTedpm-f___48ByHtvkgGgSNu4MegBePABeBACAAD4GEJdIR-5slIcICqALGIEAAAAsHVsh3Q0qRMqi6r___9_K4ArAIAAv45Q9NSsm5Ni1jAAAACAsQV6WPx-s8Ou8btd9v________9v9n8GgCbUw5WSFkQSxa7GM3KtsPYLCADA9m4AAG8CcDEHYAcAAABw9____58HAABwskfJ9lqNZ4-y3mewhc_p7q7fhC1Gq8lksxzOlovJYDgajkb7E8jZACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQD6rOpfN5dSoezMfl3NcefGzIxVyxXM4Vi-FcN1klAAAAAAAAAIAlTJk3AQAAADgNYjab7HYrbrzZM0Gs1WpZAwAAAHDrRg4!&excid=22&tst=1&docw=0&cs=false
Frame ID: 0D1CE79F67AB338DF1470428AD2ED51F
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=5289C8582580278258999321370&cicmp=1337627&cijs=1&dast=V7xFECFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHDUZLjfE1XCyGg4mu-FktVssV6PRcLdaDpcwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbYhA0-nwue71mofzc9f43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAQHEovMVl-ZxOfsvNHwAADwogAAACGCEABPyvIgAAAAAjAAAAACQAAomFJQAOd4smAAABfh2h6JUnAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAfQ6CuOmd-A4jERAWIRYwAAAAAto7tkI4mdUJlUfX___9vBXAFABDg1xGKXpp1c1LMGgYAAAAwtkAPi99vdtg1frfL_v_________N_s8A0IR6uFLSgkii2NV4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAAA29ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Ajkb4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBriQdW5dD6vTsWD-bic-9qDjw25mCuWy7liMZzrJqsEAAAAAAAAALCEKfMmAAAAAKdBzGaT3W7FjTd7Joi1Wi1rAAAAAG7dyAE!&excid=22&tst=1&docw=0&cs=false
Frame ID: C0617F72E9F3800B78EDA4CA82363850
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=5C448A68979814014387139085&cicmp=1337627&cijs=1&dast=V7b8ICFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHG7UhjYYL2nC5Ww4Xo8Fis5gNNrvhYjUaLWFiFovFaLhajcaaxWIxmsxWwykYbOFzurvbEIGm0-Fz3es1D-fnrvG7_XIAAAAAeAAgaomG2PFtaI8AAAAAkOAZuVagCKj4txC4AAAAAMAAIBAL1wCA4lB4i8vyOZ38lps_AAAeFEAAAAQwQgAI-F9FAAAAAEYAAAAASAAEEgtLABzuFk0AAAL8OkLRK08AAAAO6mSetln-____YwDy3ptkACjSNm4MegAefAAehAAAAD6G1haTMAp6jAOICiCLGAEAAABsHdshHU3qhMqi6v___98K4AoAIMCvIxRdNevmpJg1DAAAAGBsgR4Wv9_ssGv8bpf9_________5v9nwGgCfVwpaQFkUSxq_GMXCus_QICALC9GwDAmwBczAHYAQAAANz9____5wEAAEztUbK9VuPZo6z3GWzhc7q76zdhi9FqMtksh7PlYjIYjoaj0f4EcjbAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNMSDqnPpfF6digfzcTn3tQcfG3IxVyyXc8ViONdNVgkAAAAAAAAAYAlT5k0AAAAAToOYzSa73Yobb_ZMEGu1WtYAAAAA3LqRAw!&excid=22&tst=1&docw=0&cs=false
Frame ID: AA78A8EAC9AA65999D19C50A2E160744
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=7FB161CAF975946435186045331&cicmp=1337627&cijs=1&dast=V7HVkCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHDejMGaLDYPG3K2Wo9loM1qMVovlZDEZDpYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbYhA0-nwue71mofzc9f43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAQHEovMVl-ZxOfsvNHwAADwogAAACGCEABPyvIgAAAAAjAAAAACQAAomFJQAOd4smAAABfh2h6JUnAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAfQzNqpqq6Cz8jRAXMRYwAAAAAto7tkI4mdUJlUfX___9vBXAFABDg1xGKjpp1c1LMGgYAAAAwtkAPi99vdtg1frfL_v_________N_s8A0IR6uFLSgkii2NV4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAACM9ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Ajkb4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBriQdW5dD6vTsWD-bic-9qDjw25mCuWy7liMZzrJqsEAAAAAAAAALCEKfMmAAAAAKdBzGaT3W7FjTd7Joi1Wi1rAAAAAG7dyAE!&excid=22&tst=1&docw=0&cs=false
Frame ID: 861B372CB42A9EB53FCBB95D55EC70EF
Requests: 1 HTTP requests in this frame

Frame: https://says.api.useinsider.com/worker-new.html
Frame ID: D20B61CA38ACB35B4C0C9BCF8CBE06C6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 2342F0A6F8765DE8AB46B653DF8008BE
Requests: 16 HTTP requests in this frame

Frame: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2681F9593CFDA53523676151FE615552
Requests: 23 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: AABBCB76DF6F80F307E7BB44B5669812
Requests: 12 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1641174657657&uv=103298943&tms=1641174657657&abt=adh5c-1_vA!expl_vE!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!spa2_vB!t45!ufm_vE!ul103298-943_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8024CAB8C278537512733621727&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: DC71454F4E7D5A2A8AF4D33107A91E09
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 1CD05DA859B856947203AD9922BADD0A
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 1164FA19BD534D60BD666889A047EF21
Requests: 16 HTTP requests in this frame

Frame: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E030504A53DF7C6BCF5C0E2E8F4175DF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 538454AC99E2379BD2BA4E786166D871
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 148EC02A74FC0A13278FD085009252BF
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6C3F3B1AD54F321C097E4091FB248909
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 25A5057A8D87C5924D8D291880C4953B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: C5A48046EDDDD1FC5E21885BC8BB1651
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPSN2EKPSN2EK__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 5556B0602C853818B9AACCC46AE06931
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CE3BC85EE565F03BD9415C514E4E5965
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Frame ID: B2C889C158DD024FC5F727690A29FC85
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Frame ID: 0354C423CA558D27A586E0687F14BC56
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 47C1FABC0A76A4EDD319D7BF8F86BF3F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Here's Where You Can Call In To Get Your COVID-19 Booster Shots In Klang ValleyGroup 3Group 3Group 3Group 3

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • api\.useinsider\.\w+/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • (?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

458
Requests

93 %
HTTPS

43 %
IPv6

78
Domains

138
Subdomains

104
IPs

12
Countries

8432 kB
Transfer

20422 kB
Size

104
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsays.com%2F&domain=says.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=yVazS3w5V0tTNXp0a3pFMnQyRnN5RlRwVFJ2amRlZVlBNy9EdUVuTHpjNEV4V0RlczF5TGZGekZHaStnQktEb2JYQndrTjhwQzMrWExtMmpOVy9CR3QydlJwV3ZGMjhyQjN0cTRFVVd1VUQwTHdRSno3T2RiQUtaVnBFcXllam1IN2toZGw4bGRuMms0OU5nZG5NWnpVZGNhaU9mU2pVckEzWWlCdzZhcWNhOHpOZ3FabGx1bWc1NWIwWnpqY3BqaS9teGJKY3N1bEJtTXJWa3YrNTFCMVlEYTNKOSt6VTM4QjhBREFDaXVPczJscm00PXw&cppv=2
Request Chain 63
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034955&ns__t=1641174656629&ns_c=UTF-8&cv=3.5&c8=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&c7=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1641174656629&ns_c=UTF-8&cv=3.5&c8=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&c7=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&c9=
Request Chain 102
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=166636465%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D166636465%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/rand=166636465/tpid=58118359780705262/tp=ANXS
Request Chain 111
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=8C6629647E6E489885CE83EF8FDF7A3B&RedC=c.clarity.ms&MXFR=27BED3394602693C1C70C21842026717 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=8C6629647E6E489885CE83EF8FDF7A3B&MUID=3938795AD3FB6F5510B6687BD2906E79
Request Chain 116
  • https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 167
  • https://c1.adform.net/serving/cookie/match?party=14&cid=118016C3-32FE-4D31-9E24-716BFDCF41AC HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=118016C3-32FE-4D31-9E24-716BFDCF41AC
Request Chain 168
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5518196809362772532
Request Chain 170
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7048791478841702549
Request Chain 171
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YdJWgQACrDaoqwAF HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdJWgQACrDaoqwAF&gdpr=0&gdpr_consent=&_test=YdJWgQACrDaoqwAF
Request Chain 172
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 173
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CjHmtK5yRKZKhs4jabh-C1vHdkg
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EYAWwzL-TTGeJHFr_c9BrA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 175
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=95fa61d2-5681-4400-a0ba-0be3a8a45902
Request Chain 176
  • https://pixel.onaudience.com/?partner=214&mapped=118016C3-32FE-4D31-9E24-716BFDCF41AC HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=e8670499-52a2-4208-8129-cce31db99c55&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=1a3dac1642ccf6b07e14f4f8e9d32b85 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0159e0925a81f04a556541d094630e6d
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTE4MDE2QzMtMzJGRS00RDMxLTlFMjQtNzE2QkZEQ0Y0MUFD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECv5wFuJxeFupTYtHoJgOUM&google_cver=1
Request Chain 180
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:656061d2-5681-4100-8a29-56cf4c73c31f&gdpr=0&gdpr_consent=
Request Chain 181
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=537624061829043149
Request Chain 182
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8670499-52a2-4208-8129-cce31db99c55
Request Chain 183
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=58118359780705262&gdpr=0&gdpr_consent=
Request Chain 184
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=118016C3-32FE-4D31-9E24-716BFDCF41AC&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=118016C3-32FE-4D31-9E24-716BFDCF41AC&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DqiZqj9E2uXTjY0Syj2PRc7hskF2i8M-~A&gdpr=0&gdpr_consent=
Request Chain 186
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1bhbGda_BxrOul5O0rkSE9K6XEnOv10c1-pMC-LV
Request Chain 187
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param%3D5452ea25-dd70-4a72-94ca-65c379242b52%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=cdb7aaf7ee454d5a8b91c53589d4a72b&ssp=pubmatic&bsw_param=5452ea25-dd70-4a72-94ca-65c379242b52&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5452ea25-dd70-4a72-94ca-65c379242b52&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 188
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7880709546110963018&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 190
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 192
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdJWgI9SKrAigR8Y6xS4wwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHFCjiE7TD_iJ8gfwgcMJpo&google_cver=1&gdpr=1
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdJWgI9SKrAigR8Y6xS4wwAABLkAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECrRkZoGpQH_gDL2QKDadR0&google_cver=1
Request Chain 194
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdJWgI9SKrAigR8Y6xS4wwAABLkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdJWgI9SKrAigR8Y6xS4wwAABLkAAAAB&dcc=t
Request Chain 196
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 198
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YdJWgQACsZHcJgAm
Request Chain 303
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=98a538b3-6c37-11ec-9ed0-174deb1e0206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=98a53854-6c37-11ec-9ed0-174deb1e0206&orig=video&us_privacy=1---gdpr=1&
Request Chain 305
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-nfAWhm9E2uFcB4RBp1aW3pEL3hoGgcpJSb._mlo-~A
Request Chain 308
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=98a520c2-6c37-11ec-a416-1bce7de30206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=98a53854-6c37-11ec-9ed0-174deb1e0206&orig=video&us_privacy=1---gdpr=1&
Request Chain 319
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=e8670499-52a2-4208-8129-cce31db99c55&gdpr=1&gdpr_consent=
Request Chain 320
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3Dr9vak6v%26tier_three%3D5llqzru%26tier_four%3Dcx40n3a0%26uid_ts%3D1641174658 HTTP 302
  • https://metrics.getrockerbox.com/track/v4?uid=58118359780705262&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0&uid_ts=1641174658
Request Chain 327
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 377
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 389
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

458 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley
says.com/my/news/ 		67 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger 6.0.4
Resource Hash
41ffc3dc8ad717f17d0a2ca8e1fa128a6882bac0dc881fab0029b46fc66453c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-type
text/html; charset=utf-8
status
200 OK
cache-control
private, max-age=1800, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
339d8991-7606-476b-86a7-59b11d70aef6
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-runtime
0.427081
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 6.0.4
via
1.1 google
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6c78943a6f6a696a-FRA
content-encoding
br
bootstrap-9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4.css
says.com/assets/ 		154 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/bootstrap-9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4.css
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c7894417926696a-FRA
date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
age
6575
etag
W/"5ddf9000-26643"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30
content-encoding
br
expires
Mon, 03 Jan 2022 01:51:26 GMT
application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
says.com/assets/ 		339 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c7894417927696a-FRA
date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 08 Nov 2021 15:01:00 GMT
server
cloudflare
age
3031
etag
W/"61893bac-54a7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30
content-encoding
br
expires
Mon, 03 Jan 2022 01:51:26 GMT
cookie.consent.css
policy.revasia.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://policy.revasia.com/cookie.consent.css
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a9b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe8e5168d661e94ef9fc3ae9d3f2a5b7a02093231694e1ae0573b5be6c4215a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=yFoefQ==, md5=/Co07jaJviW5aoG5Zrx82A==
date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3162
x-guploader-uploadid
ADPycdvRf8jltHmEASmfgttYq0773mnqVf8kGJykiMjYvmyr8z5cZ6piIe90m08rirEekwZP6riL-xaAE_FdWgvdeLM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 27 Sep 2019 04:27:42 GMT
server
cloudflare
etag
W/"fc2a34ee3689be25b96a81b966bc7cd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNtva2BkBQWlEZmhWQ7o2zVipVDeoZA1Sen9ZgOQHZptgv94l%2BmzD2if1J%2BX64%2Beeq%2FTvyKonMePs8nKqAGQ4yT5RmrfgdiUj1a4a52aH6piMTALUTukSDah8fWfoC5kBBHIrtwIX%2BgqXoXglR4Ongg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1569558462623355
content-type
text/css
cache-control
public, max-age=14400
x-goog-stored-content-length
1132
cf-ray
6c7894419c026907-FRA
expires
Mon, 03 Jan 2022 01:58:14 GMT
ner5wjl.css
use.typekit.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ner5wjl.css
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1fecaf8fcb78c537e1c1e6cee00ec28b8f2e6c5b2799df77986f82d71b5d1409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 03 Jan 2022 01:50:56 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1080
sto.css
says.com/foodpanda/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://says.com/foodpanda/sto.css
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c83406917f94579ddce8c580d0b39518623c4b7af8f1a17d9634943859cea6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c7894417928696a-FRA
date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 29 Dec 2021 03:39:50 GMT
server
cloudflare
age
2802
etag
W/"61cbd886-1d9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
content-encoding
br
says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
says.com/assets/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://says.com/assets/says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c7894417929696a-FRA
date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
age
8350
etag
W/"5ddf9000-86a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=60
content-encoding
br
4f4362561713c661011f4985846ff12b.png
images.says.com/uploads/user/avatar/706214/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/user/avatar/706214/4f4362561713c661011f4985846ff12b.png
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c110224eb23f708bb35bfd429462d0b9d95f901dafe821ff95f0f9586e149a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
cf-cache-status
HIT
age
31995
cf-polished
origSize=15769, status=webp_bigger
x-guploader-uploadid
ADPycdu9VDaGXv659MLwObY22nFp6amrck_LvgpDTT-qwDeG_75WozZ9USJWViQsX83EKOH11L-zPKzXUfvdwK_LYQTkyTAaeQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
15266
last-modified
Tue, 21 Jul 2020 13:18:16 GMT
server
cloudflare
etag
"a11465c3a92a3dc5f1b9497c2b3227fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=RD+HHw==, md5=oRRlw6kqPcXxuUl8KzIn/Q==
x-goog-generation
1595337496275963
expires
Sat, 03 Jan 2032 13:50:56 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
15769
accept-ranges
bytes
cf-ray
6c789441893e696a-FRA
cf-bgj
imgq:100,h2pri
favicon-16x16.png
says.com/ 		278 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://says.com/favicon-16x16.png
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
599484f5458509339918e4b0c0cc0725214382038f76b41beeffca2fdb085ca9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
age
1352
cf-polished
origFmt=png, origSize=638
content-disposition
inline; filename="favicon-16x16.webp"
content-length
278
last-modified
Wed, 29 Dec 2021 03:39:50 GMT
server
cloudflare
etag
"61cbd886-27e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6c789441792c696a-FRA
cf-bgj
imgq:100,h2pri
AFP010247780_1641172699.jpg
assets.nst.com.my/images/articles/ 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/AFP010247780_1641172699.jpg
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a667659c49a5f03e99e5626a9796a68bbe406c48aa671e4bc5e74d0e22f6691b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
cf-cache-status
HIT
age
1431
cf-polished
degrade=85, origSize=190936, status=webp_bigger
x-guploader-uploadid
ADPycdvclS8fvDAnnFbUNWGoVyiWArLL88oAyyaOz63Sm8LEOdCcBMjxZhxvjHPzsnNjE0QwbATQW4rEFKoD4jOHbSQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
186927
expires
Mon, 03 Jan 2022 02:50:56 GMT
last-modified
Mon, 03 Jan 2022 01:18:19 GMT
server
cloudflare
etag
"2808ab2d4d4cc516b0516445e9b851ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=esEiPQ==, md5=KAirLU1MxRawUWRF6bhRqw==
x-goog-generation
1641172699450006
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
190936
accept-ranges
bytes
cf-ray
6c789441dc923244-FRA
cf-bgj
imgq:85,h2pri
03nt02high2_1641172513.jpg
assets.nst.com.my/images/articles/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/03nt02high2_1641172513.jpg
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7179469e537ed7ed9e237251f8fc31b5961c3d7e5249ce40458591962c99dab4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
cf-cache-status
HIT
age
949
cf-polished
degrade=85, origSize=165290, status=webp_bigger
x-guploader-uploadid
ADPycdvChE44uzKFZjw94p-AHVkLTIGMu5NWwA44Fpd4JigNNzQ2NR45Jh6c7EQkn8SFaYw7x3lUtQ4075KYR7IO1uboherYqw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
158478
expires
Mon, 03 Jan 2022 02:50:56 GMT
last-modified
Mon, 03 Jan 2022 01:15:15 GMT
server
cloudflare
etag
"5f328d8c861600bd41fafdcd942656e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=sK0QRw==, md5=XzKNjIYWAL1B+v3NlCZW5Q==
x-goog-generation
1641172515254353
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
165290
accept-ranges
bytes
cf-ray
6c789441dc943244-FRA
cf-bgj
imgq:85,h2pri
Futsal-League-FAM.jpg
themalaysianreserve.com/wp-content/uploads/2021/12/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themalaysianreserve.com/wp-content/uploads/2021/12/Futsal-League-FAM.jpg
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
04TR003A1-1.jpg
themalaysianreserve.com/wp-content/uploads/2021/05/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themalaysianreserve.com/wp-content/uploads/2021/05/04TR003A1-1.jpg
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
rocket-loader.min.js
says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 26 Dec 2021 13:15:20 GMT
server
cloudflare
etag
W/"61c86ae8-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6c789441792e696a-FRA
vary
Accept-Encoding
expires
Wed, 05 Jan 2022 01:50:56 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://says.com/
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6c789441aab87031-FRA
large_thumb_0093.jpg
images.says.com/uploads/story/cover_image/52918/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/52918/large_thumb_0093.jpg
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa045a38d39e9c9441b12976bd79f527785a69abc28788d0a16f879960f87fbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
cf-cache-status
HIT
age
245878
cf-polished
origSize=309839, status=webp_bigger
x-guploader-uploadid
ADPycdvhlObt9FaRCXySVQ_S716kcrNJuRGYTSbV3Tpmvpj9WWsyQxHz19TJS3wup97VHRv8VIRxqKlNUd9gg1kDRgU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
273335
last-modified
Fri, 31 Dec 2021 04:16:24 GMT
server
cloudflare
etag
"55988b6c1def8af663d256626a954b16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ouQftg==, md5=VZiLbB3vivZj0lZiapVLFg==
x-goog-generation
1640924184253277
expires
Sat, 03 Jan 2032 13:50:56 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
309839
accept-ranges
bytes
cf-ray
6c7894418954696a-FRA
cf-bgj
imgq:100,h2pri
p.css
p.typekit.net/ 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=ner5wjl&ht=tk&f=139.140.173.174.175.176.10444.10739.10741.17001.17005&a=526275&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
sto.js
says.com/foodpanda/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/foodpanda/sto.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c079ba4e53b2aa20e080bf0c09862a66c8713e6cda440154173fe63be0db87b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c789441f9ed696a-FRA
date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 29 Dec 2021 03:39:50 GMT
server
cloudflare
age
3030
etag
W/"61cbd886-2085"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
content-encoding
br
typeahead.jquery.min.js
cdn.jsdelivr.net/typeahead.js/0.10.5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/typeahead.js/0.10.5/typeahead.jquery.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3dad81ae9e89995623b89e9c6f7c5c926a098f0882f66dfeb6a7bf99926c1f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5979798
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19174-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"510c-S3JXs07We2e7+mK0ogQDjPiLH0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6c789442885f0629-FRA
algoliasearch.helper.min.js
cdn.jsdelivr.net/algoliasearch.helper/2/ 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/algoliasearch.helper/2/algoliasearch.helper.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
17520
x-jsd-version
2.28.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19121-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1f4ce-yhw0k44Hf5WfhCJOdgej62yDo+U"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6c78944288620629-FRA
algoliasearch.min.js
cdn.jsdelivr.net/algoliasearch/3.9/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/algoliasearch/3.9/algoliasearch.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d03ca7f3ce7f1698643944490152dd091759abaae48a654dcb8c0e1fff69094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5979798
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19140-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"dca7-7EOIzEqVciton1p8sULUNdzPZIc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6c78944288630629-FRA
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
703
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
29126
x-tw-cdn
VZ
Last-Modified
Thu, 02 Dec 2021 21:35:27 GMT
Server
ECS (frb/6724)
Etag
"50ec7e701ed018305368886c39cac301+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1090 / 697 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 03 Jan 2022 01:50:56 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/11139/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
614746b52a14c73782d6bebd9bf0c4ff0466d1a1a652882ee2c7b75eb680bfc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 02:11:58 GMT
content-encoding
gzip
etag
W/"f97499c030a325003e49d5770c741f8d"
last-modified
Fri, 17 Dec 2021 06:30:10 GMT
server
AmazonS3
age
85139
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
6rTtWENfpKFcVEkKsR822_iItIifBFzBMV_mdSZ2Kgmh4XlTTjb5Eg==
bootstrap-70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8.js
says.com/assets/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/bootstrap-70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c789441f9f5696a-FRA
date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
age
6445
etag
W/"5ddf9000-ef1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30
content-encoding
br
expires
Mon, 03 Jan 2022 01:51:26 GMT
application-cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d.js
says.com/assets/ 		492 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/application-cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c789441f9f7696a-FRA
date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 02 Mar 2021 15:22:36 GMT
server
cloudflare
age
6445
etag
W/"603e583c-7b1ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30
content-encoding
br
expires
Mon, 03 Jan 2022 01:51:26 GMT
cookie.consent.js
policy.revasia.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://policy.revasia.com/cookie.consent.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a9b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bea71d07ca30415d598ea3dfbe6641f5aa63fe0414d3c27ed6bd0e89c603439

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=9GWciA==, md5=u1V6Wme8uXWjBAwtr2LbJw==
date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2567
x-guploader-uploadid
ADPycdtHeKU3yNjTH2o9sNYzaPbKVTdF2IK8Zhz-1RZHp3jMGmXFnThaHUcsll51eWQtnp6HWQV3iCZPiu4h2w49q2mWZV_f4g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 29 Oct 2019 04:03:50 GMT
server
cloudflare
etag
W/"bb557a5a67bcb975a3040c2daf62db27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQilVRNOH9yEN3JDzLow0fYVLEPB0QDWmUfiz2vzhahsVPVYEWy3N4TbDoLpf4aoeTaHl8%2Fa7lHgkqQwbbwn4KQ8ppasxm%2BxYrBx%2FwCHaqh4WqmRYjdhVa%2FBoTbh87yct9ogTiVAYcDDkqyTaeTwGJI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572321830602698
content-type
text/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
3234
cf-ray
6c789441fc7b6907-FRA
expires
Mon, 03 Jan 2022 02:08:09 GMT
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1090 / 583 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 03 Jan 2022 01:50:56 GMT
fp-icon.png
says.com/foodpanda/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://says.com/foodpanda/assets/fp-icon.png
Requested by
Host: says.com
URL: https://says.com/foodpanda/sto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ab4ea1c4f1729e22396f5dcdb10c46212588c44d475e24b4a8c507da9d1a5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/foodpanda/sto.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
age
2851
cf-polished
origFmt=png, origSize=3315
content-disposition
inline; filename="fp-icon.webp"
content-length
1360
last-modified
Wed, 29 Dec 2021 03:39:50 GMT
server
cloudflare
etag
"61cbd886-cf3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6c7894422a4d696a-FRA
cf-bgj
imgq:100,h2pri
fa-solid-900.woff2
says.com/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://says.com/fonts/fa-solid-900.woff2
Requested by
Host: says.com
URL: https://says.com/assets/application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Referer
https://says.com/assets/application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 29 Dec 2021 03:39:50 GMT
server
cloudflare
age
2802
etag
"61cbd886-12690"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6c7894423a5a696a-FRA
content-length
75408
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
57a4bb5c5fad1da04cf1d43c824c9117e6ae12d5fca469fd4e525e216fb37761

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
server
nginx
etag
"642d9266d1f9c63e0e36cec5fe51c6a1134c359a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19916
l
use.typekit.net/af/27776b/00000000000000003b9b0939/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/27776b/00000000000000003b9b0939/27/l?subset_id=2&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0382a06b8e3ec31595098573a3dbfd2d17b458498c1aa3b485741b0413777a9c

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
server
nginx
etag
"e1ccbb4a993cd81acf325a5b5760f522404cc494"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19664
fa-brands-400.woff2
says.com/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://says.com/fonts/fa-brands-400.woff2
Requested by
Host: says.com
URL: https://says.com/assets/application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d

Request headers

Referer
https://says.com/assets/application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 29 Dec 2021 03:39:50 GMT
server
cloudflare
age
2802
etag
"61cbd886-1231c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6c7894423a5e696a-FRA
content-length
74524
l
use.typekit.net/af/256534/00000000000000003b9b0938/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/256534/00000000000000003b9b0938/27/l?subset_id=2&fvd=i6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
721cb40da5eddb6b81df8ca37deabc89c9e3c4fec8e4a93506fedb996cf3c65c

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
server
nginx
etag
"2f3daa7b20e708b1be46806f3694b6aeb5f517a2"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20132
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f496b4544f491ae23fe1b2d7ce5aa997627e0bc8c10e778c159591e1c5482b54

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
server
nginx
etag
"2c0b6e23328e638bb18899aafbc85ad950333c16"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19364
l
use.typekit.net/af/6aec08/00000000000000003b9b0935/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6aec08/00000000000000003b9b0935/27/l?subset_id=2&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d4310e56d4f24aebaedcd972bbb25ec84f414fa5b9be2766749b518f4a920ba5

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
server
nginx
etag
"1ba84f7704212796fc4339b5d2f9857087d10fca"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20072
l
use.typekit.net/af/86b539/00000000000000003b9b093a/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/86b539/00000000000000003b9b093a/27/l?subset_id=2&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2f6fec90f9b0079aad59d497fa75796162208996aa12a56b65ad4dc2cb07053

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
server
nginx
etag
"7a571531ba8746780d4709c32909a81a6b90fc36"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20572
pwt.js
ads.pubmatic.com/AdServer/js/pwt/121793/1376/ 		370 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
eb73b4b13ce5f630efd84832e66bf7f27fd2bb50416053aebc1ebc3002da6c61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
last-modified
Mon, 08 Nov 2021 04:39:48 GMT
server
Apache/2.2.15 (CentOS)
etag
"1701087-5c742-5d03f952fdb82"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=28974
accept-ranges
bytes
content-type
text/javascript
content-length
114398
expires
Mon, 03 Jan 2022 09:53:50 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
l3CAhQ+oVoVHVLAFEyi6K7C1VHzNjUjr29+jHN5/Su+USHnL5LQycvnRfOc3tZrxL4H2Uv/2W/vARGohDNZXLw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 03 Jan 2022 01:50:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4000418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6646
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLAf3jZFYC6F7iTIiFgyBzSVEZeRNXbvUXL4csEwpW0HkeTU7vYWX6y7UcaYJQzp3O%2Bq4qRBLPi85jxIE8VO5roLsZP5TnOnLFoVATRtun3PLR4rfAgn2Rw7rCfSxEBWPzTe5rEzPeZkSDKBZw12pcpv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c789442fb628bbd-FRA
expires
Sat, 24 Dec 2022 01:50:56 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 03 Jan 2022 01:50:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		175 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=says.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
55c4447ef4df513c0f5bc6dff8232177b177b1655ec4e9023ed0d0e4f2fe22da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
0
expires
Mon, 03 Jan 2022 01:50:56 GMT
loader.js
cdn.taboola.com/libtrc/revasiaberhad-saysmy/ 		513 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc9264fbea72e16c2ab081f398e5740211ae2a88f942f0d5c94fb98e4e508841

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
0gRMjs_lsD7wNSCp3P3YKdctj2NDmRPs
content-encoding
gzip
etag
"32b4112352fcd2a12a18f3b08621becb"
age
0
x-cache
HIT
content-length
38121
x-amz-id-2
1iu19yqqFVw8Cj/bN9JVDauqF9cWItGMea+KUdaq3FzCmOVhblOoxBsnWrGvpPKxv56gB0qswEo=
x-served-by
cache-fra19124-FRA
last-modified
Sun, 02 Jan 2022 16:18:27 GMT
server
AmazonS3
x-timer
S1641174657.545352,VS0,VE101
date
Mon, 03 Jan 2022 01:50:56 GMT
vary
Accept-Encoding
x-amz-request-id
Q5T97HKEF8BX8V30
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
96
x-cache-hits
1
gtm.js
www.googletagmanager.com/ 		281 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f524854030f6ced460c57fc5cb2267acf50edba35ce3a8b7a5c1084dfdaf337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76745
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Jan 2022 01:50:56 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
698bee2a8b2563960756a7a23ef7c9fa59dcc8fd7633bc0c53e5279045a11b24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
cUfZsWnqrCA8P37Fp6QuDw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 03 Jan 2022 01:56:03 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
XDgvugjFj6+2OYZtAXfi/KiXW4tWVvyN7+tuzp5lckXftaxvRYr0gl/5SrPI4aIEZ4YkIT4+9U9XUdsreaCWPg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e744312c2fc29852fbc805046fae5505
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 03 Jan 2022 01:50:56 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"80e8473eeb9d9246796f8ac80c29677e"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 04:15:36 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
156852
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
O3CwbWWhRQxCrYqc690pmizOa032lFcMVPhfR1pz8jCc8QfRIq4log==
sto.js
says.com/foodpanda/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/foodpanda/sto.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c079ba4e53b2aa20e080bf0c09862a66c8713e6cda440154173fe63be0db87b

Request headers

Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c7894434bd7696a-FRA
date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 29 Dec 2021 03:39:50 GMT
server
cloudflare
age
2802
etag
W/"61cbd886-2085"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
content-encoding
br
169284420317900
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/169284420317900?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ee5c8cc2110f283eb7f773de3ca2482e08907f7fb5e05140f04a4f23d0e6951
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
gcJrZRT1uKDLorjK/+e/MGmFdFTJnu6kSaRc02u/H1Nj+oK4cHjZBIgWeSSAY+CgqLb+uFN0NfZLpajh7Sh6cA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 03 Jan 2022 01:50:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
data
bcp.crwdcntrl.net/6/ 		600 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
65f9884c915c66eb996b132ee5711a0066a1675a1b89f2e45ca0a3a09138ed2d

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://says.com
cache-control
no-cache
x-server
10.45.17.138
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
600
expires
0
widget_iframe.21f942bb866c2823339b839747a0c50c.html
platform.twitter.com/widgets/ Frame B2F5 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fsays.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2093072
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 03 Jan 2022 01:50:56 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Dec 2021 21:34:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsays.com%2F&domain=says.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://says.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://says.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1143
date
Mon, 03 Jan 2022 01:50:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsays.com%2F&domain=says.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=yVazS3w5V0tTNXp0a3pFMnQyRnN5RlRwVFJ2amRlZVlBNy9EdUVuTHpjNEV4V0RlczF5TGZGekZHaStnQktEb2JYQndrTjhwQzMrWExtMmpOVy9CR3QydlJwV3ZGMjhyQjN0cTRFVVd1VUQwTHdRSno3T2RiQUtaVnBFcX...
347 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yVazS3w5V0tTNXp0a3pFMnQyRnN5RlRwVFJ2amRlZVlBNy9EdUVuTHpjNEV4V0RlczF5TGZGekZHaStnQktEb2JYQndrTjhwQzMrWExtMmpOVy9CR3QydlJwV3ZGMjhyQjN0cTRFVVd1VUQwTHdRSno3T2RiQUtaVnBFcXllam1IN2toZGw4bGRuMms0OU5nZG5NWnpVZGNhaU9mU2pVckEzWWlCdzZhcWNhOHpOZ3FabGx1bWc1NWIwWnpqY3BqaS9teGJKY3N1bEJtTXJWa3YrNTFCMVlEYTNKOSt6VTM4QjhBREFDaXVPczJscm00PXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
a8fb548c04e553ea792b161b82740a47df129cd3d11a0c43c2d537c50470ae7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1796
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
location
https://mug.criteo.com/sid?cpp=yVazS3w5V0tTNXp0a3pFMnQyRnN5RlRwVFJ2amRlZVlBNy9EdUVuTHpjNEV4V0RlczF5TGZGekZHaStnQktEb2JYQndrTjhwQzMrWExtMmpOVy9CR3QydlJwV3ZGMjhyQjN0cTRFVVd1VUQwTHdRSno3T2RiQUtaVnBFcXllam1IN2toZGw4bGRuMms0OU5nZG5NWnpVZGNhaU9mU2pVckEzWWlCdzZhcWNhOHpOZ3FabGx1bWc1NWIwWnpqY3BqaS9teGJKY3N1bEJtTXJWa3YrNTFCMVlEYTNKOSt6VTM4QjhBREFDaXVPczJscm00PXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1386
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1090 / 776 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 03 Jan 2022 01:50:56 GMT
arj
mediaprima-d.openx.net/w/1.0/ 		73 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mediaprima-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=30a97ae5-6450-4126-88d3-8b0d0d074125%2C0811596f-84f4-4f73-b20c-08847d61bd7e%2C666c467d-c01d-4893-ba5d-1e93e0e1cf1d%2C32d703ee-4fc8-4ded-b5bc-bbf71666fe44&nocache=1641174656618&pubcid=8ef10dff-3f63-4863-a303-f76e8e75cc0b&aus=970x250%7C728x90%7C300x600%7C300x250&divIds=div-gpt-ad-1550463351823-0%2Cdiv-gpt-ad-1495594311787-0%2Cdiv-gpt-ad-1552298128681-0%2Cdiv-gpt-ad-1552296743136-0&auid=543531595%2C543531583%2C543531598%2C543531584
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
0e679b9741ec5e6d0c0f19f2cda0c2232fc33548c7fd828f4ebaf2aac0a82a47

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://says.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=503606&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2260b23a62bfe81d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2278d90c3f415bdf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503606%22%2C%22sid%22%3A%224%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2284026c98d2bde5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503559%22%2C%22sid%22%3A%221%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229a64ca8d7f588c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503607%22%2C%22sid%22%3A%225%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210265d7d806edf8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503611%22%2C%22sid%22%3A%229%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a56e678e086ed14a47401f4ab33634f6c7d7278ba86b15ac42aab401b06fd0f7

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://says.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Mon, 03 Jan 2022 01:50:56 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:56 GMT
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
332c95d5-d2c3-412b-9aa6-e05b5cf0050e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://says.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:55 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b3%3b114
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://says.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b14%3b98
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://says.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b8%3b83
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://says.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://says.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://says.com
date
Mon, 03 Jan 2022 01:50:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
sdk.js
connect.facebook.net/en_US/ 		284 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f04a259740a2fc182c6a03402564a4df
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
440d29dd54c0a414b7a7318f0f0f8534e8499759c5460dd6b87c7013f4c000a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://says.com/
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
C8PyJwNzN44CLaAhMy68gg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Jan 2023 00:10:01 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
81967
x-fb-rlafr
0
x-fb-debug
yoQdQH9vs0DgLAd0p7Hhk34VuYfd5e04HjODiZHCaN00q/IAG9M3l0gZtqJNcQ5usl6iPwX1CMEWF1rpOh8veQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
3e7c415d8c2136dd54e864902e707bc8
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 03 Jan 2022 01:50:56 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"ab630923cf13c83cdea88225c6036223"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
Draggable.js
cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/ 		465 B
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/Draggable.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256de1accbccc4ffee65cf0ae6ddda99d1a056e669ddb390c959b942df9a5358

Request headers

Referer
https://says.com/
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=att7LTDnmUhf0Ip5KRvCF11zzZLrmJxjmEA5lcYVfiY%2FUp9Y6qGg6NrVhq%2FSpHiZykuu%2FZ4YpRhVERU4BxjEZ%2FicuNyFxNhN%2F5PjoO2Itt0ph8k1AcUGkp9wDMi80qdbNGethucOLBmwiXid0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=31536000
x-import-url
/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/Draggable.js
cf-ray
6c7894441d384e9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gsap.js
cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/optimized/ 		305 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/optimized/gsap.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b9233c0c01ce219c102432f8da76d92d40bee603d575e238540da05da0ad17c

Request headers

Referer
https://says.com/
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wfo7zvoU%2FRLgnYjgnIcktc7I30ziwg4y7U8Vmc%2F%2F9VBSM8hWThx4O1xlmg9IkOI5M%2FCAMFBYXNox5AlBl%2BcxpliECwxWh4U5DjlPOxQqxro8YYe2%2FIhkbv1R2EY5ntekHVkRYzRaCey7BbTyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=31536000
x-import-url
/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/optimized/gsap.js
cf-ray
6c7894441d394e9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034955&ns__t=1641174656629&ns_c=UTF-8&cv=3.5&c8=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Va...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1641174656629&ns_c=UTF-8&cv=3.5&c8=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20V...
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1641174656629&ns_c=UTF-8&cv=3.5&c8=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&c7=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&c9=
Protocol
H2
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
BgbbXvZ18hGs8vAHYoE9AykhqGKSMu3RR8PVz1CKwRuqHm757i8icg==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1641174656629&ns_c=UTF-8&cv=3.5&c8=Here's%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&c7=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&c9=
content-length
409
x-amz-cf-id
8Z7EwAiPe_cPCFwwvj8wboZ41sldxxM1CClxFVNM09ZWRpPygaQeZw==
settings
syndication.twitter.com/ Frame B2F5 		232 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=739a11e99953152b03872de6b3550acc058e8b3c
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fsays.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time
111
date
Mon, 03 Jan 2022 01:50:55 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 01:50:56 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
c33ad87f6215d674c87ecea71a7ad45176ddb2dcc4438901ca9e71704df02c34
content-length
166
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 03E6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11139
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

content-type
text/html
date
Sun, 02 Jan 2022 05:30:58 GMT
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
x-amz-server-side-encryption
AES256
cache-control
max-age: 86400
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
HEJ9LVJoEImAi4ul41fH9_BKOo08KDlsdr68VpZe_-N5EbBM4LpOQA==
age
73199
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yVazS3w5V0tTNXp0a3pFMnQyRnN5RlRwVFJ2amRlZVlBNy9EdUVuTHpjNEV4V0RlczF5TGZGekZHaStnQktEb2JYQndrTjhwQzMrWExtMmpOVy9CR3QydlJwV3ZGMjhyQjN0cTRFVVd1VUQwTHdRSno3T2RiQUtaVnBFcXllam1IN2toZGw4bGRuMms0OU5nZG5NWnpVZGNhaU9mU2pVckEzWWlCdzZhcWNhOHpOZ3FabGx1bWc1NWIwWnpqY3BqaS9teGJKY3N1bEJtTXJWa3YrNTFCMVlEYTNKOSt6VTM4QjhBREFDaXVPczJscm00PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1130
date
Mon, 03 Jan 2022 01:50:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
962
date
Mon, 03 Jan 2022 01:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 03 Jan 2022 03:34:54 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 03 Jan 2022 01:50:56 GMT
chartbeat_mab_image.js
static.chartbeat.com/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab_image.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:30:40 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 20:17:30 GMT
server
nginx
age
1216
etag
W/"6009e15a-5976"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
jUPAsI9yxbiOWA8k_EcvIWjbWk-c3rBT3b3XKyjX6MGYMdENAWXa9w==
expires
Mon, 03 Jan 2022 03:30:40 GMT
ins.js
says.api.useinsider.com/ 		362 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.api.useinsider.com/ins.js?id=10002153
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def8fe9741279b34ef368d7dc416366eaf44d386d1cdcb656b7e2ebaf3f9af37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
cf-cache-status
HIT
age
1122
x-amz-request-id
ESJWMS4SPVQ4GZ25
x-amz-id-2
vzPWOuPawcUkOzHtgV6ZVcDq0saNhpX3YadwXqQ5Cd/DzywVZ3flTHuRh8NEVhpOAO6vB8PPd+4=
last-modified
Fri, 31 Dec 2021 22:03:11 GMT
server
cloudflare
etag
W/"459dde782db1aa2d9d97a49b9d824328"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=300
x-amz-version-id
KwkEoK2I5EylAY.VOdv5BtK.aYD1qmHr
cf-ray
6c7894448fca7039-FRA
expires
Mon, 03 Jan 2022 01:55:56 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 04:15:36 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
156852
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
u7dP9W6gzHqe7Bdwpek9bYEmJIzPoz2oAse5-Rr7xZXmNcWqYZh8qQ==
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kcgs7200150-IAD, cache-hhn11555-HHN
pcto.js
c16d-35-240-187-111.ngrok.io/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c16d-35-240-187-111.ngrok.io/pcto.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f16:d83:1200::6e:0 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:57 GMT
Connection
close
Content-Length
65
Content-Type
text/plain
9zgdxuyjho
www.clarity.ms/tag/ 		572 B
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/9zgdxuyjho
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1799 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
226fc7898f6ff88dcef4fd920484039471618de0c2da72c07f7218a23f38b00f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
x-powered-by
ASP.NET
x-azure-ref
0gFbSYQAAAAAnfbQ8FFKsSaLJrMace+6NTUFOMzBFREdFMDcxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
content-length
572
expires
-1
load.js
widget.perfectmarket.com/revasiaberhad-saysmy/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/revasiaberhad-saysmy/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76d2322d49a00d326f0f1a895eff4041618a76d0973d09c1576bf929bd4f4b25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
2XADTVrpjTfHIXWV0pT_ZYhLmSHLgZ_Z
content-encoding
gzip
etag
"b40ca4051ce92e93c82089fdf1047558"
age
141
x-cache
HIT, HIT
content-length
1254
x-amz-id-2
8nzQqvBZkpNrJ1IDuDS8EZ0+Q3Wad0+ZJpkhnguFHYfQeqBBwEvuc8MnkdfO83tWR4S4C1eYhjY=
x-served-by
cache-lax10666-LGB, cache-fra19140-FRA
last-modified
Tue, 17 Mar 2020 06:36:23 GMT
server
AmazonS3
x-timer
S1641174657.795014,VS0,VE149
date
Mon, 03 Jan 2022 01:50:56 GMT
vary
Accept-Encoding,,
x-amz-request-id
NCEKA0JT4E0TS1AV
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
impl.20220102-8-RELEASE.js
cdn.taboola.com/libtrc/ 		615 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c50d78ce24986e279056717313017673e9871a640c394432fbf03f1bba924ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
dYtea6gvEsdEEFr9DKH5IpqBR6HJLvgi
content-encoding
br
etag
"f11a3e012293ee80178fd3e66d3642d2"
age
7475
x-cache
HIT
content-length
129755
x-amz-id-2
UJKQFfZ6ADxqUvNEPRJLkvYwSaArGyYhiCc4msE7soE87QCDOvJ5YTl7K53Su3pE/jZ39jU0e3E=
x-served-by
cache-fra19124-FRA
last-modified
Sun, 02 Jan 2022 15:39:08 GMT
server
AmazonS3-br
x-timer
S1641174657.758385,VS0,VE0
date
Mon, 03 Jan 2022 01:50:56 GMT
vary
Accept-Encoding
x-amz-request-id
EFK2DDV57C2TCBEJ
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
41
x-cache-hits
6801
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=204299389728697&ev=fb_page_view&dl=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&rl=&if=false&ts=1641174656756&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 03 Jan 2022 01:50:56 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=204299389728697&ev=fb_page_view&dl=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&rl=&if=false&ts=1641174656757&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 03 Jan 2022 01:50:56 GMT
gsap.js
cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/optimized/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/optimized/gsap.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b947a3efe23b4827fa6e4f7c6c0364baa2f66d27d0eb8074d5ab36380876e952
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/optimized/gsap.js
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
etag
W/"f114-9BlmNMloJV8XaPp0tvFxaV9bubg"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642013
strict-transport-security
max-age=63072000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-vercel-id
fra1::sfo1::llnb4-1640532643865-da8ad6023964
x-vercel-cache
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXway8Mc6AI2sE9dygnsnk%2FSfknIdIjlkMyMSh9c8p1oJWa3kRJqSiBralXhHtc4LIkGuQ90empecVl%2FRK%2BftLnEEMGS6ZEPVrWB0eK4%2Bvlo73awYi0XFiGTKQGKp237U1cnDVgjpjPRAVqOEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, X-Imports
cache-control
public, max-age=31536000, immutable
cf-ray
6c789444dc2d4309-FRA
b
sb.scorecardresearch.com/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034955&comscorekw=fbia&ns__t=1641174656762&ns_c=UTF-8&cv=3.5&c8=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&c7=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
-PJZVvR_b5TnnYk5dJ2tuDtLEcH4pBVcMBSq2UV_fFCTY6afUXGr8w==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/ 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1641174656763&ns_c=UTF-8&cv=3.5&c8=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&c7=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
cmU8yHYAU8jc7hTEjEjr0uWDstCQXYdZ7RmjmiB54f3ZI4AcF_3m1w==
x-cache
Miss from cloudfront
adsct
analytics.twitter.com/i/ 		31 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1blg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=75d1c6c9-8ff2-436c-9598-d3a686baa761&tw_document_href=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
119
pragma
no-cache
last-modified
Mon, 03 Jan 2022 01:50:56 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
caf59280e7387519ab8e86e79de1dd0c91cfda2f92983a8ed7f70a89528e6e27
x-transaction
92130807e584308e
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1blg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=75d1c6c9-8ff2-436c-9598-d3a686baa761&tw_document_href=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
112
pragma
no-cache
last-modified
Mon, 03 Jan 2022 01:50:56 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
d360eff92740329cab47e29dddba5631d35cdebddb33eeea94ef7a5b8806702d
x-transaction
bd19d15a7cbba4b8
expires
Tue, 31 Mar 1981 05:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://says.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
pixels
bcp.crwdcntrl.net/ Frame 29E1 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=22%2C14%2C12%2C2&b=797747%2C1769168&c=11139
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11139
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1ee8f4cd45f3d34a0ae043ca187b991018cf9691cb54172c469d3e13f77b77dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tags.crwdcntrl.net/

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-type
text/html
content-length
1399
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.15.135
server
Jetty(9.4.38.v20210224)
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/830366072/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830366072/?random=1641174656777&cv=9&fst=1641174656777&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&tiba=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54d6325ee2a4fecf57fc3ec7127d57d195b8ed3f83d3c66a04bc9ea18e623df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1143
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/revasiaberhad-saysmy/trc/3/ 		58 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/revasiaberhad-saysmy/trc/3/json?tim=01%3A50%3A56.805&lti=deflated&data=%7B%22id%22%3A480%2C%22ii%22%3A%22%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1641140260890%2C%22vi%22%3A1641174656804%2C%22cv%22%3A%2220220102-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5057%2C%22qs%22%3A%22%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4701.515625%2C%22mw%22%3A740%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A7%2C%22uim%22%3A%22organic-thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%202nd%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%202nd%22%2C%22cd%22%3A4673.828125%2C%22mw%22%3A370%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%2CBelow%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%202nd%3Dorganic-thumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f00c7a764c71395275be56b063201b32965d6eade6d8c5743a657034e17aea96

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
162
date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
server
nginx
x-timer
S1641174657.823841,VS0,VE162
x-served-by
cache-fra19124-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://says.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 21:34:11 GMT
Server
ECS (frb/67A7)
Age
2093071
Etag
"8e55b85bd8d8e443c9a80691ed34d775+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2438
integrator.js
adservice.google.de/adsid/ 		107 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=says.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=says.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		326 KB
60 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=135705784790940&correlator=1710780774399821&output=ldjh&impl=fifs&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220103&iu_parts=1009103%2CSAYS_desktop_outofpage%2CSAYS_desktop_billboard%2CSAYS_desktop_leaderboard%2CSAYS_halfpage%2CSays_InArticle_Pixel%2CSAYS_desktop_in_article_mrec%2Csays_inskin%2CSays_Web_Interstitial%2CSays_Andbeyond_Pixel&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=1x1%2C970x250%2C728x90%2C300x600%2C1x1%2C300x250%2C1x1%2C1x1%2C1x1&ists=258&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0&cust_params=section%3Dnews%26pos%3Darticle%26environment%3Dproduction%26Brands%3D%26tagsSays%3Dnews%252CCOVID2019%252CCOVID19%252Cvaccines%252Cvaccination%252Chealth%252CLindungDiriLindungSemua%26lotauds%3Dall%252CDS_1327%252Cca_494%26lpanoramaid%3D59b85acb9c48c14d6b1f0b8486d616d53938f321623b54d464890a4f1088efcc&cookie_enabled=1&bc=31&abxe=1&lmt=1641174656&dt=1641174656836&dlt=1641174656212&idt=390&frm=20&biw=1600&bih=1200&oid=2&adxs=1015%2C315%2C241%2C1015%2C230%2C1015%2C0%2C-9%2C1015&adys=654%2C10%2C4263%2C4723%2C4397%2C4723%2C5056%2C-9%2C4674&adks=1585380070%2C3455604261%2C126976903%2C205075962%2C4088274682%2C3035523402%2C1044105006%2C765343895%2C468646908&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x4354%7C1600x250%7C779x129%7C320x285%7C770x386%7C320x285%7C1600x5057%7C0x-1%7C370x3923&msz=370x0%7C970x-1%7C728x-1%7C320x0%7C1x-1%7C320x0%7C1x-1%7C0x-1%7C1x-1&ga_vid=1424539265.1641174657&ga_sid=1641174657&ga_hid=70098026&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C0%2C2%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0%2C0%2C1600&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5%7C-1%7C6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
a6a880736be073fb91fc96f408bd0eadb0a679e84535b1c0835dd4a355916138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,180057,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61049
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1,-2,-1,-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-1,-2,-1,-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://says.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8620 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 03 Jan 2022 01:50:56 GMT
expires
Tue, 03 Jan 2023 01:50:56 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
sffe /
Resource Hash
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12940
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 03 Jan 2022 01:50:56 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1146 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=63952
expires
Mon, 03 Jan 2022 19:36:48 GMT
date
Mon, 03 Jan 2022 01:50:56 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C8F1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 04 Jan 2022 01:50:58 GMT
Date
Mon, 03 Jan 2022 01:50:56 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 20C9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 03 Jan 2022 01:50:56 GMT
Connection
keep-alive
pd
u.openx.net/w/1.0/ Frame FE55 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Mon, 03 Jan 2022 01:50:56 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tr
www.facebook.com/ Frame 29E1 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=169284420317900&ev=LotameAudienceID_830320&noscript=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C14%2C12%2C2&b=797747%2C1769168&c=11139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 03 Jan 2022 01:50:56 GMT
pixel
cm.g.doubleclick.net/ Frame 29E1 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C14%2C12%2C2&b=797747%2C1769168&c=11139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
382416.gif
idsync.rlcdn.com/ Frame 29E1 		42 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=1a3dac1642ccf6b07e14f4f8e9d32b85&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C14%2C12%2C2&b=797747%2C1769168&c=11139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 01:50:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
5907
tags.bluekai.com/site/ Frame 29E1 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=d3a38f4ecb1788963233f6f743dc44dd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C14%2C12%2C2&b=797747%2C1769168&c=11139
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:57 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=166636465/tpid=58118359780705262/ Frame 29E1
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=166636465%2Ftpid%3D%24UID%2Ftp%3DANXS
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D166636465%252Ftpid%253D%2524UID%252Ftp%253DANXS
  • https://sync.crwdcntrl.net/map/c=281/rand=166636465/tpid=58118359780705262/tp=ANXS
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/rand=166636465/tpid=58118359780705262/tp=ANXS
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C14%2C12%2C2&b=797747%2C1769168&c=11139
Protocol
H2
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.17.138
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:56 GMT
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ffea9e52-68d2-4d91-ac03-9f9b2aeb6336
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/rand=166636465/tpid=58118359780705262/tp=ANXS
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://says.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ Frame 29E1 		98 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C14%2C12%2C2&b=797747%2C1769168&c=11139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
l3CAhQ+oVoVHVLAFEyi6K7C1VHzNjUjr29+jHN5/Su+USHnL5LQycvnRfOc3tZrxL4H2Uv/2W/vARGohDNZXLw==
x-frame-options
DENY
date
Mon, 03 Jan 2022 01:50:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/830366072/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/830366072/?random=1641174656777&cv=9&fst=1641171600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&tiba=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&async=1&fmt=3&is_vtc=1&random=3711843241&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/830366072/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/830366072/?random=1641174656777&cv=9&fst=1641171600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&tiba=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&async=1&fmt=3&is_vtc=1&random=3711843241&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Tweet.html
platform.twitter.com/embed/ Frame 20B0 		487 B
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
7e99cae469202590f2a4c1afb6fb984d8a842cabebc849559c3659e1c93bd5f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
1297
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Mon, 03 Jan 2022 01:50:56 GMT
Etag
"b5afbf73ee4d1579f3fb2f618f6accc7"
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
PugMaster
image6.pubmatic.com/AdServer/ Frame 1146 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77894213&p=121793&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
444ec93a8e238a11757a5339a337c7766b716ea3837b706f6de08574f6e260c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:55 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
1394602727253794
connect.facebook.net/signals/config/ Frame 29E1 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1394602727253794?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ee5c52e7f3e4ade63370d2962b8860f64c8c85c359415a3e287f5451a4b8d84
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
mal4C/mYeZ1wh1lDDeI981CVg4vHH+Lw8A64qM5EKzsVWoXqcdspV+3O0wBPPFCUmzauF450HP3RXZfAkZs4Pg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 03 Jan 2022 01:50:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
clarity.js
f.clarity.ms/s/0.6.31/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/s/0.6.31/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9zgdxuyjho
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-encoding
br
etag
"1d7ffcbff747e00"
last-modified
Sun, 02 Jan 2022 11:29:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
22925
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=8C6629647E6E489885CE83EF8FDF7A3B&RedC=c.clarity.ms&MXFR=27BED3394602693C1C70C21842026717
  • https://c.clarity.ms/c.gif?CtsSyncId=8C6629647E6E489885CE83EF8FDF7A3B&MUID=3938795AD3FB6F5510B6687BD2906E79
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=8C6629647E6E489885CE83EF8FDF7A3B&MUID=3938795AD3FB6F5510B6687BD2906E79
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f95a3e4769d2d71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9784F58D7F6746F99C0FEA688A642628 Ref B: FRAEDGE1419 Ref C: 2022-01-03T01:50:57Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=8C6629647E6E489885CE83EF8FDF7A3B&MUID=3938795AD3FB6F5510B6687BD2906E79
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
embed.runtime.54a58eb5540918258367.js
platform.twitter.com/embed/ Frame 20B0 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
12c748318ff42d318458ecde073d66441c47dfa28d941be5f42694fc4e02a0ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/67A7)
Age
2093071
Etag
"c5272c96b4a5d0323eb55dac2cf6003d+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3522
embed.modules.66e311263622456867b1.js
platform.twitter.com/embed/ Frame 20B0 		519 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/669E)
Age
2093070
Etag
"d2a7d4d81994376470f2560f453ad37b+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
166772
embed.i18n.c052951fae9a0c2b4020.js
platform.twitter.com/embed/ Frame 20B0 		146 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:56 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/6738)
Age
2093071
Etag
"ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.7441fbde60739a79657a.js
platform.twitter.com/embed/ Frame 20B0 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.7441fbde60739a79657a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
ac0b312f9cb9d890f38d50965cac80da09e0157a74877d144cf9db089963e1ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/6723)
Age
2093071
Etag
"882fc55e2cbdd922fdb9289839725a36+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5739
usermatch
ssum-sec.casalemedia.com/ Frame AA2C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ebddd073681775500ee333591ffecb89aa1c4ce489892c5844616035a290a99f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|13|191|88|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1851
Expires
Mon, 03 Jan 2022 01:50:56 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:56 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
331
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 03 Jan 2022 01:50:56 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:56 GMT
Connection
keep-alive
async_usersync
ib.adnxs.com/ Frame C8F1 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:56 GMT
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5f3a4b8d-e61d-40b8-b9ee-b7b4d9f81a3c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pmk-202002191.4.js
widget.perfectmarket.com/revasiaberhad-saysmy/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/revasiaberhad-saysmy/pmk-202002191.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/revasiaberhad-saysmy/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc4b0c0e3f6bef7a65aed715e26ccbbb24f99a9730485c56d61c63c4dba00918

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
yuLPZ2whkpUPf6ItPHGvFNOkVO6R346r
content-encoding
gzip
etag
"f974acdc6ebcc31b6fd1434e5c831123"
age
4631416
x-cache
HIT, HIT
content-length
30922
x-amz-id-2
wdQYrYxv1EEVjEktxhsaZDdzyZg7jhOrxbGe/VrO/06MBz6j8tvw8rnP2gLauTu4Qdw8FH0yFxg=
x-served-by
cache-lax10683-LGB, cache-fra19140-FRA
last-modified
Tue, 17 Mar 2020 06:36:23 GMT
server
AmazonS3
x-timer
S1641174657.953240,VS0,VE1
date
Mon, 03 Jan 2022 01:50:56 GMT
vary
Accept-Encoding,,
x-amz-request-id
30BRPKV7P9ZMZFVW
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=70098026&t=pageview&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&ul=en-us&de=UTF-8&dt=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACAABhAQCAC~&jid=1782502398&gjid=1113676748&cid=1424539265.1641174657&tid=UA-27970811-1&_gid=1181177475.1641174657&_r=1&gtm=2wgc105WNLRMX&cd1=May%20Vin%20Ang&cd3=n%2Fa&cd5=news&cd6=news%2C%20COVID2019%2C%20COVID19%2C%20vaccines%2C%20vaccination%2C%20health%2C%20LindungDiriLindungSemua&z=571383621
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
platform.twitter.com/embed/ Frame 20B0 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/6725)
Age
2093072
Etag
"243d823d043564092099acd4323c5b02+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
9316
embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js
platform.twitter.com/embed/ Frame 20B0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
015fe53a47903430d7d5cdeea266d92571be3e535ed9321bf1db9ea2c6363746

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/674D)
Age
2093072
Etag
"03f1f219cd32073181398d1f998ecb57+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1733
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
n7qu5_m2oY3yYk8zx0ISQgopnHkiUO7s
content-encoding
gzip
etag
"103abcd7af0ff73c2bca84d874ada0e2"
age
9435
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6020
x-amz-id-2
71B8G0Uax0wDIJO4xcLj8YIF/2vsmk7zh5v4nWeKP/OYb9ehdDQyAMx0pou0VcyI8yHAZWViuDc=
x-served-by
cache-fra19124-FRA
last-modified
Tue, 30 Nov 2021 12:15:08 GMT
server
AmazonS3
x-timer
S1641174657.039577,VS0,VE0
date
Mon, 03 Jan 2022 01:50:57 GMT
vary
Accept-Encoding
x-amz-request-id
DM4WHH1JXZDNRM0N
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
41
x-cache-hits
11189
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
939 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
8oi59FmV5lZnBSZug04yEHoBr2VIEPOj
content-encoding
gzip
etag
"44e0fb48ae5c8af459ee8102bcc39ee7"
age
9435
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
702
x-amz-id-2
iFVFvmeQKInSRvPmOMjpx9e796JdpMASKTQROUtwOnMuFvcFjIkVcAu3KiHnksQkCefA05OClWw=
x-served-by
cache-fra19124-FRA
last-modified
Tue, 30 Nov 2021 12:15:07 GMT
server
AmazonS3
x-timer
S1641174657.039712,VS0,VE0
date
Mon, 03 Jan 2022 01:50:57 GMT
vary
Accept-Encoding
x-amz-request-id
DM4NG7BXNQAFRQKD
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
41
x-cache-hits
11210
tfa-eid.20220102-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20220102-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37645426ce26dbf2364457c3cd3c9d234bbf7f2c7d19f5fb6ccd65cc07742eba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
gR1KvssBEyrESJJRjTtHxBbIPfYEIqSd
content-encoding
gzip
etag
"85d5935837d5cf3b66cccae931d182af"
age
62
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5061
x-amz-id-2
3xvd7u+YCYYi1KtmbvY3aaz/BFBMa/ZWVMHROadZGb+ID5mgvEM2nFrJVxqeSFdqwX/ZhcFvj04=
x-served-by
cache-fra19124-FRA
last-modified
Sun, 02 Jan 2022 16:02:09 GMT
server
AmazonS3
x-timer
S1641174657.039808,VS0,VE0
date
Mon, 03 Jan 2022 01:50:57 GMT
vary
Accept-Encoding
x-amz-request-id
RC0FGMHF81FGA7AC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
41
x-cache-hits
33
sha256.20220102-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20220102-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cefbe6376bcc1d6a4c20a11ebf4b11385df48ccf116d648f37ebb2c297df3662

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
qzSS1lkHbjaGLWuoCpC33z3zKE3CNddo
content-encoding
gzip
etag
"91e3779508a28c365e84a2060a821b36"
age
63
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2590
x-amz-id-2
fke8dYJDFKudhcLc6kKbQRgOADLalTnzV7DdCgVuFuIe6rYp5w24kTgFqeRtEdvQ2pQurPm+oRQ=
x-served-by
cache-fra19124-FRA
last-modified
Sun, 02 Jan 2022 16:02:59 GMT
server
AmazonS3
x-timer
S1641174657.039880,VS0,VE0
date
Mon, 03 Jan 2022 01:50:57 GMT
vary
Accept-Encoding
x-amz-request-id
TMG0WA1E44G6P9DC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
41
x-cache-hits
228
tb
15.taboola.com/ 		38 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=revasiaberhad-saysmy&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&encoded=1&uid=24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00&variant=-100|4439&callback=TRC.videoTagCallbacks.videoCallback1&cb=1641174657037&tagid=&cntry=DE&platform=1&sesid=7b7de1f733aa7ba0faaf16a73c6c6974&itemid=/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&viewid=1641174656804&geolat=&geoing=&deviceifa=&appid=&sd=v2_7b7de1f733aa7ba0faaf16a73c6c6974_24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00_1641174656_1641174656_CNawjgYQu6lAGKTOh-3hLyABKAEwODib4wlAgooQSJ3d3ANQpewQWABgAGiApKeijMutlDNwAA&ri=ba2f523cde38dcc6cccf774258e2af14&appname=&cdb=&gdprApplies=true&rid=&sii=-5654443439451644298&oee=true&tpubid=1053883&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1053519&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
97ea3913d28a8053138d1e6219d984cf0a1da9fb289a949179040c653af5f5f7

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
gzip
access-control-allow-origin
https://says.com
machineid
1444
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra19124-FRA
pragma
no-cache
server
nginx
x-timer
S1641174657.047164,VS0,VE17
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20220102-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220102-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdb6e28d07790c2fa5a06cf5640d4f2a3fd613b22e25b47e9b6eb68574952f1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
LlgFGWrTSDzsJsMWNDGm.pCtSRabUylz
content-encoding
gzip
etag
"163bd8b564df9b26bb899b571cc56f3e"
age
61
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1262
x-amz-id-2
/VUNINfOKWp8bdePt63zEyiR9cSi94SiTTQz65yPxt9UEEZA4GbsvGCPE7cgVqM34CcE6YaK8Y4=
x-served-by
cache-fra19124-FRA
last-modified
Sun, 02 Jan 2022 16:04:00 GMT
server
AmazonS3
x-timer
S1641174657.047216,VS0,VE0
date
Mon, 03 Jan 2022 01:50:57 GMT
vary
Accept-Encoding
x-amz-request-id
RC05E2XZJHH6A27P
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
41
x-cache-hits
23
userx.20220102-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220102-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b75ae2742b6579d5d553cc2081905f0c94aba89454171643378bbbd3556f45a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
ELrSB4IkeJipdnRCndtHNDSXhZ5gWZaG
content-encoding
gzip
etag
"c6a8f4ee9d90712d042c7998fbe8b23e"
age
40
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5411
x-amz-id-2
6XWCx6Aze7BL0/rdvqlO6a17ReRsn+XPEQh89HDrAr8rUKarL28Gb+K7uqfsCrPb7fCJtF/VMU8=
x-served-by
cache-fra19124-FRA
last-modified
Sun, 02 Jan 2022 16:01:55 GMT
server
AmazonS3
x-timer
S1641174657.055021,VS0,VE0
date
Mon, 03 Jan 2022 01:50:57 GMT
vary
Accept-Encoding
x-amz-request-id
5NBJ1PSEFDZ7Q5V7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
41
x-cache-hits
5
explore-more.20220102-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20220102-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fad67b84e430714025aeeb2827aadb769bc6c36ce2818d7e5540fb6be1be063

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
GTyReiMwFBH9u2OC.5LWwO.Ji0jdOFuR
content-encoding
gzip
etag
"cbf6ca6c1afd7f2b76b11dd99fe5c6ce"
age
52
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4480
x-amz-id-2
QBpLJrVg4+qpatMdy3297drrJ/q88vwqs7FQaJCZKtbR4/81Lb3QL+ZOcky3NyQGvdlJ/IaXcpg=
x-served-by
cache-fra19124-FRA
last-modified
Sun, 02 Jan 2022 16:04:10 GMT
server
AmazonS3
x-timer
S1641174657.059273,VS0,VE0
date
Mon, 03 Jan 2022 01:50:57 GMT
vary
Accept-Encoding
x-amz-request-id
DTYX5WYBES9NVKY9
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
41
x-cache-hits
6
debug
am-trc-events.taboola.com/revasiaberhad-saysmy/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/revasiaberhad-saysmy/log/2/debug?tim=01%3A50%3A57.041&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=8940&cv=20220102-8-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
7855
debug
am-trc-events.taboola.com/revasiaberhad-saysmy/log/2/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/revasiaberhad-saysmy/log/2/debug?tim=01%3A50%3A57.042&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=341&cv=20220102-8-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
7855
collect
stats.g.doubleclick.net/j/ 		2 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27970811-1&cid=1424539265.1641174657&jid=1782502398&gjid=1113676748&_gid=1181177475.1641174657&_u=YChACAAAhAQCAC~&z=1794857092
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 03 Jan 2022 01:50:57 GMT
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/revasiaberhad-saysmy/pmk-202002191.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 04:15:36 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
156853
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
NZtt6v9KdvWFOP81bUfkfIJ3f5aVAFLLUG5ZcOiIbWOIUTNwiEkfkw==
/
www.facebook.com/tr/ Frame 29E1 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1394602727253794&ev=PageView&dl=https%3A%2F%2Fbcp.crwdcntrl.net%2Fpixels%3Fs%3D22%252C14%252C12%252C2%26b%3D797747%252C1769168%26c%3D11139&rl=https%3A%2F%2Ftags.crwdcntrl.net%2F&if=true&ts=1641174657111&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&it=1641174656911&coo=false&exp=p1&rqm=GET
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C14%2C12%2C2&b=797747%2C1769168&c=11139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 03 Jan 2022 01:50:57 GMT
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
108
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
4qgxfZFmFJrsHxbWsRaKcT9wYgjMICaV8OEv1kv2dZlmiYeGN4OEv3bO4hfDSGSCfBT+SgmfUGM=
x-served-by
cache-fra19124-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1641174657.127494,VS0,VE0
date
Mon, 03 Jan 2022 01:50:57 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
DM4NAP34QYDFFT7D
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
41
x-cache-hits
1805
social
am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/social?route=AM:AM:V&lti=deflated&ri=d56363b6e0d13ea88ddac1b0390b8a5d&sd=v2_7b7de1f733aa7ba0faaf16a73c6c6974_24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00_1641174656_1641174656_CNawjgYQu6lAGKTOh-3hLyABKAEwODib4wlAgooQSJ3d3ANQpewQWABgAGiApKeijMutlDNwAA&ui=24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00&pi=/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&wi=-5654443439451644298&pt=text&vi=1641174656804&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley%22%2C%22sec%22%3A%22news%22%2C%22aut%22%3A%5B%22May%20Vin%20Ang%22%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.says.com%2Fuploads%2Fstory%2Fcover_image%2F52918%2Fthumb_0093.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=01%3A50%3A57.150&id=7803&llvl=2&cv=20220102-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc.taboola.com/revasiaberhad-saysmy/log/3/ 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/revasiaberhad-saysmy/log/3/abtests?route=AM:AM:V&lti=deflated&ri=d56363b6e0d13ea88ddac1b0390b8a5d&sd=v2_7b7de1f733aa7ba0faaf16a73c6c6974_24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00_1641174656_1641174656_CNawjgYQu6lAGKTOh-3hLyABKAEwODib4wlAgooQSJ3d3ANQpewQWABgAGiApKeijMutlDNwAA&ui=24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00&pi=/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&wi=-5654443439451644298&pt=text&vi=1641174656804&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1641174657158%7D&tim=01%3A50%3A57.158&id=5771&llvl=2&cv=20220102-8-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1641174657.167032,VS0,VE9
x-served-by
cache-fra19124-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
thumb_9d74.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/49466/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/49466/thumb_9d74.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f7f8c3195855a7274e63859fb891cfd09189e45beb039b368ef775a35c76db1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2009314
edge-cache-tag
428492463835370505810123470966193071984,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
cache-tag
428492463835370505810123470966193071984,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
215
expiration
expiry-date="Thu, 16 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/49466/thumb_9d74.jpg
content-length
15732
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 15 Nov 2021 14:00:58 GMT
server
nginx
x-timer
S1641174657.174808,VS0,VE1
etag
"ee8488d662e603d1dd009866d4a2a3bb"
x-served-by
cache-bwi5072-BWI, cache-dca17779-DCA, cache-iad-kcgs7200058-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1
tbp
15.taboola.com/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8eb5cfee6b650194cf3aa8c09fc392d34def3ba5432eaefa747cf1fbae2678f2

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
gzip
access-control-allow-origin
https://says.com
machineid
1416
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19124-FRA
pragma
no-cache
server
nginx
x-timer
S1641174657.174668,VS0,VE21
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
ee77167c72fc4e07f262fc4f32da1e47.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b10f883def52bf750108380619e4a877f34377cb8867d845d97b6d002259091

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
3161878
edge-cache-tag
302167877995139201708585044388758779315,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
193
expiration
expiry-date="Sat, 25 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
content-length
18342
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Wed, 24 Nov 2021 07:57:19 GMT
server
nginx
x-timer
S1641174657.174919,VS0,VE1
etag
"b00fef9db18530af42f01142823d326f"
x-served-by
cache-dca17728-DCA, cache-dca17724-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
9849f42f5d0cff1b8ff926be612aaf59.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9849f42f5d0cff1b8ff926be612aaf59.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b384f27b35cea173a8b0348f80866e244a8c943cbae4fa25be4fe5b587b7aef0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
2964350
edge-cache-tag
298498529031107023614999209583821854980,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
444
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9849f42f5d0cff1b8ff926be612aaf59.png
content-length
15670
x-request-id
339f31e0b05bf9ffbf4349bfe6154bc9
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 25 Nov 2021 17:21:35 GMT
server
nginx
x-timer
S1641174657.175043,VS0,VE0
etag
"182e4e9732e2e59d02c0618a571e26f3"
x-served-by
cache-bwi5029-BWI, cache-dca17738-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 9
828ebc8dd401dbd4a4acd2b828d0b786.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/828ebc8dd401dbd4a4acd2b828d0b786.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1dda90b6dceede532557409907964cd275e73aba22fed2e522534eb22ceed692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
2819690
edge-cache-tag
472504287797661571925283538128896346688,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
181
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/828ebc8dd401dbd4a4acd2b828d0b786.jpg
content-length
107368
x-request-id
7afefc7c91b066c0eb9925b35077adbe
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 15 Nov 2021 13:55:26 GMT
server
nginx
x-timer
S1641174657.175130,VS0,VE2
etag
"e140a8677fcbb5cb57912c6ba08cfb51"
x-served-by
cache-bwi5076-BWI, cache-dca12924-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
34ae3d8438b9f0684092dd84dd25fdb9.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55ff52a61ccee4bb9f0e3ac8b02354ae6dfa23c7af78b83a5d373a599a22003d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
4396677
edge-cache-tag
501898018763052567145069362010418137997,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
218
expiration
expiry-date="Sat, 11 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
content-length
46000
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Wed, 10 Nov 2021 14:53:09 GMT
server
nginx
x-timer
S1641174657.175263,VS0,VE0
etag
"af69eeac42194c97f454a4f865cf1de2"
x-served-by
cache-bwi5020-BWI, cache-dca17748-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
048fd36120d18bd1d92b769ed2292187.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/048fd36120d18bd1d92b769ed2292187.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
53109bce55f07f198fc8da502de83e354222a3b18de7b4eb3d21d796d0409bbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
1064995
edge-cache-tag
591291266347235654803555474418376641022,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag
591291266347235654803555474418376641022,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/048fd36120d18bd1d92b769ed2292187.jpg
content-length
14070
x-request-id
392517b2d5c9eea2bc33485fe0c14192
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 17 Dec 2021 11:22:28 GMT
server
nginx
x-timer
S1641174657.175356,VS0,VE1
etag
"adc51c6726e6211abfa936ea06427e5f"
x-served-by
cache-bwi5078-BWI, cache-iad-kjyo7100143-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
tbp
15.taboola.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d996e3708d96f895004f2c79de855fd6dc7f547995e0cc189e342f7d9ee753d2

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
gzip
access-control-allow-origin
https://says.com
machineid
1484
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19124-FRA
pragma
no-cache
server
nginx
x-timer
S1641174657.175489,VS0,VE22
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
5621182aa2da79674ae2e75f7fbbaceb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f28a8892351db10165e0cf02f2de82aff11b77be08aeed016c54c1548a353f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
2305465
edge-cache-tag
450265650731705506805175281380931797211,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
cache-tag
450265650731705506805175281380931797211,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
137
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
content-length
103256
x-request-id
7f19cf0a29f3aed9bbc1623f06da0185
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 16 Nov 2021 05:31:40 GMT
server
nginx
x-timer
S1641174657.197991,VS0,VE0
etag
"71d565750a0c59061a42f63bd9ecb219"
x-served-by
cache-bwi5051-BWI, cache-dca17760-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
thumb_9d74.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/49466/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/49466/thumb_9d74.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
890fdead0d4a43bbf51f0fb239fd171a7b2fc0755894ab0939bf6eb1b8124504

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
1896323
edge-cache-tag
428492463835370505810123470966193071984,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
428492463835370505810123470966193071984,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
147
expiration
expiry-date="Sat, 18 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/49466/thumb_9d74.jpg
content-length
20896
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 17 Nov 2021 06:43:13 GMT
server
nginx
x-timer
S1641174657.198123,VS0,VE94
etag
"05b581cbac6d34be344b7f5be9900e58"
x-served-by
cache-bwi5054-BWI, cache-iad-kiad7000168-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
4847.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/38339/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/38339/4847.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4115aac8457d766b62d8088e6986923b4240ca353ad95df2fa7bb9aa7205786a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
449
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
508679362993094448618857234361897202621,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
508679362993094448618857234361897202621,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
288
expiration
expiry-date="Tue, 25 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/38339/4847.jpg
content-length
39104
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sat, 25 Dec 2021 05:26:42 GMT
server
nginx
x-timer
S1641174657.198245,VS0,VE449
etag
"aa6c1583068cf3eda5ffeb9673c66a99"
x-served-by
cache-dca17721-DCA, cache-iad-kiad7000063-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
86ef.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.says.com/uploads/story/cover_image/24806/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.says.com/uploads/story/cover_image/24806/86ef.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
abc828b99fe65a9124353357dcd230f580cc3f4fa0f4ff726f4685aacd6d9cdd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
92
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
1857823
edge-cache-tag
554184590640722580048979373985515526478,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
554184590640722580048979373985515526478,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
288
expiration
expiry-date="Mon, 13 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.says.com/uploads/story/cover_image/24806/86ef.png
content-length
44720
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 12 Nov 2021 15:28:47 GMT
server
nginx
x-timer
S1641174657.198395,VS0,VE92
etag
"6d1a87d163d48d86d79ac010fd59421a"
x-served-by
cache-wdc5537-WDC, cache-iad-kiad7000110-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
728e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/30984/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/30984/728e.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e107da344b7bd9cdaf6af59e979e6e395ffc1a1490dde708a9439617e6d74d19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
1478113
edge-cache-tag
590548253064732441853141421995030221657,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
590548253064732441853141421995030221657,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-envoy-upstream-service-time
139
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/30984/728e.jpg
content-length
19768
x-request-id
2b1abc8cd0edc2048f235a81ffab75c0
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 03 Dec 2021 00:58:45 GMT
server
nginx
x-timer
S1641174657.203673,VS0,VE94
etag
"71d0ddaa7858747d3c3178429a054b71"
x-served-by
cache-bwi5073-BWI, cache-iad-kjyo7100103-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
thumb_e34f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/52569/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/52569/thumb_e34f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bd67cfc8e241cdc14e07ec312481b8140267c9ddad0084319782bf5a9407ada3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
95
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
1650565
edge-cache-tag
577735416215422804595138345004021175920,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
cache-tag
577735416215422804595138345004021175920,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
132
expiration
expiry-date="Thu, 06 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/52569/thumb_e34f.jpg
content-length
29830
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Mon, 06 Dec 2021 11:23:31 GMT
server
nginx
x-timer
S1641174657.211020,VS0,VE95
etag
"7e4f140d0547469d7844c8cf677a3e61"
x-served-by
cache-bwi5056-BWI, cache-iad-kcgs7200039-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
812b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/40409/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/40409/812b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe2bf0b9062d7db793ceabebaa2d43c057781baeecd3087259dbc90f498a5a18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1242
date
Mon, 03 Jan 2022 01:50:58 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2714281
edge-cache-tag
401641980342738829060736373859381018173,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
62
expiration
expiry-date="Mon, 20 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/40409/812b.png
content-length
21380
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 19 Nov 2021 01:25:23 GMT
server
nginx
x-timer
S1641174657.219120,VS0,VE1242
etag
"67143eab80ae870216b33023f5e19b09"
x-served-by
cache-wdc5536-WDC, cache-dca17761-DCA, cache-iad-kcgs7200097-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 0
a8a0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44012/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44012/a8a0.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6af528723378d8817f596b467061a2689f2cba6063b8d778959f17f8cf266c12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
235
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
860007
edge-cache-tag
342952398992760289663769883933100141453,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag
342952398992760289663769883933100141453,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
74
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44012/a8a0.jpg
content-length
13486
x-request-id
e0dd0cf0133c661ddc40d3278c1871e0
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 23 Dec 2021 09:14:55 GMT
server
nginx
x-timer
S1641174657.306996,VS0,VE235
etag
"d823daa37811e760f3a434c5b8049880"
x-served-by
cache-bwi5020-BWI, cache-iad-kcgs7200038-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
a1e7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/33539/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/33539/a1e7.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b66dac769ca65569588193995405f8bd1cd28cbaaa44020725a3de793a72bd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2753584
edge-cache-tag
501622839300969337936396410483852362348,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
116
expiration
expiry-date="Mon, 06 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/33539/a1e7.png
content-length
21370
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 05 Nov 2021 06:20:22 GMT
server
nginx
x-timer
S1641174657.309542,VS0,VE1
etag
"c55b1272c4a58226cb11e17973a9955e"
x-served-by
cache-bwi5022-BWI, cache-dca17737-DCA, cache-iad-kjyo7100101-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 1
tbp
15.taboola.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a4b9dab5ee3c958db3b3246d418b62bdba57d8080d502be8f4f1d8a6eebcd202

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
gzip
access-control-allow-origin
https://says.com
machineid
1424
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19124-FRA
pragma
no-cache
server
nginx
x-timer
S1641174657.177403,VS0,VE22
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
ee77167c72fc4e07f262fc4f32da1e47.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b3ff6be3b5ab2d387f0233bb726a0d809570a565ca0e64a42a16a93d23b4b27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2456034
edge-cache-tag
302167877995139201708585044388758779315,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
119
expiration
expiry-date="Wed, 29 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
content-length
39782
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 28 Nov 2021 20:08:17 GMT
server
nginx
x-timer
S1641174657.312243,VS0,VE1
etag
"30c7e55c7267d5dbee062e0fc35d6bf1"
x-served-by
cache-bwi5076-BWI, cache-dca17728-DCA, cache-iad-kjyo7100137-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 1
9849f42f5d0cff1b8ff926be612aaf59.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9849f42f5d0cff1b8ff926be612aaf59.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
53ecf00a5c44a03ded9505807d176e27a50457949e6f2474576a170638e7a1f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
2969126
edge-cache-tag
298498529031107023614999209583821854980,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
722
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9849f42f5d0cff1b8ff926be612aaf59.png
content-length
49808
x-request-id
b302bbe7dc71aedd622037ccee2f925a
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Thu, 25 Nov 2021 17:21:35 GMT
server
nginx
x-timer
S1641174657.318362,VS0,VE1
etag
"2ba435b0be84c243247137ba41ccaa93"
x-served-by
cache-wdc5522-WDC, cache-dca12922-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
thumb_773e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44868/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44868/thumb_773e.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
522cff3b503d4b7d21cd86390d5b5aaf28899e5d3ff402692a73ee540915466f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3851535
edge-cache-tag
591611603564228897425165592405776556450,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
312
x-cache
MISS, HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44868/thumb_773e.jpg
content-length
15392
x-request-id
409987f55364c4ba7bae5b4ba1de5a85
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Wed, 03 Nov 2021 18:28:29 GMT
server
nginx
x-timer
S1641174657.320329,VS0,VE93
etag
"adab2124b093761de658d3f45d4b8af7"
x-served-by
cache-bwi5029-BWI, cache-dca17750-DCA, cache-iad-kjyo7100025-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0
d4ee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/39983/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/39983/d4ee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f742542c34e26a16a911560e8326a6227abf65aa377d1bc11422b36309a6c077

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
676
date
Mon, 03 Jan 2022 01:50:58 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2590170
edge-cache-tag
298220090636841280852909439708384890032,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
92
x-cache
HIT, HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/39983/d4ee.jpg
content-length
13438
x-request-id
ece656041f2f4713b8a48fd0f9cec339
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Fri, 03 Dec 2021 00:03:21 GMT
server
nginx
x-timer
S1641174657.327714,VS0,VE676
etag
"833444f9b2e135a65627c835060ce79e"
x-served-by
cache-wdc5557-WDC, cache-dca17732-DCA, cache-iad-kcgs7200110-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 0
828ebc8dd401dbd4a4acd2b828d0b786.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/828ebc8dd401dbd4a4acd2b828d0b786.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22483f55f29bb80fcd2640f8ce075b6e79b1748a24be7b87668ead1cc6b96203

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
3901158
edge-cache-tag
472504287797661571925283538128896346688,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
142
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/828ebc8dd401dbd4a4acd2b828d0b786.jpg
content-length
29180
x-request-id
2328c27ff444af1c84436120598890af
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 15 Nov 2021 13:55:26 GMT
server
nginx
x-timer
S1641174657.337298,VS0,VE1
etag
"9dbf6d2bfe43bcf0f7ccf18ae1e47fed"
x-served-by
cache-wdc5551-WDC, cache-dca17744-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
tbp
15.taboola.com/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback4
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d172b99cca17cf1620d081c472b17a2d9cd3f234c7faf352ba444807a1d9b026

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
gzip
access-control-allow-origin
https://says.com
machineid
1424
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19124-FRA
pragma
no-cache
server
nginx
x-timer
S1641174657.178120,VS0,VE21
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
5621182aa2da79674ae2e75f7fbbaceb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c682215efcdbc5ee282a13d340b533f0699770d50ad9c526608183f561602f93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
2798043
edge-cache-tag
450265650731705506805175281380931797211,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
77
expiration
expiry-date="Sun, 12 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
content-length
38180
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 11 Nov 2021 12:50:45 GMT
server
nginx
x-timer
S1641174657.352211,VS0,VE0
etag
"ee562438ba3e2e7c020ab22cd7bc2043"
x-served-by
cache-wdc5572-WDC, cache-dca17765-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
6f6d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/36970/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/36970/6f6d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45656c1bf226209801446005c2055eaf3ec4e64c25ab34b4aa6748b5dd0ce742

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
97
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2012344
edge-cache-tag
579301135759531380185555377906202804406,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
579301135759531380185555377906202804406,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
240
expiration
expiry-date="Wed, 22 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/36970/6f6d.png
content-length
21274
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Sun, 21 Nov 2021 21:14:14 GMT
server
nginx
x-timer
S1641174657.362848,VS0,VE97
etag
"1e6f0381d381ae615cf73c514072ab25"
x-served-by
cache-bwi5036-BWI, cache-dca17776-DCA, cache-iad-kjyo7100119-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0
c4c8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/33954/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/33954/c4c8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
78030d1a8fa7efb4f8ca770b673f4a84954574ee9735ef901b619dab534ed521

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2238986
edge-cache-tag
587032790217531614018647788438252123465,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
587032790217531614018647788438252123465,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
173
expiration
expiry-date="Sat, 25 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/33954/c4c8.jpg
content-length
39556
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 24 Nov 2021 05:11:25 GMT
server
nginx
x-timer
S1641174657.423115,VS0,VE1
etag
"23dd14eb97abdd804b4686638c3f54a5"
x-served-by
cache-bwi5024-BWI, cache-dca17752-DCA, cache-iad-kiad7000095-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1
Draggable.js
cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/Draggable.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf85037fd1f04c4684ed0357cf80a71a3c4aa19049bfccdaec678b4b18dc8e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/Draggable.js
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
br
etag
W/"7553-dYWEgV2hNUKDhK4RO4C1kpAmsIU"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642014
strict-transport-security
max-age=63072000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-imports
../unoptimized/utils/matrix.js
x-vercel-id
fra1::sfo1::5kcqf-1640532643868-469d9516107c
x-vercel-cache
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNkYAX4I%2FGp5Knh%2F4RzjBKwHJnwzFbSOh0Jf5gxCVUNZE37I508bRYZkjzAPM41QvMU5cNBMWPwDzKzQBiWvHDDhWJc2E0ytz%2BsOUQZW407WuEoZjCdKyibHQY5HM4yysQ0PdQ%2FcaJAEOVBGsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, X-Imports
cache-control
public, max-age=31536000, immutable
cf-ray
6c7894475feb4309-FRA
matrix.js
cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/utils/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.skypack.dev/-/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/dist=es2020,mode=imports,min/unoptimized/utils/matrix.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc156f774f770c9969f60f278f977ce3a561b5927bf0acb682f4834e1729c3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cdn.skypack.dev/pin/gsap@v3.7.1-oqmeGbnx72naX9MRGwFV/mode=imports,min/unoptimized/Draggable.js
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
br
etag
W/"1376-T/OrTzcg3vkKhdJZmnBcCh1Vf3g"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642014
strict-transport-security
max-age=63072000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-vercel-id
fra1::sfo1::ddmqw-1640532643865-560a510a24bf
x-vercel-cache
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4KweKqYi0gdL4RGKxXAaslBcb2xSFq%2FBT1CaYO87va0ASGGy9YJn8VWrQEXoY6TNw5CYVtJcea7bNC2Qh6xOeR4%2B%2BF6%2BY246mHFJh9Ir7yd6U1wwdmxT6TvAl13o%2FQ3hRvcmRmqv6d5fyeTbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, X-Imports
cache-control
public, max-age=31536000, immutable
cf-ray
6c7894475fee4309-FRA
match
c1.adform.net/serving/cookie/ Frame 3799
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=118016C3-32FE-4D31-9E24-716BFDCF41AC
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=118016C3-32FE-4D31-9E24-716BFDCF41AC
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=118016C3-32FE-4D31-9E24-716BFDCF41AC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 03 Jan 2022 01:50:57 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 03 Jan 2022 01:50:57 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=118016C3-32FE-4D31-9E24-716BFDCF41AC
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame DDA7
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5518196809362772532
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5518196809362772532
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 03 Jan 2022 01:50:56 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug005:0:423
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5518196809362772532
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 53B7 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 03 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
395503
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame B84E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7048791478841702549
42 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7048791478841702549
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 03 Jan 2022 01:50:57 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug003:0:492
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 03 Jan 2022 01:50:57 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7048791478841702549
Pug
simage2.pubmatic.com/AdServer/ Frame 3243
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdJWgQACrDaoqwAF&gdpr=0&gdpr_consent=&_test=YdJWgQACrDaoqwAF
1 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdJWgQACrDaoqwAF&gdpr=0&gdpr_consent=&_test=YdJWgQACrDaoqwAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 03 Jan 2022 01:50:57 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug016:0:441
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdJWgQACrDaoqwAF&gdpr=0&gdpr_consent=&_test=YdJWgQACrDaoqwAF
accept-ranges
bytes
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish
x-served-by
cache-fra19138-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1641174657.406140,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 81A2
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 03 Jan 2022 01:50:57 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug005:2:307
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Mon, 03 Jan 2022 01:50:57 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame E25F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CjHmtK5yRKZKhs4jabh-C1vHdkg
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CjHmtK5yRKZKhs4jabh-C1vHdkg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 03 Jan 2022 01:50:57 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug021:0:437
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Mon, 03 Jan 2022 01:50:57 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CjHmtK5yRKZKhs4jabh-C1vHdkg
Content-Length
159
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1146
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EYAWwzL-TTGeJHFr_c9BrA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=25076
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Mon, 03 Jan 2022 08:48:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=95fa61d2-5681-4400-a0ba-0be3a8a45902
0
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=95fa61d2-5681-4400-a0ba-0be3a8a45902
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 00:22:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 03 Jan 2022 01:50:57 GMT
Server
MT3 4133 baa842e master zrh-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=95fa61d2-5681-4400-a0ba-0be3a8a45902
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 03 Jan 2022 01:50:56 GMT
/
pixel.onaudience.com/ Frame 1146
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=118016C3-32FE-4D31-9E24-716BFDCF41AC
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=e8670499-52a2-4208-8129-cce31db99c55&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=1a3dac1642ccf6b07e14f4f8e9d32b85
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0159e0925a81f04a556541d094630e6d
35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0159e0925a81f04a556541d094630e6d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Server
51.222.80.231 , Canada, ASN16276 (OVH, FR),
Reverse DNS
pikafka-4.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Mon, 03 Jan 2022 01:50:58 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0159e0925a81f04a556541d094630e6d
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTE4MDE2QzMtMzJGRS00RDMxLTlFMjQtNzE2QkZEQ0Y0MUFD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECv5wFuJxeFupTYtHoJgOUM&google_cver=1
42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECv5wFuJxeFupTYtHoJgOUM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:403
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECv5wFuJxeFupTYtHoJgOUM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1146 		43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 02 Jan 2022 01:50:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:656061d2-5681-4100-8a29-56cf4c73c31f&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:656061d2-5681-4100-8a29-56cf4c73c31f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:601
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 03 Jan 2022 01:50:57 GMT
Server
MT3 4133 baa842e master zrh-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:656061d2-5681-4100-8a29-56cf4c73c31f&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 03 Jan 2022 01:50:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=537624061829043149
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=537624061829043149
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:370
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=537624061829043149
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8670499-52a2-4208-8129-cce31db99c55
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8670499-52a2-4208-8129-cce31db99c55
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug022:0:469
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e8670499-52a2-4208-8129-cce31db99c55
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=58118359780705262&gdpr=0&gdpr_consent=
42 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=58118359780705262&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:357
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:57 GMT
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3170817d-6b8d-49d9-914c-eec745a82b53
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=58118359780705262&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=118016C3-32FE-4D31-9E24-716BFDCF41AC&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=118016C3-32FE-4D31-9E24-716BFDCF41AC&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DqiZqj9E2uXTjY0Syj2PRc7hskF2i8M-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DqiZqj9E2uXTjY0Syj2PRc7hskF2i8M-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DqiZqj9E2uXTjY0Syj2PRc7hskF2i8M-~A&gdpr=0&gdpr_consent=
date
Mon, 03 Jan 2022 01:50:57 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
118016C3-32FE-4D31-9E24-716BFDCF41AC
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1146 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/118016C3-32FE-4D31-9E24-716BFDCF41AC?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:6aba:1333:1e2b:7cf5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
image2.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1bhbGda_BxrOul5O0rkSE9K6XEnOv10c1-pMC-LV
42 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1bhbGda_BxrOul5O0rkSE9K6XEnOv10c1-pMC-LV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:474
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1bhbGda_BxrOul5O0rkSE9K6XEnOv10c1-pMC-LV
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=cdb7aaf7ee454d5a8b91c53589d4a72b&ssp=pubmatic&bsw_param=5452ea25-dd70-4a72-94ca-65c379242b52&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5452ea25-dd70-4a72-94ca-65c379242b52&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5452ea25-dd70-4a72-94ca-65c379242b52&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:496
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5452ea25-dd70-4a72-94ca-65c379242b52&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 03 Jan 2022 01:50:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7880709546110963018&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7880709546110963018&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:345
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7880709546110963018&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1146 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=118016C3-32FE-4D31-9E24-716BFDCF41AC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 1146
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:430
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:56 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169284420317900&ev=PageView&dl=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&rl=&if=false&ts=1641174657195&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641174657194.1565695168&it=1641174656529&coo=false&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 03 Jan 2022 01:50:57 GMT
crum
dsum-sec.casalemedia.com/ Frame AA2C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdJWgI9SKrAigR8Y6xS4wwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHFCjiE7TD_iJ8gfwgcMJpo&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHFCjiE7TD_iJ8gfwgcMJpo&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 03 Jan 2022 01:50:57 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHFCjiE7TD_iJ8gfwgcMJpo&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame AA2C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdJWgI9SKrAigR8Y6xS4wwAABLkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECrRkZoGpQH_gDL2QKDadR0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECrRkZoGpQH_gDL2QKDadR0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 03 Jan 2022 01:50:57 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECrRkZoGpQH_gDL2QKDadR0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame AA2C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdJWgI9SKrAigR8Y6xS4wwAABLkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdJWgI9SKrAigR8Y6xS4wwAABLkAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdJWgI9SKrAigR8Y6xS4wwAABLkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PS9Q2XFFXQW9B0R6P1ZJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5DRSW6SFHPCBW8HDJZ2R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdJWgI9SKrAigR8Y6xS4wwAABLkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame AA2C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame AA2C
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 03 Jan 2022 01:50:57 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Date
Mon, 03 Jan 2022 01:50:57 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
Keep-Alive
timeout=5
index
dmp.brand-display.com/cm/api/ Frame AA2C 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.49.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-49-84.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
last-modified
Mon, 03 Jan 2022 01:50:57 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 03 Jan 2022 01:50:58 GMT
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame AA2C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YdJWgQACsZHcJgAm
85 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YdJWgQACsZHcJgAm
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
3384
x-served-by
cache-fra19138-FRA
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1641174657.413219,VS0,VE0
content-length
85
x-cache-hits
2997

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1641174657.226394,VS0,VE92
x-served-by
cache-fra19138-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YdJWgQACsZHcJgAm
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
getuid
ib.adnxs.com/ Frame AA2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame AA2C 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YdJWgI9SKrAigR8Y6xS4wwAA%261209
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://says.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:57 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=948
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 03 Jan 2022 02:06:45 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.5.9/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.5.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1608980c6f4deb0e238ce9af217e69059535d627e4d9fa8adc9908661912b3a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront), 1.1 varnish
age
575288
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
29149
x-served-by
cache-fra19124-FRA
last-modified
Mon, 27 Dec 2021 10:02:06 GMT
server
AmazonS3
x-timer
S1641174657.227142,VS0,VE0
etag
"cfa326391ec5ae5c236d77282035eb1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
_-LPVI9l9qopkm2UwL9-5JN6azwaZTYLs6Gbj9gmR3ti77sjbcI7ww==
x-cache-hits
69126
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27970811-1&cid=1424539265.1641174657&jid=1782502398&_u=YChACAAAhAQCAC~&z=2116545964
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront), 1.1 varnish
age
3418778
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-fra19124-FRA
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1641174657.227002,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
Sk-dQ-vXqlkymfouDYO0ROLJleZN_EmWEBrNrUZpeGf8tabSmNbJwg==
x-cache-hits
1270713
thumb_9d74.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/49466/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/49466/thumb_9d74.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f7f8c3195855a7274e63859fb891cfd09189e45beb039b368ef775a35c76db1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2009314
edge-cache-tag
428492463835370505810123470966193071984,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
cache-tag
428492463835370505810123470966193071984,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
215
expiration
expiry-date="Thu, 16 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/49466/thumb_9d74.jpg
content-length
15732
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 15 Nov 2021 14:00:58 GMT
server
nginx
x-timer
S1641174657.436977,VS0,VE0
etag
"ee8488d662e603d1dd009866d4a2a3bb"
x-served-by
cache-bwi5072-BWI, cache-dca17779-DCA, cache-iad-kcgs7200058-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 2
ee77167c72fc4e07f262fc4f32da1e47.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b10f883def52bf750108380619e4a877f34377cb8867d845d97b6d002259091

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
3161878
edge-cache-tag
302167877995139201708585044388758779315,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
193
expiration
expiry-date="Sat, 25 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
content-length
18342
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Wed, 24 Nov 2021 07:57:19 GMT
server
nginx
x-timer
S1641174657.446471,VS0,VE0
etag
"b00fef9db18530af42f01142823d326f"
x-served-by
cache-dca17728-DCA, cache-dca17724-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
9849f42f5d0cff1b8ff926be612aaf59.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9849f42f5d0cff1b8ff926be612aaf59.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b384f27b35cea173a8b0348f80866e244a8c943cbae4fa25be4fe5b587b7aef0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
2964351
edge-cache-tag
298498529031107023614999209583821854980,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
444
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9849f42f5d0cff1b8ff926be612aaf59.png
content-length
15670
x-request-id
339f31e0b05bf9ffbf4349bfe6154bc9
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 25 Nov 2021 17:21:35 GMT
server
nginx
x-timer
S1641174657.454874,VS0,VE0
etag
"182e4e9732e2e59d02c0618a571e26f3"
x-served-by
cache-bwi5029-BWI, cache-dca17738-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 10
34ae3d8438b9f0684092dd84dd25fdb9.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55ff52a61ccee4bb9f0e3ac8b02354ae6dfa23c7af78b83a5d373a599a22003d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
4396677
edge-cache-tag
501898018763052567145069362010418137997,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
218
expiration
expiry-date="Sat, 11 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
content-length
46000
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Wed, 10 Nov 2021 14:53:09 GMT
server
nginx
x-timer
S1641174657.463285,VS0,VE0
etag
"af69eeac42194c97f454a4f865cf1de2"
x-served-by
cache-bwi5020-BWI, cache-dca17748-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
048fd36120d18bd1d92b769ed2292187.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/048fd36120d18bd1d92b769ed2292187.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
53109bce55f07f198fc8da502de83e354222a3b18de7b4eb3d21d796d0409bbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
1064995
edge-cache-tag
591291266347235654803555474418376641022,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag
591291266347235654803555474418376641022,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/048fd36120d18bd1d92b769ed2292187.jpg
content-length
14070
x-request-id
392517b2d5c9eea2bc33485fe0c14192
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 17 Dec 2021 11:22:28 GMT
server
nginx
x-timer
S1641174657.468751,VS0,VE0
etag
"adc51c6726e6211abfa936ea06427e5f"
x-served-by
cache-bwi5078-BWI, cache-iad-kjyo7100143-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
platform.twitter.com/embed/ Frame 20B0 		383 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/67A8)
Age
2093072
Etag
"28a37f9b17808aa66f17b1c227be059e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
96013
embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
platform.twitter.com/embed/ Frame 20B0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/6711)
Age
2093072
Etag
"c247e426d2ec154064a87aaff54defce+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5857
embed.ondemand.Tweet.6e96324b79625228cf29.js
platform.twitter.com/embed/ Frame 20B0 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.6e96324b79625228cf29.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
131670c344a1c5951ebc2d33a634177924e089fcb43272238df6292846c698aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=May%20Vin%20Ang&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1476372517862649858&lang=en&origin=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&sessionId=739a11e99953152b03872de6b3550acc058e8b3c&siteScreenName=SAYS&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/6772)
Age
2093072
Etag
"e5fb6dfbcdd3dbfd4df66eb8fb597873+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
15650
rum
says.com/cdn-cgi/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://says.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type
application/json

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://says.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6c789447c941696a-FRA
vary
Origin
828ebc8dd401dbd4a4acd2b828d0b786.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/828ebc8dd401dbd4a4acd2b828d0b786.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1dda90b6dceede532557409907964cd275e73aba22fed2e522534eb22ceed692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
2819690
edge-cache-tag
472504287797661571925283538128896346688,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
181
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/828ebc8dd401dbd4a4acd2b828d0b786.jpg
content-length
107368
x-request-id
7afefc7c91b066c0eb9925b35077adbe
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 15 Nov 2021 13:55:26 GMT
server
nginx
x-timer
S1641174657.474186,VS0,VE0
etag
"e140a8677fcbb5cb57912c6ba08cfb51"
x-served-by
cache-bwi5076-BWI, cache-dca12924-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
says.com/assets/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://says.com/assets/says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c789447d96b696a-FRA
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
age
8351
etag
W/"5ddf9000-86a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=60
content-encoding
br
5621182aa2da79674ae2e75f7fbbaceb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f28a8892351db10165e0cf02f2de82aff11b77be08aeed016c54c1548a353f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish, 1.1 varnish
age
2305465
edge-cache-tag
450265650731705506805175281380931797211,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
cache-tag
450265650731705506805175281380931797211,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
137
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
content-length
103256
x-request-id
7f19cf0a29f3aed9bbc1623f06da0185
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 16 Nov 2021 05:31:40 GMT
server
nginx
x-timer
S1641174657.478619,VS0,VE0
etag
"71d565750a0c59061a42f63bd9ecb219"
x-served-by
cache-bwi5051-BWI, cache-dca17760-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
says-banner.png
says.com/foodpanda/assets/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://says.com/foodpanda/assets/says-banner.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ce0e50357bc73930442b4473603a6752592688b8eeae3458e34b5b9e2e87d6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 google
cf-cache-status
HIT
age
2849
cf-polished
origFmt=png, origSize=88400
content-disposition
inline; filename="says-banner.webp"
content-length
42596
last-modified
Wed, 29 Dec 2021 03:39:50 GMT
server
cloudflare
etag
"61cbd886-15950"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6c789448098e696a-FRA
cf-bgj
imgq:100,h2pri
foodpanda_animated.gif
policy.revasia.com/foodpanda/assets/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://policy.revasia.com/foodpanda/assets/foodpanda_animated.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a9b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a66f83a07fd596968296b6cc65a20596f7661643b7f08e3c8d6a03782572598

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=Yl8RGQ==, md5=/gfikmJaQVDWSK9tRoIguQ==
date
Mon, 03 Jan 2022 01:50:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3075
x-guploader-uploadid
ADPycdsjJhmK8N0QHe84Y-uEESt-wohlTnc9Rs-JsgCdW_QKlKmQC1PDQMYs1FcBuaTJWBhvlvMvBcnv_lQO-31QKHg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24152
last-modified
Wed, 22 Dec 2021 23:12:21 GMT
server
cloudflare
etag
"fe07e292625a4150d648af6d468220b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekRX7dUz5V1JHRY%2Bz0kDFHcKS3vjOj8REfhnDHL4rs%2FtsQymzKPI4Kdgz%2Bv3KN9puZ1W4xBdxbTCfegbox0YedyepX7jpb1Ls7gn6b3T2Orch4%2BHvZRkm4Ls%2BEsaAOP2KJrS0soRs5p3%2ByoFqDnU0%2BI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1640214741156852
access-control-allow-origin
*
content-type
image/gif
access-control-expose-headers
Content-Type, Authorization, Content-Length, User-Agent, x-goog-resumable, x-goog-acl, Access-Control-Allow-Origin, X-Requested-With
cache-control
public, max-age=14400
x-goog-stored-content-length
24152
accept-ranges
bytes
cf-ray
6c7894480b42c29a-FRA
expires
Mon, 03 Jan 2022 01:59:42 GMT
update_show
says.com/my/stories/52918/ 		0
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://says.com/my/stories/52918/update_show?_=1641174656491
Requested by
Host: says.com
URL: https://says.com/assets/application-cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger 6.0.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
X-CSRF-Token
4FZbMcx+FG8rTfLhElhKhb6mqmMDK7TmYERk7OMVFyPvJ4HfhFdGtARhLF9xCFYdwJpNGdzfsbuZDcvxx1ZDsg==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger 6.0.4
status
200 OK
content-encoding
br
x-xss-protection
1; mode=block
x-request-id
53ab3dc2-0a9c-469b-95f5-e42a705001b3
x-runtime
0.030061
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 03 Jan 2022 01:50:57 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
cf-ray
6c78944819a1696a-FRA
optimus_rules.json
tags.crwdcntrl.net/lt/c/11139/ 		2 KB
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/11139/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adb19d51f48a3421ec569317f6dbf326e6f14f678c12d14fb4ae6667ded18f9f

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 03 Jan 2022 01:50:31 GMT
content-encoding
gzip
age
1058
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 17 Dec 2021 06:30:10 GMT
server
AmazonS3
etag
W/"deb2d5660f0c687b8109cf120ca918dd"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc1.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
jno4RsZ9xigZnL7kMQNIeF3UugdUTnzAPd7X96kLTb7IeinnvMDedg==
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2bb1a6ec2abb3564cbc192ae57e2ac020dad17d87d2883bd188632810c4b074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8456
x-xss-protection
0
chartbeat_video.js
static.chartbeat.com/js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 00:48:03 GMT
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 00:28:27 GMT
server
nginx
age
3774
etag
W/"6179eeab-11377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
nLDYa14Ad2ZwUEWfLkuhoHd0bb6GzFnxAG1lGV3UzJ-rWo5qw630Ow==
expires
Mon, 03 Jan 2022 02:48:03 GMT
jz-pDMezRjA
www.youtube.com/embed/ Frame A06A 		60 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/jz-pDMezRjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24d9e0f6522e72566665a7620816f192758408c4477c682218bfb67cf56de488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 03 Jan 2022 01:50:57 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
WDILsWklJuw
www.youtube.com/embed/ Frame 7C3A 		60 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/WDILsWklJuw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cbd21c111ccfb849e7518531d43741187571092e43d6a7d0bc255ce6a25b368
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 03 Jan 2022 01:50:57 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
says.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://says.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type
application/json

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://says.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6c78944869e8696a-FRA
vary
Origin
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		235 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=says.com&domain=says.com&path=%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab_image.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed1e968fddbb1ffad28a0a5dfa77537869c6e85e7b67d6be7d93f91828129741

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
177
x-served-by
cache-fra19148-FRA
access-control-allow-origin
*
x-timer
S1641174657.388013,VS0,VE97
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 01 Jan 2022 01:50:57 GMT
st
imprammp.taboola.com/ Frame 0D1C 		0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=5C448A689798140121049109836&cicmp=1337627&cijs=1&dast=V7wKkCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGbUhjYYL2nC5Ww4Xo8FiMVwOVrvBaLWEiVksFqPhajUaaxaLxWgyWw2nYLCFz-nubkMEmk6Hz3Wv1zycn7vG7_bLAQAAAOABgKglGmLHt6E9AgAAAECCZ-RagSKg4t9C4AIAAAAAA4BALFwDAIpD4S0uy-d08ltu_gAAeFAAAQAQwAgBIOB_FQEAAAAYAQAAACABEEgsLAFwuFs0AQAI8OsIRa88AQAAOKiTedpm-f___48ByHtvkgGgSNu4MegBePABeBACAAD4GEJdIR-5slIcICqALGIEAAAAsHVsh3Q0qRMqi6r___9_K4ArAIAAv45Q9NSsm5Ni1jAAAACAsQV6WPx-s8Ou8btd9v________9v9n8GgCbUw5WSFkQSxa7GM3KtsPYLCADA9m4AAG8CcDEHYAcAAABw9____58HAABwskfJ9lqNZ4-y3mewhc_p7q7fhC1Gq8lksxzOlovJYDgajkb7E8jZACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQD6rOpfN5dSoezMfl3NcefGzIxVyxXM4Vi-FcN1klAAAAAAAAAIAlTJk3AQAAADgNYjab7HYrbrzZM0Gs1WpZAwAAAHDrRg4!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish
x-served-by
cache-fra19124-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1641174657.359108,VS0,VE9
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/30_3_6010/infra/ 		604 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish
age
909006
x-amz-meta-mtime
1637665336
x-cache
HIT
x-amz-meta-ctime
1637665337
x-amz-meta-mode
33188
content-encoding
br
content-length
114684
x-amz-id-2
iF3qld1WqoeygCeQpdaFa+EQVmhpaiaohRe/EupfEYSsTvoJINgnm3yf8wLx9uki1i/isL7ddFk=
x-served-by
cache-fra19124-FRA
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:18 GMT
server
AmazonS3-br
x-timer
S1641174657.353182,VS0,VE0
etag
"c85616763ae0c5c14b78b36594bb92db"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
ZP8746523R7Q6FF1
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
321890
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/ 		61 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish
age
909008
x-amz-meta-mtime
1637665346
x-cache
HIT
x-amz-meta-ctime
1637665346
x-amz-meta-mode
33188
content-encoding
br
content-length
8011
x-amz-id-2
CtITlMy77Lcjw4HBAq3TIQNOXW8jqT4nEWw8ttaNJizEjFaTrESC9kGQgxzCFYhFYpS/2r8UE6w=
x-served-by
cache-fra19124-FRA
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:27 GMT
server
AmazonS3-br
x-timer
S1641174657.353248,VS0,VE0
etag
"35d592e602402e62e13fc963c20298fc"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
ZP8F7E6K4KA641TM
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
307723
st
imprammp.taboola.com/ Frame C061 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=5289C8582580278258999321370&cicmp=1337627&cijs=1&dast=V7xFECFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHDUZLjfE1XCyGg4mu-FktVssV6PRcLdaDpcwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbYhA0-nwue71mofzc9f43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAQHEovMVl-ZxOfsvNHwAADwogAAACGCEABPyvIgAAAAAjAAAAACQAAomFJQAOd4smAAABfh2h6JUnAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAfQ6CuOmd-A4jERAWIRYwAAAAAto7tkI4mdUJlUfX___9vBXAFABDg1xGKXpp1c1LMGgYAAAAwtkAPi99vdtg1frfL_v_________N_s8A0IR6uFLSgkii2NV4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAAA29ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Ajkb4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBriQdW5dD6vTsWD-bic-9qDjw25mCuWy7liMZzrJqsEAAAAAAAAALCEKfMmAAAAAKdBzGaT3W7FjTd7Joi1Wi1rAAAAAG7dyAE!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish
x-served-by
cache-fra19124-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1641174657.359010,VS0,VE9
content-length
0
st
imprammp.taboola.com/ Frame AA78 		0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=5C448A68979814014387139085&cicmp=1337627&cijs=1&dast=V7b8ICFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHG7UhjYYL2nC5Ww4Xo8Fis5gNNrvhYjUaLWFiFovFaLhajcaaxWIxmsxWwykYbOFzurvbEIGm0-Fz3es1D-fnrvG7_XIAAAAAeAAgaomG2PFtaI8AAAAAkOAZuVagCKj4txC4AAAAAMAAIBAL1wCA4lB4i8vyOZ38lps_AAAeFEAAAAQwQgAI-F9FAAAAAEYAAAAASAAEEgtLABzuFk0AAAL8OkLRK08AAAAO6mSetln-____YwDy3ptkACjSNm4MegAefAAehAAAAD6G1haTMAp6jAOICiCLGAEAAABsHdshHU3qhMqi6v___98K4AoAIMCvIxRdNevmpJg1DAAAAGBsgR4Wv9_ssGv8bpf9_________5v9nwGgCfVwpaQFkUSxq_GMXCus_QICALC9GwDAmwBczAHYAQAAANz9____5wEAAEztUbK9VuPZo6z3GWzhc7q76zdhi9FqMtksh7PlYjIYjoaj0f4EcjbAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNMSDqnPpfF6digfzcTn3tQcfG3IxVyyXc8ViONdNVgkAAAAAAAAAYAlT5k0AAAAAToOYzSa73Yobb_ZMEGu1WtYAAAAA3LqRAw!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish
x-served-by
cache-fra19124-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1641174657.359266,VS0,VE9
content-length
0
st
imprammp.taboola.com/ Frame 861B 		0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=7FB161CAF975946435186045331&cicmp=1337627&cijs=1&dast=V7HVkCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHDejMGaLDYPG3K2Wo9loM1qMVovlZDEZDpYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbYhA0-nwue71mofzc9f43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAQHEovMVl-ZxOfsvNHwAADwogAAACGCEABPyvIgAAAAAjAAAAACQAAomFJQAOd4smAAABfh2h6JUnAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAfQzNqpqq6Cz8jRAXMRYwAAAAAto7tkI4mdUJlUfX___9vBXAFABDg1xGKjpp1c1LMGgYAAAAwtkAPi99vdtg1frfL_v_________N_s8A0IR6uFLSgkii2NV4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAACM9ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Ajkb4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBriQdW5dD6vTsWD-bic-9qDjw25mCuWy7liMZzrJqsEAAAAAAAAALCEKfMmAAAAAKdBzGaT3W7FjTd7Joi1Wi1rAAAAAG7dyAE!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish
x-served-by
cache-fra19124-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1641174657.359193,VS0,VE9
content-length
0
worker-new.html
says.api.useinsider.com/ Frame D20B 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://says.api.useinsider.com/worker-new.html
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-type
text/html
access-control-allow-origin
*
last-modified
Thu, 30 Dec 2021 04:00:42 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
6756
expires
Wed, 19 Jan 2022 01:50:57 GMT
cache-control
public, max-age=1382400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c789448cdc07039-FRA
content-encoding
br
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 03 Jan 2022 01:50:57 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 2342 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2342 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2342 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2342 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2342 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
css
fonts.googleapis.com/ Frame 2342 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 00:05:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 03 Jan 2022 01:50:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Jan 2022 01:50:57 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2342 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
20141
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 03 Jan 2022 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2342 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
72443
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 03 Jan 2022 05:43:34 GMT
l
www.google.com/ads/measurement/ Frame 2342 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2xnohiIG6YsgNqfR9m8ZfAnRoauYYs5-tEA5U_8h9JCg3NOn2wrwFEa3KGMB8C3szlj1D
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 2342 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9AUPgFbSYbbaN4Kl3gPjiJ64AaSMxLxn5sL856QLndq_m4IaEAEgh5avIGCV0omCmAegAZzbzeEDyAEJqQJI4RKzhxSzPuACAKgDAcgDCqoEiANP0GEjhc4o6bUyoQhOnos-0pSNkH9j4AM37B22iwYI7qhkR1aFDsRoH5YH1GMpIvAkPNCbDS0fP6odSILXVPpd8Ndvo4I_BN4-FOrTkTszzWPvmLDbQ15n4wpRPLmKxgB5b_uialg6UzjvlPgtfYb9dVEMaprUhcnCH4-nffkHz34K-gDVp-4DukT-OnUf6UchOkU8uiGoWJdnnQIX0NwMePAq01QpBxUkq07EWEQG7aMZNngyVO0KXfQklVEFczjB3iiXmfiK-4BQXeQoZ-We-DG-qdjW5iXPd1CSmmPb39yckOmER0hYT8OByMY4quaxk34ohB6_uoQ46irYMSoPje9avFv5k0IDPfknm6_zc8096zBX3aDMlbpjkLyT0DDSqmXxcfIAo-7dqf0ya6tZoXw1_AkZnIw3JMSQUxOYfbFrr2QBQR4iiG_ToX3TjbKQq-DTDzhgYWuO7BtPsLs6Y-PSaR5LUwMZGZ3wfRDm9iqw65lI-jYshivXVVK18XMvIphrQxj0PsAE6rWUov0C4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8yksh6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD26QnSCAkIgOGAcBABGB2ACgPICwG4E4gn2BMMiBQM0BUBmBYBgBcBshceChwIABIUcHViLTMyOTE2ODg0MjA2ODA3MzYYn4YG&sigh=TdM2KJ0m9Uk&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
social
am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/social?route=AM:AM:V&lti=deflated&ri=d56363b6e0d13ea88ddac1b0390b8a5d&sd=v2_7b7de1f733aa7ba0faaf16a73c6c6974_24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00_1641174656_1641174656_CNawjgYQu6lAGKTOh-3hLyABKAEwODib4wlAgooQSJ3d3ANQpewQWABgAGiApKeijMutlDNwAA&ui=24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00&pi=/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&wi=-5654443439451644298&pt=text&vi=1641174656804&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-iframe%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A2%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley%22%2C%22sec%22%3A%22news%22%2C%22aut%22%3A%5B%22May%20Vin%20Ang%22%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.says.com%2Fuploads%2Fstory%2Fcover_image%2F52918%2Fthumb_0093.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=01%3A50%3A57.577&id=4779&llvl=2&cv=20220102-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
container.html
d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2681 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 03 Jan 2022 01:50:56 GMT
expires
Tue, 03 Jan 2023 01:50:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame AABB 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AABB 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AABB 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AABB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AABB 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AABB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
20141
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 03 Jan 2022 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AABB 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
72443
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 03 Jan 2022 05:43:34 GMT
truncated
/ Frame AABB 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8c2c9778b8be2a36dbc1b901980275da46953db9f83e41d21ba1c47a6ab2a94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
760750076964472682
tpc.googlesyndication.com/simgad/ Frame AABB 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/760750076964472682?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qllyKL4_otysTXLxphH6_EQRcMOhA
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f4c346921a67cc975117e73b2530434831558cd3b85a37b6fbde7273f376e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 13:28:51 GMT
x-content-type-options
nosniff
age
130926
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24811
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 08:13:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Jan 2023 13:28:51 GMT
l
www.google.com/ads/measurement/ Frame AABB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShDZjXr5_b7ggzrZiKX98RIqUZr3fhpsjHU5n560hdwiuJXKRCEMgvpOGVbfk6QwR7ZfaF
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame AABB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClwbygFbSYbjaN4Kl3gPjiJ64Acru7LdnjtT5l-4O29keEAEgh5avIGCV0omCmAegAcvq08ACyAECqQJI4RKzhxSzPuACAKgDAcgDCKoEiANP0Pgs57pS0I3Me21-X5v-vvtBIOPyuGPVFeE101CG0xsI5cMrto-UCHGeC8WktqSIfuYaKgX3Im4RhW30wZCoAoMMFtn-9QxA2wyDbTGa6j-uSeyDOxYqA8l83PUKnHJWka35xTeo5HNRqeoBzYLsHVX9pz2GrI5I48Y__lnZvL8xTJN01eyZiCU1ZHiBR4yI4WAyb88doQ2dmsgAOA4WRguTLbdvYVGPNvYjuI6UJ6bdKdUuuCsLUQoqXoI0hyzSKeTLBbY6lfgHHfEe_0VnqNSESN_Q_mFTN1lcSWd8BzcwzHEIkFYYqHuxyXEjCOGLM3D__luxuvCdQRAy9D-1GDAs6HFSZb9MgKOE8Uu_NtKQvca1_baW2J70I4hosqQhJtyCcIFQVsVIO-dY3ms9A5ZHg1BsT1cohvSb-bdbGZE-2x45ducNGRgUqDAjECmA-hhWPUUt_rx65Rjbi3i4bGcIy1HLYIlojrVASnzjqTTgZ5dIJXS-Z7e2D4b-EisS8cRpODHTOMAEh8Tm66UD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB6HNlsEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQnKoG0ggJCIDhgHAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTMyOTE2ODg0MjA2ODA3MzYYn4YG&sigh=YwmRkkNicNU&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
tweet
cdn.syndication.twimg.com/ Frame 20B0 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1476372517862649858&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
1f12abca7dec3f6a510ae3f85dd99c76a46a61fa3dfe3514993dec9996b2a0cd
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"10b8-i15uv5TVt5clQS2Odx4hxGkt0YE"
x-powered-by
Express
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-xss-protection
0
x-response-time
180
server
tsa_f
x-frame-options
SAMEORIGIN
date
Mon, 03 Jan 2022 01:50:57 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
2ae309883461cc2e63ecc3c73566d41cf8e81289c70250b6284c87fff9e176bf
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
st
imprammp.taboola.com/ Frame DC71 		928 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1641174657657&uv=103298943&tms=1641174657657&abt=adh5c-1_vA!expl_vE!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!spa2_vB!t45!ufm_vE!ul103298-943_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8024CAB8C278537512733621727&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
66447cfc636542b4acdb280f4d41993dd18718ba71c208ef9b74f24ca508353d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 varnish
x-served-by
cache-fra19124-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1641174658.663156,VS0,VE10
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame 1CD0 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
2cfe3860cbed1aadb7413754ecab66c5e58561a48cced4efa2f0a4a294cd39d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

server
nginx
date
Mon, 03 Jan 2022 01:50:57 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3406
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66232205&crid=4965925&dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=31589837&cb=1641174657657&uv=103298943&tms=1641174657657&abt=adh5c-1_vA!expl_vE!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!spa2_vB!t45!ufm_vE!ul103298-943_vA&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1641174655062.1!ts:1641174657657&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
content-length
0
server
nginx
downsize_200k_v1
tpc.googlesyndication.com/simgad/2143780032614849025/ Frame 2342 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2143780032614849025/downsize_200k_v1?w=600&h=314
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae56a402dbf2ec1e90d8f5e8586f0b4408224c9c5eb9852a2f01bcd63e64367e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 11:22:46 GMT
x-content-type-options
nosniff
age
484091
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13514
x-xss-protection
0
last-modified
Thu, 14 May 2020 18:47:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Dec 2022 11:22:46 GMT
truncated
/ Frame 2342 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2342 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9cf52f47c4e3091c855da3c4decef0f51c2a29471e81125c5e975f2a095b533

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 2342 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 13:17:51 GMT
x-content-type-options
nosniff
age
217986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 31 Dec 2022 13:17:51 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 2342 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 18:21:26 GMT
x-content-type-options
nosniff
age
545371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Dec 2022 18:21:26 GMT
www-player-webp.css
www.youtube.com/s/player/8da38e9a/ Frame 7C3A 		338 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WDILsWklJuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WDILsWklJuw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 23:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
181369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47369
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 31 Dec 2022 23:28:08 GMT
www-embed-player.js
www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/ Frame 7C3A 		226 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WDILsWklJuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0496ff7b5e02ba5dcf004405c2b4eba9e66d7a89002346aa17ea3c1b4311806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WDILsWklJuw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 11:29:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
138063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74819
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 01 Jan 2023 11:29:54 GMT
base.js
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame 7C3A 		2 MB
528 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WDILsWklJuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d4a5a8296ca52691fde29abc2b8cd81c06ce8717a4b703ef1221bcd01e1d8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WDILsWklJuw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 23:22:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
181733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
540837
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 31 Dec 2022 23:22:04 GMT
fetch-polyfill.js
www.youtube.com/s/player/8da38e9a/fetch-polyfill.vflset/ Frame 7C3A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WDILsWklJuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WDILsWklJuw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 17:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
29839
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 02 Jan 2023 17:33:38 GMT
www-player-webp.css
www.youtube.com/s/player/8da38e9a/ Frame A06A 		338 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jz-pDMezRjA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/jz-pDMezRjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 23:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
181369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47369
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 31 Dec 2022 23:28:08 GMT
www-embed-player.js
www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/ Frame A06A 		226 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jz-pDMezRjA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0496ff7b5e02ba5dcf004405c2b4eba9e66d7a89002346aa17ea3c1b4311806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/jz-pDMezRjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 11:29:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
138063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74819
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 01 Jan 2023 11:29:54 GMT
base.js
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame A06A 		2 MB
528 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jz-pDMezRjA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d4a5a8296ca52691fde29abc2b8cd81c06ce8717a4b703ef1221bcd01e1d8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/jz-pDMezRjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 23:22:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
181733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
540837
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 31 Dec 2022 23:22:04 GMT
fetch-polyfill.js
www.youtube.com/s/player/8da38e9a/fetch-polyfill.vflset/ Frame A06A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jz-pDMezRjA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/jz-pDMezRjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 17:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
29839
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 02 Jan 2023 17:33:38 GMT
collect
f.clarity.ms/ 		0
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://says.com
date
Mon, 03 Jan 2022 01:50:57 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=says.com&p=%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&u=B1lm2uCC7BOiS2SCh&d=says.com&g=65124&g0=news&g1=may%20vin%20ang&n=1&f=00001&c=0&x=0&m=0&y=7126&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1386&_s=%7B%22ga%22%3Anull%7D&t=DT0pdg8E8Y4C_vZ0xCL_dqKChbXrC&V=129&i=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&tz=0&sn=1&sv=Cm-JdPBaIxuTDvX_00BqDlWWD5oUeU&sd=1&im=067b2ef3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.74.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-74-96.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 1164 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1164 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1164 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1164 		71 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
391060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16759
x-xss-protection
0
server
sffe
date
Wed, 29 Dec 2021 13:13:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6f5521ec42d8a94a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Dec 2022 13:13:17 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1164 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1164 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
565404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Dec 2022 12:47:33 GMT
css
fonts.googleapis.com/ Frame 1164 		2 KB
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:regular
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 01:19:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 03 Jan 2022 01:50:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Jan 2022 01:50:57 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1164 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
20141
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 03 Jan 2022 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1164 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
72443
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 03 Jan 2022 05:43:34 GMT
container.html
d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E030 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 03 Jan 2022 01:50:56 GMT
expires
Tue, 03 Jan 2023 01:50:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
l
www.google.com/ads/measurement/ Frame 1164 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwYXUGWIQIpnai_fpR2Z2ensGhq4n-ZQfC0za3tpnGq7xj9nYkVm3Z_EbeZqMUdSys184L
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1164 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPmI6gFbSYbnaN4Kl3gPjiJ64Ae-wsM1lv9G7j5QPrcr93wUQASCHlq8gYJXSiYKYB6ABuYG4wQPIAQmpAgjnS0nAYLI-4AIAqAMByAMIqgSOA0_QkN_w5ioy7Fg1jGeQ5pjzwAzo6hE77osAzJwR1AQaJTKfI9Ua3CjofPzx2HJrpP0NAZmayfDAVNLq49sgQeRZh3_YaB1jehpSs-OfvJrMcMLO59y-HGrGO2xmON9abP4TNzTrPiyN1_MbiKkdIeaHnjBshcPYLwhqsgt9gcsQRgfppAYviFH2f345hm0qog2M7-9h66ac76ENo6w0S29sZuRcPIDLP4hkw78qxKLMwMVbyUTWyk63uOVcM4V5tkCAKW968bBvgdzQjFYL1SLLyN5qe8OEo4eofsoVBSeyHLkiaLL2W2cXZQErE0zUzDUe6WrJZzn-bpS4h_phpnTe-cDhHPVVqhPHsiU0CJuB9mLv5W42oorMdINRjPwcq8Fhooou3Vw_nPpy50QPSWLeStUFd3M3Kgj0QrGFYd8yzvWUN4PTWUkSUklbMoXlUfSMlYCNg6Gm87cqLdgZILS8lr7gip0yXkiequlpfIDn29YZUeeBO0vo44ZRDfHNiOfssOsgzsd0KvEPk7D8wAS-lYGH4APgBAGgBi6AB6_-xz6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDHzwnSCAkIgOGAcBABGB2ACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzI5MTY4ODQyMDY4MDczNhifhgY&sigh=aUlxXc5GSRc&uach_m=[UACH]&template_id=419&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
f1_t1.png
tpc.googlesyndication.com/sadbundle/14438063577318302056/300x250/ Frame 1164 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14438063577318302056/300x250/f1_t1.png
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7817d850af67d2d58a07f9b829016d23b8b3ffe58264a5c6fe7f60bd93cc294
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 11:47:05 GMT
x-content-type-options
nosniff
age
482632
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 07:59:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Dec 2022 11:47:05 GMT
f2_t1.png
tpc.googlesyndication.com/sadbundle/14438063577318302056/300x250/ Frame 1164 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14438063577318302056/300x250/f2_t1.png
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8746fab60d1d007ab70553af82dc75231368ae5d33ab4a2ea197b82eb6dd545e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 06:55:45 GMT
x-content-type-options
nosniff
age
413712
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6235
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 07:59:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Dec 2022 06:55:45 GMT
cta.png
tpc.googlesyndication.com/sadbundle/14438063577318302056/300x250/ Frame 1164 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14438063577318302056/300x250/cta.png
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c23a473cf8a3a8b61398a296bfe911b75d9cfb59c9e3b6ad459d5bd73ccf7c47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 06:04:07 GMT
x-content-type-options
nosniff
age
416810
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8125
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 07:59:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Dec 2022 06:04:07 GMT
logo1.png
tpc.googlesyndication.com/sadbundle/14438063577318302056/300x250/ Frame 1164 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/14438063577318302056/300x250/logo1.png
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87d95fb7457887e26f8b993648dcdfb7fae9e2307fd6c4ceaed89583154c489f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:57:01 GMT
x-content-type-options
nosniff
age
435236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21691
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 07:59:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Dec 2022 00:57:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7C3A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WDILsWklJuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 17:06:41 GMT
x-content-type-options
nosniff
age
463456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 17:06:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A06A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jz-pDMezRjA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 17:06:41 GMT
x-content-type-options
nosniff
age
463456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 17:06:41 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169284420317900&ev=Microdata&dl=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&rl=&if=false&ts=1641174657786&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley%22%2C%22meta%3Adescription%22%3A%22Besides%20healthcare%20centres%2C%20a%20few%20shopping%20malls%20and%20multipurpose%20halls%20have%20been%20turned%20into%20offsite%20PPVs.%22%2C%22meta%3Akeywords%22%3A%22news%2Ccovid2019%2Ccovid19%2Cvaccines%2Cvaccination%2Chealth%2Clindungdirilindungsemua%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley%22%2C%22og%3Adescription%22%3A%22Besides%20healthcare%20centres%2C%20a%20few%20shopping%20malls%20and%20multipurpose%20halls%20have%20been%20turned%20into%20offsite%20PPVs.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimages.says.com%2Fuploads%2Fstory%2Fcover_image%2F52918%2Fthumb_0093.jpg%22%2C%22og%3Asite_name%22%3A%22SAYS%22%2C%22article%3Apublished_time%22%3A%222021-12-31T12%3A32%3A03%2B08%3A00%22%2C%22article%3Amodified_time%22%3A%222021-12-31T12%3A32%3A03%2B08%3A00%22%2C%22article%3Atag%22%3A%22lindungdirilindungsemua%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1641174657194.1565695168&it=1641174656529&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 03 Jan 2022 01:50:57 GMT
PMS.js
vidstat.taboola.com/PMS/3.2.2/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:57 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront), 1.1 varnish
age
2817448
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
17509
x-served-by
cache-fra19124-FRA
last-modified
Thu, 21 Jan 2021 11:30:56 GMT
server
AmazonS3
x-timer
S1641174658.864343,VS0,VE0
etag
"f237b8d35060f133ac8c595fd1234e1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
JVAUVHZomFBOTYSmiRyONx061K0r8J89HAeMC4sUhok9f7gqiMDPAg==
x-cache-hits
3013455
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5384 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sun, 02 Jan 2022 23:56:43 GMT
expires
Mon, 02 Jan 2023 23:56:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6854
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 148E 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
519df7f6c1ab12884b2ecc9ed4d7740aa85e828a8eaa062facbb5102ced5cf76
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i61uZFrXvhGRa4+hM/dNAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 03 Jan 2022 01:50:57 GMT
date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-i61uZFrXvhGRa4+hM/dNAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
social
am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/social?route=AM:AM:V&lti=deflated&ri=d56363b6e0d13ea88ddac1b0390b8a5d&sd=v2_7b7de1f733aa7ba0faaf16a73c6c6974_24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00_1641174656_1641174656_CNawjgYQu6lAGKTOh-3hLyABKAEwODib4wlAgooQSJ3d3ANQpewQWABgAGiApKeijMutlDNwAA&ui=24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00&pi=/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&wi=-5654443439451644298&pt=text&vi=1641174656804&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-iframe%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22ln%22%3A%22below-fold%22%2C%22lx%22%3A1015%2C%22ly%22%3A942%2C%22m%22%3A%22video%22%2C%22v%22%3A3%2C%22md%22%3A%7B%22ap%22%3Anull%2C%22vd%22%3Anull%7D%7D%5D%7D&tim=01%3A50%3A57.961&id=4762&llvl=2&cv=20220102-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
jot
syndication.twitter.com/i/ Frame 20B0 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1641174657999%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22SAYS%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22MayVinAng%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22860263f%3A1639072779848%22%2C%22item_ids%22%3A%5B%221476372517862649858%22%5D%2C%22item_details%22%3A%7B%221476372517862649858%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Mon, 03 Jan 2022 01:50:58 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
c33ad87f6215d674c87ecea71a7ad45176ddb2dcc4438901ca9e71704df02c34
x-transaction
5364d5a136dc62b4
expires
Tue, 31 Mar 1981 05:00:00 GMT
truncated
/ Frame 1164 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e66457d8f46fe0f5ac82b797eac3867792a50c9643b2869e6006368d18af7c6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
sync
taboola-supply-partners.tremorhub.com/ Frame DC71 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1641174657657&uv=103298943&tms=1641174657657&abt=adh5c-1_vA!expl_vE!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!spa2_vB!t45!ufm_vE!ul103298-943_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8024CAB8C278537512733621727&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:43f8:c79a:f116:17d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame DC71 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1641174657657&uv=103298943&tms=1641174657657&abt=adh5c-1_vA!expl_vE!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!spa2_vB!t45!ufm_vE!ul103298-943_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8024CAB8C278537512733621727&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame DC71
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=98a53854-6c37-11ec-9ed0-174deb1e0206&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=98a53854-6c37-11ec-9ed0-174deb1e0206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1641174657657&uv=103298943&tms=1641174657657&abt=adh5c-1_vA!expl_vE!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!spa2_vB!t45!ufm_vE!ul103298-943_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8024CAB8C278537512733621727&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11096

Redirect headers

Date
Mon, 03 Jan 2022 01:50:58 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=98a53854-6c37-11ec-9ed0-174deb1e0206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
94
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame DC71 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1641174657657&uv=103298943&tms=1641174657657&abt=adh5c-1_vA!expl_vE!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!spa2_vB!t45!ufm_vE!ul103298-943_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8024CAB8C278537512733621727&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.51.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-51-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame DC71
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-nfAWhm9E2uFcB4RBp1aW3pEL3hoGgcpJSb._mlo-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-nfAWhm9E2uFcB4RBp1aW3pEL3hoGgcpJSb._mlo-~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&cmcv=&pix=undefined&cb=1641174657657&uv=103298943&tms=1641174657657&abt=adh5c-1_vA!expl_vE!iiq8c_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vB!spa2_vB!t45!ufm_vE!ul103298-943_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8024CAB8C278537512733621727&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11561

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-nfAWhm9E2uFcB4RBp1aW3pEL3hoGgcpJSb._mlo-~A
date
Mon, 03 Jan 2022 01:50:58 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
taboola-supply-partners.tremorhub.com/ Frame 1CD0 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:43f8:c79a:f116:17d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 1CD0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 1CD0
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=98a53854-6c37-11ec-9ed0-174deb1e0206&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=98a53854-6c37-11ec-9ed0-174deb1e0206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11096

Redirect headers

Date
Mon, 03 Jan 2022 01:50:58 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=98a53854-6c37-11ec-9ed0-174deb1e0206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
143
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 1CD0 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.51.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-51-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
async_usersync
ib.adnxs.com/ Frame C8F1 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:58 GMT
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bc7a8f27-e391-4ec8-b10e-cfd3e13da509
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs1vegFbSYbfaN4Kl3gPjiJ64Af7T969czs-92OoCwI23ARABIABgldKJgpgHggEXY2EtcHViLTMyOTE2ODg0MjA2ODA3MzbIAQngAgCoAwGqBI8DT9DfA8BebUIcLjchMN8zcdsS4-POPuxgVeM1tY2Cytudsx47eXDPlJvF5_Ppry04i9eA_qcOX5_bz5dOuKWiV-xO66W4l0lQtE5gODamiJQoGNeXl9vprUrqM8rRO84pWt4phB5M8WD25S03A70tD52lGbWnGdWEz6hiNkbzbTWz_Fsc-u7sXV-iBb8aQ9c_fHXZbR04LVXNY6d9gka6KmwS0zo7GkGJyeANMOOn_fmfc9rXPzUUzbpifAAOti9TmWjzqA2bAzX13-gMHwR6E2DARK9yjgfr_qvqiA46Ri-TuSkEELI5gMPiKmez18lNv5uMfhvESxp6-pRvmyx9UGYVB372vQT1mC4LQOo8nVK5Zx4_0Npa2zTH5ILDDOM5IOOTExTJjxOa8rV33G5kNCV7LR4FchjQWDIgT08YJy0WivR5Al7YpKGptj7YbEbvQDbgxiANq0zhqI-Z3KIU60tjktBlljCEB_abbw-TwQ5oJyafsnCE5D3CWeYMZE6Ezwlp4C5HMYhxq_TCeuuh4AQBgAb56_v14Laf2H-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMjkxNjg4NDIwNjgwNzM2GJ-GBg&sigh=eo6GQ6DY9-Q&uach_m=[UACH]&cid=CAQSPACNIrLMvzJphkMl0smQxt2RVxStgJhSXUA66gT2RDXe4rALMi_Sf6uG1FAPGsEo6yufk1RHitYu8II3MBgB&tpd=AGWhJms2wNT81vyazdO-fyuxVRTHrUJdFPEZ_Z3y5cgSUGwcxcp-s-g0hSnsGyTd4MnqUvvYop2rZa4rDTCLESUPNIPNsChYgfk5qKbo7iwVLUKpM7A_FPzMhXfMGkZArx6q8vqfMvtmRf_eal-FfWki3Ww3USq6V-w_PS-0KRC_jcC8jsQ-QKApYjnhdiALJHEk3X5vKrD_G8YJ5N_en6yyvEW0G-n66sb8JO63iK7bQPk1ut5O9-c8CC1lo-ISDj6-foDAo0gd1Zc26I4N2_XDsNzcUtbygnzWx_1junWL4ZhdGlEcMDJdW0z2Djb5qWkJlxTHxWHKU5SueEezRz96BJEcAnOK620cjIdtQZRIx2BPBXXp4UG6-dmjmbIR6Dg_BX1hVDw5ADdG8VTbyzWke85DPmmEShWIa3MIsJXLUl7rDi99EueVEgcf0Ojk7IwrqeM44ZHF_6RBCPB_Wl2_4ZQdZYr5sjxHvnnkK8PKt-diGb-sK0K-tsSImzjxm4VbcXKupLMgQxbmB9p8lLx6bJJZYdtX70r8N2n7Wb75yE9aQBMnymQ3IsEB_IXyh5mfLgCEDvRTfqoifg6MBy4QwX1UnxeiX0OASctpcfINR-g_xpzIC2I3hGORZdhxTj1ZoG-D-ne5Y1Dt7n7JkTzzYnRqxwnwLRAJo5p_BS5A4Hy9NZ_TLA6R5ZTr_G5CAbIrPM1ywbOjiVu6ivpn3aTjW4AGkKYpTB6JY2GJLlXu5jH2znjOaYc-WbTrUrVwa1sEqIn9_E4fCPFZKjPoLydDGAvUVS_7bUZCoqAjLZHdg_1wTuFeG8h7Rgahm_oUVZEobQ6AqLop8jGW1uLeU1lA7zstzdTDe5c_OmWhwIxxj5i2WpmmdUhE0SsFIC4Jjo3AouOa0lUalge-qZDK
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
dcmads.js
www.googletagservices.com/dcm/ Frame 2681 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:40:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 03 Jan 2022 02:40:59 GMT
ca
choices.truste.com/ Frame 2681 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-92.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1e07a613e9bddb0f5fe531de69ddbe1fe6f277599a8cbd58b1e722df737b2fa3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 23:52:23 GMT
content-encoding
gzip
server
nginx
age
7115
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
P5nLLHbTskGtnNFEhskJt3D5tgea6mJDFNq4cRIRV3N9veG9sp_Xnw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2681 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 01:27:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2681 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jan 2022 01:50:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2681 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:05:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 01:05:20 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2681 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 16:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33986
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 02 Jan 2023 16:24:32 GMT
rubicon
de1-bid.adsrvr.org/bid/feedback/ Frame 2681 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=af83d0c1-2220-4fbe-967f-02b445122fe1&crid=cx40n3a0&wp=B3DA65BA16422161&aid=1&wpc=USD&sfe=1409d681&puid=&tdid=&pid=vko50on&ag=5llqzru&adv=kywm6zw&sig=1s3lqmdznmncyadb8sXvChmXUCXE68eQ75UYqdXCtt6s.&bp=0.1994343734431817832&cf=2909522&fq=0&td_s=says.com&rcats=&mcat=&mste=&mfld=3&mssi=&mfsi=&uhow=26&agsa=&rgz=60313&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=24040&did=&rcxt=Other&lat=47.360001&lon=10.290000&tmpc=7.49&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAeAAQCIAQGQAQA.&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..&durs=AuzKvO&crrelr=&ipl=/1009103/SAYS_desktop_leaderboard&pcm=1&grdc=CAEYASABKAFAAUgC&vc=3&cx=-5178883614526245302&said=2fbac69cc14e129a837786d913e74b5b25b2cf1f&ict=Unknown&auct=1&cxlvs=0&im=1&mc=9df97d30-c10e-47ff-86ff-25786f6ed425
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:57 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
v2
odr.mookie1.com/t/ Frame 2681
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=e8670499-52a2-4208-8129-cce31db99c55&gdpr=1&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=e8670499-52a2-4208-8129-cce31db99c55&gdpr=1&gdpr_consent=
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:58 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=e8670499-52a2-4208-8129-cce31db99c55&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
v4
metrics.getrockerbox.com/track/ Frame 2681
Redirect Chain
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3Dr9vak6v%26ti...
  • https://metrics.getrockerbox.com/track/v4?uid=58118359780705262&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0&uid_ts=164117...
44 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v4?uid=58118359780705262&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0&uid_ts=1641174658
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.67.177.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMW5PhRbcMdEXtgLGU8Iod3P7E01W3gKKfiwo3q1Vc0eZoP%2Ft5Qe1DdrO76E3TRXepKC2QIapcKfD9%2Bb3B44S4RdglFmrHyqQ93VZrOSQU7S8QYKnoV5bpf7JSXHaNufX9lV%2BeaVGcDcEKM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6c78944fea344c26-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 01:50:58 GMT
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7c02e2d8-077c-4518-956d-050468bf6239
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://metrics.getrockerbox.com/track/v4?uid=58118359780705262&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=r9vak6v&tier_three=5llqzru&tier_four=cx40n3a0&uid_ts=1641174658
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gOcMAiLB_normal.jpg
pbs.twimg.com/profile_images/1477300178780516352/ Frame 20B0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1477300178780516352/gOcMAiLB_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
461a52763d7cd68bb6e9201bf4b36203e0e1a8fe5b5ea7359ce51f6d61118b95
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
x-content-type-options
nosniff
age
123849
x-cache
HIT
content-length
2187
x-response-time
122
surrogate-key
profile_images profile_images/bucket/7 profile_images/1477300178780516352
last-modified
Sat, 01 Jan 2022 15:24:24 GMT
server
ECS (frb/67BC)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7b4b80994801539820868c5554cb6a5d782e05af36bff432190cf21f460d2e66
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FH0dm_cUcAENWpb
pbs.twimg.com/media/ Frame 20B0 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FH0dm_cUcAENWpb?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
587f830653181030ee20cc03bd0c60ab1066fc6d6a408b9a03ffe90e6b866e36
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
x-content-type-options
nosniff
age
345925
x-cache
HIT
content-length
30317
x-response-time
377
surrogate-key
media media/bucket/5 media/1476368808549838849
last-modified
Thu, 30 Dec 2021 01:43:28 GMT
server
ECS (frb/67D3)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
999d1e9e5bd91ddc9e2df4fbb081af819bcb183a35cd1ab9d5301a5878ad3096
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FH0dm_dUYAEXmbf
pbs.twimg.com/media/ Frame 20B0 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FH0dm_dUYAEXmbf?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
61197d325d2be46142871abfe1c675a937f44c41f387643432039f08eac4abe4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
x-content-type-options
nosniff
age
344135
x-cache
HIT
content-length
18835
x-response-time
316
surrogate-key
media media/bucket/4 media/1476368808554029057
last-modified
Thu, 30 Dec 2021 01:43:28 GMT
server
ECS (frb/669E)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
20c336684a95b0379363d556f8b1766df42ac374bf2bf9a1ded6cef3603ec305
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FH0dm_aVcAUn2k8
pbs.twimg.com/media/ Frame 20B0 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FH0dm_aVcAUn2k8?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
3bbdc875c6dc4aa773d239725eedfc8d16b83e62e7666af63067afd8b593d386
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
x-content-type-options
nosniff
age
344135
x-cache
HIT
content-length
18127
x-response-time
253
surrogate-key
media media/bucket/6 media/1476368808541515781
last-modified
Thu, 30 Dec 2021 01:43:28 GMT
server
ECS (frb/67DF)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b6dba1f7ba0e1eed7610abd248e68c021faaec8e09030f30a3864afbbd053905
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FH0g-n0UYAEGDZc
pbs.twimg.com/media/ Frame 20B0 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FH0g-n0UYAEGDZc?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
29c9d493c37f54747b9c02fffde690a9f8cb87f4e1897f9b0f3205eff4758975
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
x-content-type-options
nosniff
age
344955
x-cache
HIT
content-length
30004
x-response-time
254
surrogate-key
media media/bucket/6 media/1476372513059790849
last-modified
Thu, 30 Dec 2021 01:58:11 GMT
server
ECS (frb/6776)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ee94b82cf38241e47ec50c202009123b5b9ae0971550dd0c97fe93716f386521
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FH0g-n0UcAkBe5r
pbs.twimg.com/media/ Frame 20B0 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FH0g-n0UcAkBe5r?format=jpg&name=small
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
4f5ece0f2889248fde0b4145bf691b0c8b02600de4e2291b14e8de5324a746b7
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
x-content-type-options
nosniff
age
344955
x-cache
HIT
content-length
50969
x-response-time
230
surrogate-key
media media/bucket/6 media/1476372513059794953
last-modified
Thu, 30 Dec 2021 01:58:11 GMT
server
ECS (frb/674D)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1d5703628b8f185c8c7fc55eea2f4526152c00d1cb44f4b4bd3bb1b8e767e246
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
si
googleads.g.doubleclick.net/pagead/drt/ Frame AABB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Mon, 03 Jan 2022 01:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 varnish
age
2991177
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-fra19124-FRA
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1641174658.161527,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5puIF1VtGsg5AgLD-YhuubmNu7Q6UPt-NFh936bEWE39Q7_EvHV1Mw==
x-cache-hits
1349722
FH0g-nzUUAATPnL
pbs.twimg.com/media/ Frame 20B0 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FH0g-nzUUAATPnL?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6713) /
Resource Hash
002d724acda8da4e44a859de9536f5f6bb3c728b7fbcda456703138b4e02881a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
x-content-type-options
nosniff
age
344955
x-cache
HIT
content-length
32498
x-response-time
253
surrogate-key
media media/bucket/3 media/1476372513055592448
last-modified
Thu, 30 Dec 2021 01:58:11 GMT
server
ECS (frb/6713)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
856557b7974e6daf38604c4c966e2b8182ced204b5cfb8c86e8a0f474396c28a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
css2
fonts.googleapis.com/ Frame E030 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 00:36:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 03 Jan 2022 01:50:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Jan 2022 01:50:58 GMT
css
fonts.googleapis.com/ Frame 6C3F 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 00:09:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 03 Jan 2022 01:50:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Jan 2022 01:50:58 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6C3F 		1 KB
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 00:56:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3246
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 00:56:52 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 6C3F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
860
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 01:36:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6C3F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:27:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 01:27:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C3F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jan 2022 01:50:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6C3F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:05:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 01:05:20 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 6C3F 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 14:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 14:00:58 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame E030 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:20:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8346
x-xss-protection
0
server
cafe
etag
3177319193432224586
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 01:20:11 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E030 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 19:15:41 GMT
x-content-type-options
nosniff
age
23717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 02 Jan 2023 19:15:41 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E030 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 21:25:53 GMT
x-content-type-options
nosniff
age
102305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 01 Jan 2023 21:25:53 GMT
id
googleads.g.doubleclick.net/pagead/ Frame A06A 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1cde3c5f27b09d488d79031a4de833bad306e69fc1d5cbc90defb72022405045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame A06A 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:15 GMT
x-content-type-options
nosniff
age
43
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jan 2022 02:05:15 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 7C3A 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05328c0e9fdc275a3a633409a0967476791cfa67b1f7fa94a71c585423ed2c65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 7C3A 		29 B
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:15 GMT
x-content-type-options
nosniff
age
43
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jan 2022 02:05:15 GMT
impl_v81.js
www.googletagservices.com/dcm/ Frame 2681 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 15:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:28:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 31 Dec 2022 15:41:00 GMT
bulk
trc.taboola.com/revasiaberhad-saysmy/log/3/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/revasiaberhad-saysmy/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
18
pragma
no-cache
date
Mon, 03 Jan 2022 01:50:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1641174658.333817,VS0,VE18
x-served-by
cache-fra19124-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://says.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
5621182aa2da79674ae2e75f7fbbaceb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f28a8892351db10165e0cf02f2de82aff11b77be08aeed016c54c1548a353f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:58 GMT
via
1.1 varnish, 1.1 varnish
age
2305466
edge-cache-tag
450265650731705506805175281380931797211,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
cache-tag
450265650731705506805175281380931797211,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
137
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
content-length
103256
x-request-id
7f19cf0a29f3aed9bbc1623f06da0185
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 16 Nov 2021 05:31:40 GMT
server
nginx
x-timer
S1641174658.336501,VS0,VE0
etag
"71d565750a0c59061a42f63bd9ecb219"
x-served-by
cache-bwi5051-BWI, cache-dca17760-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 4
ee77167c72fc4e07f262fc4f32da1e47.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b3ff6be3b5ab2d387f0233bb726a0d809570a565ca0e64a42a16a93d23b4b27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:58 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2456035
edge-cache-tag
302167877995139201708585044388758779315,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
119
expiration
expiry-date="Wed, 29 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
content-length
39782
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 28 Nov 2021 20:08:17 GMT
server
nginx
x-timer
S1641174658.347091,VS0,VE0
etag
"30c7e55c7267d5dbee062e0fc35d6bf1"
x-served-by
cache-bwi5076-BWI, cache-dca17728-DCA, cache-iad-kjyo7100137-IAD, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 2
5621182aa2da79674ae2e75f7fbbaceb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c682215efcdbc5ee282a13d340b533f0699770d50ad9c526608183f561602f93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:58 GMT
via
1.1 varnish, 1.1 varnish
age
2798044
edge-cache-tag
450265650731705506805175281380931797211,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
77
expiration
expiry-date="Sun, 12 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
content-length
38180
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 11 Nov 2021 12:50:45 GMT
server
nginx
x-timer
S1641174658.353296,VS0,VE0
etag
"ee562438ba3e2e7c020ab22cd7bc2043"
x-served-by
cache-wdc5572-WDC, cache-dca17765-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 4
ee77167c72fc4e07f262fc4f32da1e47.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b10f883def52bf750108380619e4a877f34377cb8867d845d97b6d002259091

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 03 Jan 2022 01:50:58 GMT
via
1.1 varnish, 1.1 varnish
age
3161879
edge-cache-tag
302167877995139201708585044388758779315,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
193
expiration
expiry-date="Sat, 25 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
content-length
18342
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Wed, 24 Nov 2021 07:57:19 GMT
server
nginx
x-timer
S1641174658.359291,VS0,VE0
etag
"b00fef9db18530af42f01142823d326f"
x-served-by
cache-dca17728-DCA, cache-dca17724-DCA, cache-fra19124-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
9431
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
JaB2VZccswddTqwJ7/mcediCDg0wFFInP8HOv6ivSWhba0pfTqAJTJNmShXPe3AZIWkTu7d0lpI=
x-served-by
cache-fra19124-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1641174658.391271,VS0,VE0
date
Mon, 03 Jan 2022 01:50:58 GMT
x-amz-request-id
DM4W3S4YY3F5F4G8
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
53
x-cache-hits
1490
remote.js
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame A06A 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc328eeaf800bfc497c691f3d92a67891dc61368e72111f0c1a02c7fe37d702b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/jz-pDMezRjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 23:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
181651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29815
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 31 Dec 2022 23:23:27 GMT
X91DEWQIO8k93DoQiyzxLpOdvXUBhBD4UdpkLUEPiVw.js
www.google.com/js/th/ Frame A06A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/X91DEWQIO8k93DoQiyzxLpOdvXUBhBD4UdpkLUEPiVw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fdd431164083bc93ddc3a108b2cf12e939dbd75018410f851da642d410f895c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 15:01:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
470986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Dec 2022 15:01:12 GMT
embed.js
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame A06A 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71f4a6b13f5d5b9c56c3c3e769b5914c7e5738b295477d9c42caa75101a1ec06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/jz-pDMezRjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 23:22:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
181733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 31 Dec 2022 23:22:05 GMT
truncated
/ Frame A06A 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
tFFb15pfr08cmBGP1FvYlluZu5DuQsXOs665nlhT6HW5IOQ4vAAJVuuXTg-vpwBWlkvwlkxDw0Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A06A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/tFFb15pfr08cmBGP1FvYlluZu5DuQsXOs665nlhT6HW5IOQ4vAAJVuuXTg-vpwBWlkvwlkxDw0Q=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jz-pDMezRjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8f13602e92307c177df39f3d5177cbdc051a0083fa1c86b677d859b22b82cde9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 00:36:50 GMT
x-content-type-options
nosniff
age
4448
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2659
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 21 Dec 2021 20:34:06 GMT
hqdefault.webp
i.ytimg.com/vi_webp/jz-pDMezRjA/ Frame A06A 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/jz-pDMezRjA/hqdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jz-pDMezRjA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc3db37f2c9150c9d0aba3630de0acb5a6f7590dd4d6133a23b516766b309a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:14:09 GMT
x-content-type-options
nosniff
age
2209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21628
x-xss-protection
0
server
sffe
etag
"1640839198"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 03 Jan 2022 03:14:09 GMT
remote.js
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame 7C3A 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc328eeaf800bfc497c691f3d92a67891dc61368e72111f0c1a02c7fe37d702b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WDILsWklJuw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 23:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
181651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29815
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 31 Dec 2022 23:23:27 GMT
X91DEWQIO8k93DoQiyzxLpOdvXUBhBD4UdpkLUEPiVw.js
www.google.com/js/th/ Frame 7C3A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/X91DEWQIO8k93DoQiyzxLpOdvXUBhBD4UdpkLUEPiVw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fdd431164083bc93ddc3a108b2cf12e939dbd75018410f851da642d410f895c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 15:01:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
470986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Dec 2022 15:01:12 GMT
embed.js
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame 7C3A 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71f4a6b13f5d5b9c56c3c3e769b5914c7e5738b295477d9c42caa75101a1ec06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WDILsWklJuw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 23:22:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
181733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 22:18:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 31 Dec 2022 23:22:05 GMT
fdnwckx1qehhn3koeztn.mp4
cdn.taboola.com/libtrc/static/video/v1634217075/ 		947 KB
947 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1634217075/fdnwckx1qehhn3koeztn.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
827e1cc5ceab64c27099667906a29a8f2e5ac4e8928b0c61100e27c4dc610b45

Request headers

Referer
https://says.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
3dYYJW.8rAkbm.syi6TdLfK9rCTjx25T
via
1.1 varnish
etag
"950638a04c6661a249cc1dd9cf37a703"
age
69
x-cache
HIT
Content-Range
bytes 0-969242/969243
x-amz-replication-status
COMPLETED
Content-Length
969243
x-amz-id-2
/yIvRK8Ho8jtyPYegR3gPqJnJPVdHL418GFwgxwDJm1u/VXeUgGTz8s5rZjYNnLlW50uBCpBxng=
x-served-by
cache-fra19124-FRA
last-modified
Thu, 14 Oct 2021 13:11:21 GMT
server
AmazonS3
x-timer
S1641174659.511898,VS0,VE1
date
Mon, 03 Jan 2022 01:50:58 GMT
x-amz-request-id
HCYHCVGG2N5QDWBN
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
53
x-cache-hits
0
wfab3cziarj38ir2xhww.mp4
cdn.taboola.com/libtrc/static/video/v1630957451/ 		140 KB
141 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1630957451/wfab3cziarj38ir2xhww.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1928dc2b2ee127bbc7cbd955ec925315d8fbf150e1db4bea35263b0bb0afc98d

Request headers

Referer
https://says.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
64Onu629rmuV.GHcLbrEFgJCVWQNJ4.F
via
1.1 varnish
etag
"5ccee7454c6fb2cfc9217b5bf6b7dd6e"
age
29
x-cache
HIT
Content-Range
bytes 0-143553/143554
x-amz-replication-status
COMPLETED
Content-Length
143554
x-amz-id-2
x6W6b7bVOrolJtCw0SZ9ZYVdziTDAAjM2V+LlIek9TT40gOHYszeZDm3SIsdLX1EE9k+brbviBA=
x-served-by
cache-fra19124-FRA
last-modified
Mon, 06 Sep 2021 19:44:16 GMT
server
AmazonS3
x-timer
S1641174659.512005,VS0,VE1
date
Mon, 03 Jan 2022 01:50:58 GMT
x-amz-request-id
VD90WZ1EDANSVBKE
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
53
x-cache-hits
0
fdnwckx1qehhn3koeztn.mp4
cdn.taboola.com/libtrc/static/video/v1634217075/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1634217075/fdnwckx1qehhn3koeztn.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://says.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
3dYYJW.8rAkbm.syi6TdLfK9rCTjx25T
via
1.1 varnish
etag
"950638a04c6661a249cc1dd9cf37a703"
age
69
x-cache
HIT
Content-Range
bytes 0-969242/969243
x-amz-replication-status
COMPLETED
Content-Length
969243
x-amz-id-2
/yIvRK8Ho8jtyPYegR3gPqJnJPVdHL418GFwgxwDJm1u/VXeUgGTz8s5rZjYNnLlW50uBCpBxng=
x-served-by
cache-fra19124-FRA
last-modified
Thu, 14 Oct 2021 13:11:21 GMT
server
AmazonS3
x-timer
S1641174659.512075,VS0,VE1
date
Mon, 03 Jan 2022 01:50:58 GMT
x-amz-request-id
HCYHCVGG2N5QDWBN
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
53
x-cache-hits
0
wfab3cziarj38ir2xhww.mp4
cdn.taboola.com/libtrc/static/video/v1630957451/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1630957451/wfab3cziarj38ir2xhww.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://says.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
64Onu629rmuV.GHcLbrEFgJCVWQNJ4.F
via
1.1 varnish
etag
"5ccee7454c6fb2cfc9217b5bf6b7dd6e"
age
29
x-cache
HIT
Content-Range
bytes 0-143553/143554
x-amz-replication-status
COMPLETED
Content-Length
143554
x-amz-id-2
x6W6b7bVOrolJtCw0SZ9ZYVdziTDAAjM2V+LlIek9TT40gOHYszeZDm3SIsdLX1EE9k+brbviBA=
x-served-by
cache-fra19124-FRA
last-modified
Mon, 06 Sep 2021 19:44:16 GMT
server
AmazonS3
x-timer
S1641174659.514047,VS0,VE1
date
Mon, 03 Jan 2022 01:50:58 GMT
x-amz-request-id
VD90WZ1EDANSVBKE
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
53
x-cache-hits
0
truncated
/ Frame 7C3A 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
tFFb15pfr08cmBGP1FvYlluZu5DuQsXOs665nlhT6HW5IOQ4vAAJVuuXTg-vpwBWlkvwlkxDw0Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 7C3A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/tFFb15pfr08cmBGP1FvYlluZu5DuQsXOs665nlhT6HW5IOQ4vAAJVuuXTg-vpwBWlkvwlkxDw0Q=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WDILsWklJuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8f13602e92307c177df39f3d5177cbdc051a0083fa1c86b677d859b22b82cde9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 00:36:50 GMT
x-content-type-options
nosniff
age
4448
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2659
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 21 Dec 2021 20:34:06 GMT
hqdefault.jpg
i.ytimg.com/vi/WDILsWklJuw/ Frame 7C3A 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/WDILsWklJuw/hqdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WDILsWklJuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd4a2c472cc3343960710171c24b6d70d0e5a0875a3a690dfcf6247996dc4012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:13:49 GMT
x-content-type-options
nosniff
age
2229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41555
x-xss-protection
0
server
sffe
etag
"1640875306"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 03 Jan 2022 03:13:49 GMT
B26509325.314896209;dc_ver=81.236;sz=728x90;u_sd=1;kw=5llqzru;dc_adk=3507080174;ord=66niw9;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Daf83d0c1-2220-4fbe-967f-02b445122fe1%26ag%3D5l...
ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/ Frame 2681 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26509325.314896209;dc_ver=81.236;sz=728x90;u_sd=1;kw=5llqzru;dc_adk=3507080174;ord=66niw9;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Daf83d0c1-2220-4fbe-967f-02b445122fe1%26ag%3D5llqzru%26sfe%3D1409d681%26sig%3Dddq0KeBJeH8HIq1XxYQ21d7LMAT57vX_aZ4E9wf_1pI.%26crid%3Dcx40n3a0%26cf%3D2909522%26fq%3D0%26t%3D1%26td_s%3Dsays.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D26%26agsa%3D%26wp%3DB3DA65BA16422161%26rgz%3D60313%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D24040%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D7.49%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAeAAQCIAQGQAQA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F1009103%2FSAYS_desktop_leaderboard%26pcm%3D1%26ict%3DUnknown%26said%3D2fbac69cc14e129a837786d913e74b5b25b2cf1f%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fsays.com%2F$0;xdt=1;crlt=GrBBN_)w20;sttr=231;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
03ae59e8c73a807a1a1cd743ff73952fdf5daf285b96f01781e124468531401d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24801
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6bcf5086-71b4-4753-84d4-83dcd3710cd6
https://says.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://says.com/6bcf5086-71b4-4753-84d4-83dcd3710cd6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
9c42ba15-913d-43b1-a37b-a25cfbb65d93
https://says.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://says.com/9c42ba15-913d-43b1-a37b-a25cfbb65d93
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
sodar
pagead2.googlesyndication.com/pagead/ Frame 148E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=135705784790940&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 25A5 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 03 Jan 2022 01:02:26 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2912
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
622.json
id5-sync.com/g/v2/ 		213 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/622.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.9 , France, ASN16276 (OVH, FR),
Reverse DNS
p32.id5-sync.com
Software
/
Resource Hash
8574539c14558b21ac335278fc3b06e69dbd3023caa7946d92e5d9f5e7af4a9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://says.com
Date
Mon, 03 Jan 2022 01:50:58 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		44 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://says.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ 		63 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9027197592f5514157ab0a29af5969430574873bf201cf3888a01835d5f8b633

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://says.com
cache-control
no-cache
x-server
10.45.28.95
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		108 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
d6956621527b73359720e6526916f3edcf875e4a39f401fd83792c6e4c8afec9

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://says.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 02 Feb 2022 01:50:58 GMT
usync.html
eus.rubiconproject.com/ Frame C5A4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V76NICFgMkmmx_u-NEvwQkmmx_u-NEvwUAAAAGBvQHGziYjDYMCnFD2Q1Xm91qMdltNrPJYjfZDWEDB5PRhkEhbii74WqzWy0Wk81iNFrNdrspfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW84Q9Pp8Lnu9ZqH83PX-N1-tfMvd_k-f6HL8vK8dUeX5eVW_l1vjcPu1jjMZrfS7hb93TqX6a38uy5vjd_2NLkVy7XE7_ecXpa35ug3fd5Ku1trdth9btnDbHY57wAAAADwALBkXALxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgwF2uAQDFofAWl-VzOvktN38AADwogAAACGCQABDglJYAWIhWnAAAAAAAAAAAsPz____HDMh_NsoAaJBN9AA8-AA8EBWQFjECAAAA2Dq2Qzqa1AmVRRUAAEG6FcAVAECAX0coOkcYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cT6uFKSQsiiWJX-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6AhptlrMDAAAAuPv____XA7mJb-RyzHybzcLhmzgMM4fD5pgtfJuNbWNb7kbbaxl0x-6pwzHrCxGW2e87KCinp8fsMoiKrrfF7nCaPQfxQcOwnAyC-U3YYrSaTDbL4Wy5mAyGo-FotD-BnA1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRFGRqvNYmEcrWXDwXItWplcboXHZlprZobhYrnaDFYuj1v0-piOG4vJYxhM8WA-hoe_9uCiYADbXgQX6UTysj08T4fFZTk6TG7Nw_l5Oy9iieZkkU5kl31v4hu5HDPfZrNw-CYOw8zhsDlmC99mY9vYlrvRvjJabRYL42gtGw6Wa9HK5HIrPDbTWjMzDBfL1WawcnncotfHdNxYTB7DYN-YjRaL3Wi2mu0bs9FisRvNVrN9h87wXX3ORus2dvC4pD7RrRmamQ8Kl8Hi_UlMi2l3dvD8fkenyhl5FnRG4eV79BoUnoPHdBC-LKfVzTqdTXTeg0ERSwSni3QiehlPF7FE8rRIJxKHZeaabDYml2c48nhsG4_H5tuNJqvhyrKwOUYTsURpukgnerXzL3f5Pn-hy_LyvHVHl-XlVv5db43D7tY4zGa30u4W_d06l-mt_Lsub43f9jS5Fcu1xO_3nF6Wt-boN33eSrtba3bYfW7Zw2x2OS_qPzbkYq5YLueKxXCum6wSAAAAAAAAAMAS5sybAAAAAJwGspvNRqvlAkBQ7OoCgwAAAAAAAOzGHoaZ8sl72RU3fkwhL9vD83RYXJajw-TWPJyft_PKABATT8ybPRPEWq2WNQAAgAA2AABAALdu3gLCLDk!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 03 Jan 2022 01:50:58 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Mon, 03 Jan 2022 01:50:58 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
jot
syndication.twitter.com/i/ Frame 20B0 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1641174658635%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22SAYS%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22MayVinAng%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22860263f%3A1639072779848%22%2C%22item_ids%22%3A%5B%221476372517862649858%22%5D%2C%22item_details%22%3A%7B%221476372517862649858%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1678.3999996185303%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
116
pragma
no-cache
last-modified
Mon, 03 Jan 2022 01:50:58 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
c33ad87f6215d674c87ecea71a7ad45176ddb2dcc4438901ca9e71704df02c34
x-transaction
e89bc456b6610342
expires
Tue, 31 Mar 1981 05:00:00 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 5384 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 12:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
135896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 12:06:02 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A06A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jan 2022 01:50:58 GMT
generate_204
www.youtube.com/ Frame A06A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?8ChvfQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/jz-pDMezRjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 7C3A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jan 2022 01:50:58 GMT
generate_204
www.youtube.com/ Frame 7C3A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?ClIqMA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WDILsWklJuw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
www.facebook.com/tr/ Frame 29E1 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1394602727253794&ev=Microdata&dl=https%3A%2F%2Fbcp.crwdcntrl.net%2Fpixels%3Fs%3D22%252C14%252C12%252C2%26b%3D797747%252C1769168%26c%3D11139&rl=https%3A%2F%2Ftags.crwdcntrl.net%2F&if=true&ts=1641174658811&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&it=1641174656911&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 03 Jan 2022 01:50:58 GMT
collect
f.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://says.com
date
Mon, 03 Jan 2022 01:50:58 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 2681 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
Origin
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 20:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jan 2022 20:53:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 2681 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26509325.314896209;dc_ver=81.236;sz=728x90;u_sd=1;kw=5llqzru;dc_adk=3507080174;ord=66niw9;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Daf83d0c1-2220-4fbe-967f-02b445122fe1%26ag%3D5llqzru%26sfe%3D1409d681%26sig%3Dddq0KeBJeH8HIq1XxYQ21d7LMAT57vX_aZ4E9wf_1pI.%26crid%3Dcx40n3a0%26cf%3D2909522%26fq%3D0%26t%3D1%26td_s%3Dsays.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D26%26agsa%3D%26wp%3DB3DA65BA16422161%26rgz%3D60313%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D24040%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D7.49%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAeAAQCIAQGQAQA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F1009103%2FSAYS_desktop_leaderboard%26pcm%3D1%26ict%3DUnknown%26said%3D2fbac69cc14e129a837786d913e74b5b25b2cf1f%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fsays.com%2F$0;xdt=1;crlt=GrBBN_)w20;sttr=231;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 01:38:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2681 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 14:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
471252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Dec 2022 14:56:46 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 25A5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 03 Jan 2022 01:50:58 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 03 Jan 2022 01:50:58 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 03 Jan 2022 01:50:58 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cast_sender.js
www.gstatic.com/eureka/clank/96/ Frame A06A 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/96/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 18:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15236
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 15:10:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Mon, 03 Jan 2022 18:17:22 GMT
cast_sender.js
www.gstatic.com/eureka/clank/96/ Frame 7C3A 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/96/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 18:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15236
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 15:10:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Mon, 03 Jan 2022 18:17:22 GMT
usync.js
eus.rubiconproject.com/ Frame C5A4 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76508
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Mon, 03 Jan 2022 23:06:06 GMT
usync.html
eus.rubiconproject.com/ Frame 5556 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPSN2EKPSN2EK__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by
Host: d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
URL: https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 03 Jan 2022 01:50:58 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame 2681 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bab1fe14911d3132c48db5d9732eae69ff56a52f60acc11584a41bbafd8c2f58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
16411746589443dec2abc62.79780e72
segment.api.useinsider.com/v4/segments/ 		927 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://segment.api.useinsider.com/v4/segments/16411746589443dec2abc62.79780e72?partnerid=10002153&fields=e0e252a5d8c8cdc04eacbd926868cffc,1a3e01539f4264ca05f749a0c0b39d41&
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca79b17283dd424f6e491d2effc14b0a4861b5c8ea6580950551ba8e49b948a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cf-ray
6c7894527bfc4a80-FRA
/
location.api.useinsider.com/ 		255 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://location.api.useinsider.com/?v=2&pId=10002153&
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
272a4b456695415e12644c3f9728f1b1ecf84779774b4e529f5f956b3859698d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-cache, private
cf-ray
6c7894528ffb4357-FRA
content-type
application/json
khaos.jpg
token.rubiconproject.com/ Frame C5A4 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27970811-1&cid=1424539265.1641174657&jid=393812872&gjid=100232621&_gid=1181177475.1641174657&_u=aCjIiAABhAQCAG~&z=479320348
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 03 Jan 2022 01:50:59 GMT
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
log.api.useinsider.com/v2/ 		42 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215L25ld3MvaGVyZXMtd2hlcmUteW91LWNhbi1jYWxsLWluLXRvLWdldC15b3VyLWNvdmlkLTE5LWJvb3N0ZXItc2hvdHMtaW4ta2xhbmctdmFsbGV5P19nYT0yLjI0OTUwNzIwNy4xNjQ0MzY1NTk2LjE2NDA5MjkwNzAtMTIwNjM3NDUwMy4xNjQwOTI5MDcwIiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkvbmV3cy9oZXJlcy13aGVyZS15b3UtY2FuLWNhbGwtaW4tdG8tZ2V0LXlvdXItY292aWQtMTktYm9vc3Rlci1zaG90cy1pbi1rbGFuZy12YWxsZXk%2FX2dhPTIuMjQ5NTA3MjA3LjE2NDQzNjU1OTYuMTY0MDkyOTA3MC0xMjA2Mzc0NTAzLjE2NDA5MjkwNzAiLCJ1c2VySWQiOiIxNjQxMTc0NjU4OTQ0M2RlYzJhYmM2Mi43OTc4MGU3MiIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6ImVqQTBjM0ZzWm00dE0yTmhlUzFyWW0xckxXWnRObll0WjNJeVpUUnZPVFpwWkRBMlh6RTJOREV4TnpRMk5Uaz0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2NDExNzQ2NTkiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjNzIiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=says
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
6c789452bc4e7039-FRA
content-length
42
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=70098026&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&ul=en-us&de=UTF-8&dt=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=Tab%20Talk%20v2%20%7C%20Continue%20Reading-impressions-custom&el=(builder%20ID%3A%20322)%20-%20Variation%20Ratio%3A%2090%25&_u=aCjIiAABhAQCAC~&jid=393812872&gjid=100232621&cid=1424539265.1641174657&tid=UA-27970811-1&_gid=1181177475.1641174657&gtm=2wgc105WNLRMX&z=1304936779
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 03:11:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81575
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
log.api.useinsider.com/v2/ 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215L25ld3MvaGVyZXMtd2hlcmUteW91LWNhbi1jYWxsLWluLXRvLWdldC15b3VyLWNvdmlkLTE5LWJvb3N0ZXItc2hvdHMtaW4ta2xhbmctdmFsbGV5P19nYT0yLjI0OTUwNzIwNy4xNjQ0MzY1NTk2LjE2NDA5MjkwNzAtMTIwNjM3NDUwMy4xNjQwOTI5MDcwIiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkvbmV3cy9oZXJlcy13aGVyZS15b3UtY2FuLWNhbGwtaW4tdG8tZ2V0LXlvdXItY292aWQtMTktYm9vc3Rlci1zaG90cy1pbi1rbGFuZy12YWxsZXk%2FX2dhPTIuMjQ5NTA3MjA3LjE2NDQzNjU1OTYuMTY0MDkyOTA3MC0xMjA2Mzc0NTAzLjE2NDA5MjkwNzAiLCJ1c2VySWQiOiIxNjQxMTc0NjU4OTQ0M2RlYzJhYmM2Mi43OTc4MGU3MiIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6ImVqQTBjM0ZzWm00dE0yTmhlUzFyWW0xckxXWnRObll0WjNJeVpUUnZPVFpwWkRBMlh6RTJOREV4TnpRMk5Uaz0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2NDExNzQ2NTkiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjODEiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=says
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
6c789452bc507039-FRA
content-length
42
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=70098026&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&ul=en-us&de=UTF-8&dt=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=Cookie%20Consent%20Button%20Clicks-impressions-custom&el=(builder%20ID%3A%20382)%20-%20Variation%20Ratio%3A%2095%25&_u=aCjIiAABhAQCAG~&jid=&gjid=&cid=1424539265.1641174657&tid=UA-27970811-1&_gid=1181177475.1641174657&gtm=2wgc105WNLRMX&z=1614509725
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 03:11:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81575
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
log.api.useinsider.com/v2/ 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215L25ld3MvaGVyZXMtd2hlcmUteW91LWNhbi1jYWxsLWluLXRvLWdldC15b3VyLWNvdmlkLTE5LWJvb3N0ZXItc2hvdHMtaW4ta2xhbmctdmFsbGV5P19nYT0yLjI0OTUwNzIwNy4xNjQ0MzY1NTk2LjE2NDA5MjkwNzAtMTIwNjM3NDUwMy4xNjQwOTI5MDcwIiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkvbmV3cy9oZXJlcy13aGVyZS15b3UtY2FuLWNhbGwtaW4tdG8tZ2V0LXlvdXItY292aWQtMTktYm9vc3Rlci1zaG90cy1pbi1rbGFuZy12YWxsZXk%2FX2dhPTIuMjQ5NTA3MjA3LjE2NDQzNjU1OTYuMTY0MDkyOTA3MC0xMjA2Mzc0NTAzLjE2NDA5MjkwNzAiLCJ1c2VySWQiOiIxNjQxMTc0NjU4OTQ0M2RlYzJhYmM2Mi43OTc4MGU3MiIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6ImVqQTBjM0ZzWm00dE0yTmhlUzFyWW0xckxXWnRObll0WjNJeVpUUnZPVFpwWkRBMlh6RTJOREV4TnpRMk5Uaz0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2NDExNzQ2NTkiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjODciLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=says
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
6c789452cc6c7039-FRA
content-length
42
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=70098026&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&ul=en-us&de=UTF-8&dt=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=NST%20Suggested%20Articles%20Track-impressions-custom&el=(builder%20ID%3A%20438)%20-%20Variation%20Ratio%3A%2095%25&_u=aCjIiAABhAQCAG~&jid=&gjid=&cid=1424539265.1641174657&tid=UA-27970811-1&_gid=1181177475.1641174657&gtm=2wgc105WNLRMX&z=218004749
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 03:11:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81576
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CE3B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 28 Dec 2021 14:56:46 GMT
expires
Wed, 28 Dec 2022 14:56:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
471253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.js
eus.rubiconproject.com/ Frame 5556 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPSN2EKPSN2EK__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPSN2EKPSN2EK__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:50:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76507
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Mon, 03 Jan 2022 23:06:06 GMT
hit
hit.api.useinsider.com/ 		16 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hit.api.useinsider.com/hit
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Jan 2022 01:50:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
request-id
1309287c-9cd2-4e02-9e4a-eeeccaf82e4b
cf-ray
6c789452fc764a80-FRA
content-length
16
index.html
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		65 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
881e783c0fbff9c18d75a79588bee24c0ddda5ece31ff287d14faa86709bf54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Mon, 03 Jan 2022 01:50:59 GMT
expires
Tue, 03 Jan 2023 01:50:59 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2681 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthso9S_90rsw75iso_i0XBKV3-7e1ZqGa6ohsJ11D6dj1nkUYykPny_1AF8JPl1SbVqeXqxiNsEJyU5npRuwqKX_ql1OLkNA6j2wpUOvfGrgFAofxtHBtJ-QYEgVFpYqTULyap5q3xAaQ&sig=Cg0ArKJSzOrh2a8KWWvVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=218&cbvp=1&cstd=214&cisv=r20211207.56806&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 01:50:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync.php
pixel.rubiconproject.com/exchange/ Frame C5A4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220102-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2214
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
uLAMMjK6Cj1o0ZZ5sQHRoHOkdcLUXEIvEN7PhOlp5ZXXlV4aa5f9zn2eZTwwqALCs17iWIbHC4k=
x-served-by
cache-fra19124-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1641174659.069709,VS0,VE0
date
Mon, 03 Jan 2022 01:50:59 GMT
vary
Accept-Encoding
x-amz-request-id
590J5PE3MJ6GZF45
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
53
x-cache-hits
1981
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27970811-1&cid=1424539265.1641174657&jid=393812872&_u=aCjIiAABhAQCAG~&z=511110926
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hit
hit.api.useinsider.com/ 		16 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hit.api.useinsider.com/hit
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Jan 2022 01:50:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
request-id
c7faa242-db89-4163-905b-022242706e8f
cf-ray
6c7894536cca4a80-FRA
content-length
16
/
pips.taboola.com/ 		64 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b6e9eeb6e2523fe254d5e6ee3e30a14903f7f57f19832c8dd136fe49921d8181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:59 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19132-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://says.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
gwdpage_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		281 B
187 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
googbase_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		400 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:09 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame B2C8 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 20:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jan 2022 20:53:20 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		1 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2823
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1293
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9229
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Dec 2022 23:06:43 GMT
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame CE3B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 17:30:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
116443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 17:30:16 GMT
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00&uad=66a1a608da850df89c5d9f4aa6e3f6373be50db68f4caa532958a8e9a27f331f
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 03 Jan 2022 01:50:59 GMT
Cache-Control
no-store
Server
nginx
Connection
close
National2-Medium.woff
s0.2mdn.net/creatives/assets/4372196/ Frame B2C8 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4372196/National2-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e6fad9e5ec87bcda3f169e68173f0d99c792ec94f8586d7df8a4edb540d1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:49:55 GMT
x-content-type-options
nosniff
age
64
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46308
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 12:01:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jan 2022 02:04:55 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 1146 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=121793&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
googleads4.g.doubleclick.net/pcs/ Frame 2681 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthso9S_90rsw75iso_i0XBKV3-7e1ZqGa6ohsJ11D6dj1nkUYykPny_1AF8JPl1SbVqeXqxiNsEJyU5npRuwqKX_ql1OLkNA6j2wpUOvfGrgFAofxtHBtJ-QYEgVFpYqTULyap5q3xAaQ&sig=Cg0ArKJSzOrh2a8KWWvVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=375&vt=11&dtpt=157&dett=3&cstd=214&cisv=r20211207.56806&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: says.com
URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 01:50:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=135705784790940&bg=!ra6lrurNAAZKWFskSlg7ACkAdvg8Wgl5F4fq1F41Qr4LcbKt621GmzwyMH5zM5X540ljOcPLoY4pqQIAAAEzUgAAACVoAQcKAK-8RCMplHuIaQZXVVOO-eHxdaOiCjC3zu1m0rKzdS4Kot64TKzT2u4EdlEg-MoXRfg3umWUQK5AJafWGRJaBwpJNGPaK38RVCSD2r1ONGaHujZhE3i9yIZIzTzoCvDeBLVpz9FRfR4OWrbarJ6pmjI6-hUohm69DB2HBJDKlSNJVkhlXp28h5NbDfW_yNznl-J22_Yc_XeIioRZS2KqQ2t3EoKekKRTyju13BOR_ve1mQKrwR-2k-qgxyJvJL6YqNyoZmQOpU1CmLRuraJN_xlnLvH8wDZ4HsraZgXtEoG_fK62GBfmSjIFYD7jUTwYuTyr_r7telBeKBW9h25XIJ5_uk5PBuAbL1PgBsW-PmmWtd1lnDG6F9O-ORc5sNePbHrTyvFklKViLnVzl-uu36BgG6oyG8c7Ul17dVYkBbPXgJeem90ONO6VTGiTApFt7LSgihAzi3zgwEGC60hNG-RX4lvgedYSpYo_fFckMySBBNqxKQ2h4q5ESjx90xAJU535CGi6pWn9I552JqVR80cqLnaqiQQZLHuwrAmcW_WcAyug1_SwtWBM4Qx1VhKw1w4iLmWpg0m-sY5xBGNDq2WfMH8MlxWEW-PRgk-8rQcqko-zCzwsa9KqR4V8lnZ2AdBwzc3rToBst9w7vEWuUDnXc0zKahLs6VN1V9QztYeR0NcIdOZnrkdciQepEKYReNOEco-w9dP77nlKeHoPa5AnFrbbqawIffdHv7wsjqeRxVxguvHGvlZU_MdIiozjTEzmMYLgdlYuqNIJdzMG1KLL2X4lwNaswYkXtfUKINysCAlJhYuY9pH0HKTMnov4BAdTcxJZnWkNqBII7XA1ctT1_gZkb_hkfUhFv-qwSiaOvPftYmfamDRZfkxLk9vUOPMu8pZZ7g34yXvGS1SUDQuwSo0nXqIx6pjJjDs8DX3wF_Cc9el4JDUPZpANo38cZKCHm1DYMdEIAcsmTxEKZVUh0ISR0Hmrb7eIoXjuLmtjnDWrznkGF7GONs2ITnNZQbrXA1sERSXdOO1aD6xQ0bAg9pEKrNHtTSosyvJzeboAckHX9Auj88MjjCdMF3zlFxH94hDy3A-qaSzFrLFMsW2pO9jHY7uvhuQZCcHo1GmIuDehtvAuv9Fs2omi7dk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B2C8 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfbebe4a54ee825b9561efd60551145c07c5f2cb0774fcff1b8f768f8f34aea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 01:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4429
x-xss-protection
0
ww-logo.svg
s0.2mdn.net/sadbundle/18141009460309047531/ Frame B2C8 		861 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18141009460309047531/ww-logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02e5d19a183da192e043987b408ccc29f42f512819fff85ba46f8a678dbb1773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437868
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
483
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 13:22:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Dec 2022 00:13:11 GMT
60021267_20211209091510968_WW_Winter_Prospecting_Program1.jpg
s0.2mdn.net/ads/richmedia/studio/60021267/ Frame B2C8 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60021267/60021267_20211209091510968_WW_Winter_Prospecting_Program1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dbb0e9a1e4a7d82d4a339cf4a87d3b2d10711462f7588a906d4a3faba41a4c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18141009460309047531/index.html?e=69&leftOffset=0&topOffset=0&c=k0yCNuM1ue&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:42:51 GMT
x-content-type-options
nosniff
age
488
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13954
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 17:15:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jan 2022 01:42:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B2C8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 03 Jan 2022 01:50:59 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 0354 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 12:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
135897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 12:06:02 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2342 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugHTnpUdrDkUUMcDN0akzrlXQ8eorrzIq1uojPDM4q95zyex1MCx-zIecVZe83lI4sLXlAxHjANubJ95s6AOkgC4lh6DLrFdY1ehRd9mBSKrx6Af-ECQ&sai=AMfl-YSDlW4v81wVYBPfrffhTYGOsE7jGXWTmNrT8r_g7E6BYQbxmlEKsBlPFzqtWq6wu9Wxzw014pECq76yGQ-p-Hot-7r0HaFiJHLGfOiFKVw6AhMyeh8GIjSKCVi2&sig=Cg0ArKJSzOSKBArbMBRXEAE&cid=CAASPeRoAFWgFIkPlALyXz650JJoQrFUOqRiD3zhNmtqjyg7211KqlOgBJxIWib3LxrjhtPcGZ-8EahGRmGKIfk&id=ampim&o=315,205&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,0,1011,1011&tos=0,0,0,1011,0&tfs=572&tls=1583&g=100&h=100&tt=1584&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3455604261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE3B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGb8yglbSYYy8Ju-e7_UP0vqQiAMAAAAAOAHgBAI&bg=!nZ6lntrNAAZKWFskSlg7ACkAdvg8WqtCgnBX5sV4thu3ZW4pyo1I3ZOYqLDj9VvY0AXBQQBp0CviNQIAAACEUgAAABRoAQcKAD2GM_I71m2Kld4NAtQA4UwjObgC1063lT9cVoEVw3zeWk_ZT9fawlEGgFjgG3lRq5_0FpFe8R05DvHmYA2jmQMJPRQsZ7nIPJSqqMyRsgeI7AWa_Dg6NdFzqI-HkOV71lbf5I4gSi6aGJDLYr0qpF32uMJXQkt0Kaw_QJ2ZBohc_tGx8HZ1qdPnL1exnR5ymIwnWMzrVcN-fdRm-p0iJaPe8AaDkSyjXkYP7cHyUiqLBSkGZQu9UnyBmqxbgWW__RsFci2zJSSqiVvq7TNKqJ4UR0MkF7NEgqXgdq7Y9DH-g71GIEK6I2F9I5I1y5zXa_qknV3UcatdMLbPgam0dbq9yBwg2vl6UDHmjj8CItGiaZ3dMdzSVRISq4eWBjVodXWWg9r_eDwdV6n3GRKflxkAkR20EnnFOfPxJzpPR1Irfhig9HltqL1yvfMEoNraWOgFa4i-GfmB35EPJ_otYWHhL24sDD0W1tVRE8fWHxliss0jisY0mkWGXqj7QKMN5YnC2YXIONh0w6EmOOgtcR0wV3wDBf0HC7zsXT_mlW37_mw_dHDFT_Ks4La0xfYZQpOQB2ji-pXdGnrKm0nswKaoc0GjBIGkF0g5JFzL8AokII3rd9kZgbop_1__VNIxxrNv611qBw-YA-JgbUMj1JQ-d-VoD2m98v5W7abdJ51627rolxkeQnaiHEB9JZjYGvjE71z7L9NSndQGbEPH_UMk8qxmOfkJqrHu_VD1bZwZk7e3Anw-ePiWQEOApUY2rtT4syBC3KeogBonyAOjEq-bLgUzePo-9B558loUJaFZSeeOHaqPdTx3ZE3ZXXGjdjD8HGatrjIsZZQouOtezc__E0uTFNnVCjlnkb6ptWRlzkXqYnu8qn7f43C5P1tozLQoIZJh7HgjjGmJwoLq8sbkdlh_nTtQSAVz3HdolVEFu-X-2DsYHpUKwEHhLSSL83RwWqs3D7tGbNjjlo7NNlOhl-HT8i3nfMBrPdp7SwAL0NVr-5yftgyUHAB2atG0alLr89tKVq07SiaRid1ZkDheBt-m3gKa8I5uh5aqkAaunZOfWWwFWDTlCeu99vVbIT9S2M6czZMylvDdm019v1PSQb3HQYq5mED6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
f.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://says.com
date
Mon, 03 Jan 2022 01:50:59 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
data
bcp.crwdcntrl.net/6/ 		172 B
954 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d72b6ec00177e55b79d1e072f38d3fa54a53c1fa3b2ca3d4754c082606d2abed

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:50:59 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://says.com
cache-control
no-cache
x-server
10.45.9.28
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
172
expires
0
ca
choices.trustarc.com/ Frame 2681 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&w=728&h=90&c=tradedesk01cont1&js=pmw1&base=te-clr1-de16b237-8d2f-446b-81af-b5e51147c909&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
4f117f119dc946c4400c81a288ffea886808c8b3f9987c5c32426c1edea711d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 23:25:53 GMT
content-encoding
gzip
server
nginx
age
8705
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA6-C1
content-length
2415
x-amz-cf-id
vQgyJQ59r5ktBLSqd5VdBqO_wOaLgJLwL5PnJH5oiHi4142MwoI4MQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 2681 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&w=728&h=90&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:43:07 GMT
content-encoding
gzip
server
nginx
age
472
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
UsHCxKwihICWFbpdJ9cSUBz7lY5sfi30iOCsXzgf8MlW2SCt4_0c2w==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 2681 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&w=728&h=90&c=1639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:51:00 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
LiYGmNXbP1pByF2eeefi5fAMbzBW-rmjfLTczYB4S2E2ku6ti6ps6Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
get
choices.trustarc.com/ Frame 2681 		287 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Sun, 19 Dec 2021 06:27:51 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server
nginx
age
1279389
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
cBntEZEQ9Ki-SxbA3I3d6myRXzg0R0x4BgeMRmAhnu-RnLNQfdC-ig==
expires
Tue, 18 Jan 2022 06:27:51 GMT
get
choices.trustarc.com/ Frame 47C1 		287 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=r9vak6v_5llqzru_cx40n3a0&w=728&h=90&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Sun, 19 Dec 2021 06:27:51 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server
nginx
age
1279389
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
1nRLHQpoyWayUePViYbI7Bu3uJYPBdgxlcNrpoH3yIrbav9TerUNag==
expires
Tue, 18 Jan 2022 06:27:51 GMT
get
choices.trustarc.com/ Frame 47C1 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Mon, 13 Dec 2021 13:36:21 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server
nginx
age
1772079
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
content-length
739
x-amz-cf-id
KPVhnk0aqoGv_SUzBtmwRMIdONYmdTxK6p228-taZkEzCv67wFKAdQ==
expires
Wed, 12 Jan 2022 13:36:21 GMT
wl
t.pubmatic.com/ 		17 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=121793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:51:00 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
log_event
www.youtube.com/youtubei/v1/ Frame A06A 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/jz-pDMezRjA
X-YouTube-Client-Version
1.20211215.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtiOXBYUDlhRHhRVSiBrcmOBg%3D%3D
X-YouTube-Ad-Signals
dt=1641174658246&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C208&vis=1&wgl=true&ca_type=image&bid=ANyPxKqOVMAR3SVMmafuNroLCj2eVPF8jijCifbuNQ4IVy8qIBXyNeANsFF-ZO0CH_jjhF5s5OixZ0mOU20TWCRn8vxHvmm1zQ

Response headers

date
Mon, 03 Jan 2022 01:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 03 Jan 2022 01:51:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 7C3A 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/WDILsWklJuw
X-YouTube-Client-Version
1.20211215.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtRRjVOMWdGeHpFayiBrcmOBg%3D%3D
X-YouTube-Ad-Signals
dt=1641174658281&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C208&vis=1&wgl=true&ca_type=image&bid=ANyPxKrOVJi4TfNNSICvfBugTLoq23h5ab-NkqkYr_razRqPr-x4PipGlLRMxnzYLQAjsHjqFNoX1IfJSTseeR3kkQRydkI32A

Response headers

date
Mon, 03 Jan 2022 01:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 03 Jan 2022 01:51:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=70098026&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070&ul=en-us&de=UTF-8&dt=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Views%20Tracker&ea=Seconds%20Views&el=5%20second%20Views&ev=0&_u=aCjICAABhAQCAG~&jid=&gjid=&cid=1424539265.1641174657&tid=UA-27970811-1&_gid=1181177475.1641174657&gtm=2wgc105WNLRMX&z=2011783060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 03:11:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81578
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40says.com&g=65124&p=https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1630957451%2Fwfab3cziarj38ir2xhww.mp4&i=&g0=news&g1=may%20vin%20ang&u=DxSvkSCk56-tD-xhoh&t=SLA5FBbn2RNIKiInDebvjbBEeNQE&x=0&y=0&V=129&VS=H5&n=1&b=1386&r=&_vd=3000&_vi=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&_vp=says.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&_vh=says.com&_pu=B1lm2uCC7BOiS2SCh&_pt=DT0pdg8E8Y4C_vZ0xCL_dqKChbXrC&_pr=&_vdd=says.com&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.002&_vpt=0&_vaup=auto&_vce=0&c=0&W=0&R=0&I=1&E=0&j=75&tz=0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.74.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-74-96.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:51:02 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40says.com&g=65124&p=https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1634217075%2Ffdnwckx1qehhn3koeztn.mp4&i=&g0=news&g1=may%20vin%20ang&u=DxSvkSCk56-tD-xhoh&t=Rv3CvBmDLRDDkq0IRDzrb0JDYUyhq&x=0&y=0&V=129&VS=H5&n=1&b=1386&r=&_vd=8875&_vi=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&_vp=says.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&_vh=says.com&_pu=B1lm2uCC7BOiS2SCh&_pt=DT0pdg8E8Y4C_vZ0xCL_dqKChbXrC&_pr=&_vdd=says.com&_vt=ct&_vs=s2&_vcs=0&_vbr=-1&_vvs=0.001&_vpt=4066&_vaup=auto&_vce=0&c=0&W=0&R=1&I=0&E=0&j=20&tz=0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.74.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-74-96.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:51:02 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40says.com&g=65124&p=https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1630957451%2Fwfab3cziarj38ir2xhww.mp4&i=&g0=news&g1=may%20vin%20ang&u=DxSvkSCk56-tD-xhoh&t=CVHzGbBv414YCgFgN8CXjO6aSP-aO&x=0&y=0&V=129&VS=H5&n=1&b=1386&r=&_vd=3000&_vi=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&_vp=says.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&_vh=says.com&_pu=B1lm2uCC7BOiS2SCh&_pt=DT0pdg8E8Y4C_vZ0xCL_dqKChbXrC&_pr=&_vdd=says.com&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.002&_vpt=0&_vaup=auto&_vce=0&c=0&W=0&R=0&I=1&E=0&j=75&tz=0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.74.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-74-96.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:51:02 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40says.com&g=65124&p=https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1634217075%2Ffdnwckx1qehhn3koeztn.mp4&i=&g0=news&g1=may%20vin%20ang&u=DxSvkSCk56-tD-xhoh&t=CVGZEoD5AhZtCUOW2WDcIdDADLV9FL&x=0&y=0&V=129&VS=H5&n=1&b=1386&r=&_vd=8875&_vi=Here%27s%20Where%20You%20Can%20Call%20In%20To%20Get%20Your%20COVID-19%20Booster%20Shots%20In%20Klang%20Valley&_vp=says.com%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&_vh=says.com&_pu=B1lm2uCC7BOiS2SCh&_pt=DT0pdg8E8Y4C_vZ0xCL_dqKChbXrC&_pr=&_vdd=says.com&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.001&_vpt=0&_vaup=auto&_vce=0&c=0&W=0&R=0&I=1&E=0&j=75&tz=0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.74.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-74-96.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:51:02 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=says.com&p=%2Fmy%2Fnews%2Fheres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley&u=B1lm2uCC7BOiS2SCh&d=says.com&g=65124&g0=news&g1=may%20vin%20ang&n=1&f=00001&c=0.1&x=0&m=0&y=7970&o=1600&w=1200&j=30&R=1&W=0&I=0&E=6&e=6&r=&b=1386&_s=%7B%22ga%22%3Anull%7D&t=DT0pdg8E8Y4C_vZ0xCL_dqKChbXrC&V=129&tz=0&_vi=&_vp=https://cdn.taboola.com/libtrc/static/video/v1634217075/fdnwckx1qehhn3koeztn.mp4&_vdd=video%40says.com&_vs=s1&_vt=ct&_vap=&_vtn=&_vd=8875&sn=2&sv=Cm-JdPBaIxuTDvX_00BqDlWWD5oUeU&sd=1&im=067b2ef3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.74.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-74-96.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 01:51:03 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0

Verdicts & Comments Add Verdict or Comment

422 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| __cfQR object| __cfBeacon number| _sf_startpt string| envTargeting string| env object| dfpTargetingParams object| PWT object| googletag object| lotame_11139 function| fbq function| _fbq object| ggeac object| google_js_reporting_queue function| Popper object| cookieConsent function| LazyLoad function| buildPrivatePub function| loadNextStory function| premiumHeader function| reCalcAffix function| validateImage function| popupCenter object| PrivatePub boolean| scrollLock object| resizeTimer object| Says object| isMobile boolean| searching function| $ function| jQuery object| jQuery112406318251456645783 function| autosize function| _ object| NProgress function| EventEmitter object| eventie function| imagesLoaded function| CoverImageCropper function| swal function| sweetAlert function| Instafeed object| bootstrap object| _taboola object| dataLayer function| fbAsyncInit object| _comscore object| defaultParams object| cookieMain object| wrapper object| setting object| settingContent object| acceptBtn string| seurl function| showFlash boolean| __cfRLUnblockHandlers function| lotameIsCompatible function| lt11139_ba function| lt11139_b undefined| lt11139_c undefined| lt11139_ca undefined| lt11139_da function| lt11139_ea object| lt11139_fa function| lt11139_ga function| lt11139_ha object| lt11139_ object| lt11139_6 function| lt11139_aa function| lt11139_a function| lt11139_d function| lt11139_e function| lt11139_f function| lt11139_g function| lt11139_h function| lt11139_i function| lt11139_j function| lt11139_ja function| lt11139_ia function| lt11139_k function| lt11139_l function| lt11139_ka function| lt11139_m function| lt11139_n function| lt11139_o function| lt11139_p function| lt11139_q function| lt11139_oa function| lt11139_la function| lt11139_ma function| lt11139_s function| lt11139_na function| lt11139_t function| lt11139_u function| lt11139_v function| lt11139_r function| lt11139_w function| lt11139_x function| lt11139_y function| lt11139_z function| lt11139_pa function| lt11139_A function| lt11139_B function| lt11139_qa function| lt11139_C function| lt11139_D function| lt11139_E function| lt11139_ra function| lt11139_G function| lt11139_H function| lt11139_F function| lt11139_sa function| lt11139_I function| lt11139_J function| lt11139_ta function| lt11139_ua function| lt11139_K function| lt11139_va function| lt11139_wa function| lt11139_xa function| lt11139_Ba function| lt11139_ya function| lt11139_za function| lt11139_Aa function| lt11139_Ca function| lt11139_Ea function| lt11139_Da function| lt11139_L function| lt11139_Fa function| lt11139_Ga function| lt11139_Ha function| lt11139_Ia function| lt11139_Ja function| lt11139_Ka function| lt11139_La function| lt11139_Ma function| lt11139_Na function| lt11139_M function| lt11139_N function| lt11139_O function| lt11139_P function| lt11139_Q function| lt11139_R function| lt11139_S function| lt11139_T function| lt11139_U function| lt11139_V function| lt11139_W function| lt11139_X function| lt11139_Y function| lt11139_Z function| lt11139__ function| lt11139_0 function| lt11139_2 function| lt11139_Oa function| lt11139_Qa function| lt11139_Pa function| lt11139_3 function| lt11139_Ra function| lt11139_1 function| lt11139_Sa function| lt11139_Ta function| lt11139_Ua function| lt11139_Va function| lt11139_Wa function| lt11139_Xa function| lt11139_4 function| lt11139_5 function| lt11139_Ya function| lt11139_Za function| lt11139__a function| lt11139_0a function| lt11139_1a function| lt11139_2a function| lt11139_3a function| lt11139_4a function| lt11139_5a function| lt11139_7 function| lt11139_8 function| lt11139_8a function| lt11139_9a function| lt11139_7a function| lt11139_6a function| lt11139_ab function| lt11139_$a function| lt11139_cb function| lt11139_bb function| lt11139_db function| lt11139_eb function| lt11139_fb function| lt11139_gb function| lt11139_hb function| lt11139_ib function| lt11139_kb function| lt11139_nb function| lt11139_mb function| lt11139_jb function| lt11139_qb function| lt11139_lb function| lt11139_ob function| lt11139_sb function| lt11139_rb function| lt11139_tb function| lt11139_pb function| lt11139_ub function| lt11139_vb function| lt11139_wb function| lt11139_9 function| lt11139_xb function| lt11139_yb function| lt11139_zb function| lt11139_Ab function| lt11139_Bb function| lt11139_$ function| lt11139_Cb function| lt11139_Db function| lt11139_Eb function| lt11139_Fb function| lt11139_Gb function| lt11139_Ib function| lt11139_Jb function| lt11139_Kb function| lt11139_Hb object| __twttrll object| twttr object| __twttr function| AlgoliaSearch function| AlgoliaSearchHelper function| AlgoliaExplainResults object| ALGOLIA_MIGRATION_LAYER object| __algolia function| algoliasearch function| algoliasearchHelper function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key undefined| google_measure_js_timing object| google_reactive_ads_global_state object| FB function| udm_ object| ns_p object| COMSCORE object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| _sf_async_config string| fetchKeyword string| str object| patt boolean| res function| twq function| clarity object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| gaplugins function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id string| prop object| msgData object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| gaData function| _UA-27970811-1_sendHitTask object| placementData function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| image string| nam object| _tfa object| gsapVersions string| $attrib object| $hits object| SaysDevice object| _cb_shared object| _cbv string| __INSIDER_SCRIPT_VERSION_says__ object| cmTag function| pm function| sQuery object| spApi object| Insider boolean| _tb_vd_pg object| tbopt object| GoogleGcLKhOms object| _cbm object| ampInaboxIframes object| ampInaboxPendingMessages object| _cm_wfCounters object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies function| onYouTubeIframeAPIReady object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| webpackHotUpdate function| startCMTagMain string| originalTitle object| google_image_requests number| el

104 Cookies

Domain/Path Name / Value
says.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.says.com/ Name: pbjs-pubCommonId
Value: 8ef10dff-3f63-4863-a303-f76e8e75cc0b
.scorecardresearch.com/ Name: UID
Value: 18Z7EWAIPECPCFWWVJ8WBOg1641174657
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_domain
Value: .cc.says.com
.crwdcntrl.net/ Name: _cc_id
Value: 1a3dac1642ccf6b07e14f4f8e9d32b85
.says.com/ Name: _cc_id
Value: 1a3dac1642ccf6b07e14f4f8e9d32b85
.says.com/ Name: _cc_cc
Value: ACZ4XmNQMEw0TklMNjQzMUpOTjNLMjBPNTRJM0mzSLVMMTZKsjBlAILES2ENIBoCeI683iLC%2BMSC4T8jI8PNWa26MPbxTVNYGJvDweIfP1vCmM8Wz4ELHz96iBkmvnvfZQEY%2BzCSmukn1GHC75YgtF79sVYHJr5mw1NuGBsA4vc8dw%3D%3D
.says.com/ Name: _cc_aud
Value: ABR4XmNgYGBIvBTWAKQggImB8cZSEJPlKCeQBABLlQRc
says.com/ Name: cto_bidid
Value: njwZ5V9DZENWV3dxUGF5TTRvUWdpdyUyQnlKcFpCeTF1Y2JOVElHVnRaQWZQZmpvTEN5elFtSzFVOGQ3d3huVlAyZDFZODUyN3klMkZQcmF6OEprMlIwdXJsZFJzM1ElM0QlM0Q
says.com/ Name: cto_bundle
Value: TuHM8l90UCUyRkRWcGpTN3E2RGlPUlJ0V2Z4Wm5sYUl5WUE1amdBZnlIajFVZmtHWk56cUVxeVR4WSUyQm5xeFZyZFdaM0NYZTBnZ3IzaUEzaXlndFkwV0RyZ2toU2kxWGpLNW9XSTRHUkolMkJDT0RZZ3glMkJmaDJKNkRuU1JWd2lYdW40eW80VlJP
www.clarity.ms/ Name: CLID
Value: a77ae92438374d76a7e0413f1be498b0.20220103.20230103
.rlcdn.com/ Name: rlas3
Value: H1sdx4m1NvYdaxJceAqs2th7stDYrWENyjzXPtx6VO4=
.rlcdn.com/ Name: pxrc
Value: CAA=
.adnxs.com/ Name: uuid2
Value: 58118359780705262
.twitter.com/ Name: personalization_id
Value: "v1_VCY444jO4CPEQVUv0p5/aA=="
.says.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.says.com/ Name: _ga
Value: GA1.2.1424539265.1641174657
.says.com/ Name: _gid
Value: GA1.2.1181177475.1641174657
.says.com/ Name: _gat_UA-27970811-1
Value: 1
.casalemedia.com/ Name: CMID
Value: YdJWgI9SKrAigR8Y6xS4wwAA
.casalemedia.com/ Name: CMPS
Value: 5223
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 118016C3-32FE-4D31-9E24-716BFDCF41AC
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 121793:2
.pubmatic.com/ Name: DPSync3
Value: 1642377600%3A219_201_197%7C1641254400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1642377600%3A220_56_55_161_54_3_71_22_8_21_13_7_234_233%7C1642464000%3A35%7C1641772800%3A223_15_2%7C1643760000%3A203%7C1642032000%3A63
.casalemedia.com/ Name: CMPRO
Value: 1209
says.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D24531a84-6809-4ede-acf4-3f0819530eec-tuct8cbdc00
says.com/ Name: _tb_sess_r
Value:
says.com/ Name: _tb_t_ppg
Value: https%3A//says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley%3F_ga%3D2.249507207.1644365596.1640929070-1206374503.1640929070
.says.com/ Name: _fbp
Value: fb.1.1641174657194.1565695168
.c.bing.com/ Name: SRM_B
Value: 3938795AD3FB6F5510B6687BD2906E79
.casalemedia.com/ Name: CMST
Value: YdJWgGHSVoEA
.quantserve.com/ Name: d
Value: EOsBCwGOJfijAA
.quantserve.com/ Name: mc
Value: 61d25681-3ae10-813cb-6b74c
.adfarm1.adition.com/ Name: UserID1
Value: 7048791478841702549
.mathtag.com/ Name: uuid
Value: 656061d2-5681-4100-8a29-56cf4c73c31f
.simpli.fi/ Name: suid
Value: 76718656E5B44A8AB1EA615527E1AE42
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-58118359780705262&KRTB&23339-58118359780705262
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECv5wFuJxeFupTYtHoJgOUM&KRTB&16514-CAESECv5wFuJxeFupTYtHoJgOUM&KRTB&23025-CAESECv5wFuJxeFupTYtHoJgOUM
.adform.net/ Name: C
Value: 1
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3938795AD3FB6F5510B6687BD2906E79
.c.clarity.ms/ Name: ANONCHK
Value: 0
.de17a.com/ Name: guid2
Value: 1.5518196809362772532
.adform.net/ Name: uid
Value: 537624061829043149
says.com/ Name: _cb_ls
Value: 1
.adsrvr.org/ Name: TDID
Value: e8670499-52a2-4208-8129-cce31db99c55
.yahoo.com/ Name: A3
Value: d=AQABBIFW0mECELHFIvm2xCicn1SvUmIdEJwFEgEBAQGo02HcYQAAAAAA_eMAAA&S=AQAAAufJr7gf8QWn4-MjwdeHKZs
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-1bhbGda_BxrOul5O0rkSE9K6XEnOv10c1-pMC-LV&KRTB&19420-1bhbGda_BxrOul5O0rkSE9K6XEnOv10c1-pMC-LV&KRTB&22979-1bhbGda_BxrOul5O0rkSE9K6XEnOv10c1-pMC-LV
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5518196809362772532
.bidswitch.net/ Name: tuuid
Value: 5452ea25-dd70-4a72-94ca-65c379242b52
.bidswitch.net/ Name: c
Value: 1641174657
.bidswitch.net/ Name: tuuid_lu
Value: 1641174657
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7048791478841702549
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:656061d2-5681-4100-8a29-56cf4c73c31f&KRTB&16736-uid:656061d2-5681-4100-8a29-56cf4c73c31f&KRTB&23019-uid:656061d2-5681-4100-8a29-56cf4c73c31f&KRTB&23208-uid:656061d2-5681-4100-8a29-56cf4c73c31f
.turn.com/ Name: uid
Value: 7880709546110963018
.doubleclick.net/ Name: IDE
Value: AHWqTUkqNP34oetS7nI_PnjiVr9OIlegjL4MnHlpilZv5ZnUduB5ct9yC5fCDASPdQs
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YdJWgQACrDaoqwAF
.youtube.com/ Name: YSC
Value: _THAT7Pjo3o
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: b9pXP9aDxQU
.casalemedia.com/ Name: CMRUM3
Value: e661d256802760&be61d2568005a0&2d61d256812760CAESEHFCjiE7TD_iJ8gfwgcMJpo&f161d2568005a0&5861d2568005a0&bf61d2568005a0&2761d256800b40&0d61d256812760%7Bamob_user_id%7D
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YdJWgQACrDaoqwAF&KRTB&22978-YdJWgQACrDaoqwAF&KRTB&23194-YdJWgQACrDaoqwAF&KRTB&23209-YdJWgQACrDaoqwAF
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-537624061829043149&KRTB&23263-537624061829043149
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7880709546110963018
.onaudience.com/ Name: cookie
Value: 9ed439b40d2f637c
.onaudience.com/ Name: done_redirects147
Value: 1
.says.com/ Name: __gads
Value: ID=90614f3fde38634f:T=1641174656:S=ALNI_Ma9Vb1fcqVSebQh7u-8rlKPb6tNqQ
.says.com/ Name: _clck
Value: 5ikofh|1|ext|0
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0a31e6b4-ae72-44a6-4a86-ce2369b87e0b.N1Sdl9wqem9Mly8IUO60R5y1ktFXCNGFwJsizNRQG40
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-0a31e6b4-ae72-44a6-4a86-ce2369b87e0b%24ip%2491.199.118.72.XG2ubTVy868r7S8y4ESmUOw0uEEqu0oVjqsVvlJfQWc
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e8670499-52a2-4208-8129-cce31db99c55&KRTB&22918-e8670499-52a2-4208-8129-cce31db99c55&KRTB&23031-e8670499-52a2-4208-8129-cce31db99c55
.pubmatic.com/ Name: PugT
Value: 1641174657
.admixer.net/ Name: am-uid
Value: cdb7aaf7ee454d5a8b91c53589d4a72b
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-CjHmtK5yRKZKhs4jabh-C1vHdkg
says.com/ Name: _cb
Value: B1lm2uCC7BOiS2SCh
says.com/ Name: _chartbeat2
Value: .1641174657710.1641174657710.1.Cm-JdPBaIxuTDvX_00BqDlWWD5oUeU.1
says.com/ Name: _cb_svref
Value: null
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-5452ea25-dd70-4a72-94ca-65c379242b52
.says.com/ Name: _clsk
Value: egzozy|1641174657938|1|1|f.clarity.ms/collect
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi29JLLsJmnOhAFGAU4AUIEIgIIAQ..
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~22g1:195y~22g1"
.onaudience.com/ Name: done_redirects161
Value: 1
.spotxchange.com/ Name: audience
Value: 98a53854-6c37-11ec-9ed0-174deb1e0206
.doubleclick.net/ Name: DSID
Value: NO_DATA
.taboola.com/ Name: t_gid
Value: f90c4ceb-abcf-45d7-bb1e-794f66c5b9a7-tuct8cbdc02
.exelator.com/ Name: EE
Value: "0159e0925a81f04a556541d094630e6d"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHA0NQy1cDSyDTRwjDNwCTR1NTM1MQwxcDSxMzYINUsZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F7%252Be7CAAoKCkV"
says.com/ Name: _lr_retry_request
Value: true
says.com/ Name: _lr_env_src_ats
Value: false
.getrockerbox.com/ Name: uuid
Value: 58118359780705262
says.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%22e8670499-52a2-4208-8129-cce31db99c55%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-12-03T01%3A50%3A58%22%7D
.says.com/ Name: panoramaId_expiry
Value: 1641261058671
says.com/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-01-03T01%3A50%3A58.762479Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.says.api.useinsider.com/ Name: insdrPushCookieStatus
Value: true
.says.com/ Name: _dc_gtm_UA-27970811-1
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1641174658
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEw0TklMNjQzMUpOTjNLMjBPNTRJM0mzSLVMMTZKsjBlAILES2HNf%2F%2F%2F%2F88P4oABz5HXW0QYn1gw%2FGdkZLg5q1UXxj6%2BaQoLY3M4WPzjZ0sY89niOXDh40cPMcPEd%2B%2B7LABjH0ZSM%2F2EOkz43RKE1qs%2F1urAxNdseMoNYwMAhWlAgw%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIvBTWDKQggImB8cZSEJPlKCeQBABL4ARf"
says.com/ Name: _v__chartbeat3
Value: DxSvkSCk56-tD-xhoh

11 Console Messages

Source Level URL
Text
network error URL: https://themalaysianreserve.com/wp-content/uploads/2021/12/Futsal-League-FAM.jpg
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://themalaysianreserve.com/wp-content/uploads/2021/05/04TR003A1-1.jpg
Message:
Failed to load resource: the server responded with a status of 503 ()
other warning URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A preload for 'https://says.com/foodpanda/sto.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://c16d-35-240-187-111.ngrok.io/pcto.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://says.com/my/news/heres-where-you-can-call-in-to-get-your-covid-19-booster-shots-in-klang-valley?_ga=2.249507207.1644365596.1640929070-1206374503.1640929070
Message:
The resource https://says.com/foodpanda/sto.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
analytics.twitter.com
api.rlcdn.com
assets.nst.com.my
bcp.crwdcntrl.net
c.bing.com
c.clarity.ms
c1.adform.net
c16d-35-240-187-111.ngrok.io
cdn.ampproject.org
cdn.jsdelivr.net
cdn.skypack.dev
cdn.syndication.twimg.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
connect.facebook.net
csync.loopme.me
d21886da91b800743c6a410993b95b15.safeframe.googlesyndication.com
d5p.de17a.com
de1-bid.adsrvr.org
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hit.api.useinsider.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.says.com
images.taboola.com
imprammp.taboola.com
inv-nets.admixer.net
js-sec.indexww.com
loada.exelator.com
location.api.useinsider.com
log.api.useinsider.com
mab.chartbeat.com
match.adsrvr.org
mediaprima-d.openx.net
metrics.getrockerbox.com
mug.criteo.com
odr.mookie1.com
p.typekit.net
pagead2.googlesyndication.com
pbs.twimg.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
policy.revasia.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
pubmatic-match.dotomi.com
s.amazon-adsystem.com
s0.2mdn.net
says.api.useinsider.com
says.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.chartbeat.com
static.cloudflareinsights.com
static.doubleclick.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.adotmob.com
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
syndication.twitter.com
t.co
t.pubmatic.com
taboola-supply-partners.tremorhub.com
tags.bluekai.com
tags.crwdcntrl.net
themalaysianreserve.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
use.typekit.net
vidstat.taboola.com
widget.perfectmarket.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.111.215.191
104.244.42.136
104.244.42.197
104.244.42.3
13.32.27.92
13.35.253.104
13.35.253.71
141.226.224.32
141.226.228.48
141.95.3.9
142.250.184.194
142.250.184.230
142.250.185.226
142.250.186.130
146.0.227.110
151.101.129.44
151.101.2.49
151.101.65.181
169.50.137.182
172.67.177.215
178.250.2.146
178.250.2.151
18.156.0.31
18.204.74.96
185.183.112.148
185.29.132.245
185.33.220.241
185.33.223.38
185.64.189.110
185.64.189.112
185.64.189.226
185.64.190.78
185.64.190.80
185.64.190.81
185.86.139.96
185.94.180.126
198.47.127.20
199.232.136.157
2.18.232.130
2.18.233.180
2.18.234.21
20.84.22.197
2001:678:cb4:bbbb::11
213.155.156.166
216.58.212.130
23.37.38.181
23.37.42.132
23.79.143.124
23.88.75.188
2600:1f16:d83:1200::6e:0
2600:1f18:612b:4200:43f8:c79a:f116:17d6
2600:9000:2057:5000:18:1fcd:34f:cdc1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:c52
2606:4700:3035::ac43:a9b3
2606:4700::6810:125e
2606:4700::6810:5914
2606:4700::6810:5f41
2606:4700::6811:a972
2606:4700::6811:aa72
2606:4700::6811:ab72
2606:4700::6812:12ee
2606:4700::6812:c50
2606:4700::6812:eec
2620:116:800d:21:ee05:6a01:4b41:8c89
2620:1ec:27::cafe:1799
2620:1ec:c11::200
2a00:1450:4001:801::2004
2a00:1450:4001:801::2008
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:809::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2016
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c06::9b
2a02:2638:1::13
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
2a02:fa8:8806:13::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::300
2a04:4e42:400::714
2a05:d018:d29:3601:6aba:1333:1e2b:7cf5
34.120.133.55
34.254.143.3
34.98.67.61
35.244.159.8
35.244.174.68
37.157.6.242
44.231.49.84
51.222.80.231
52.142.114.2
52.200.181.105
52.223.40.198
52.29.51.56
52.46.154.242
63.35.242.195
65.9.58.29
66.155.71.149
69.173.144.139
69.173.144.165
76.223.26.175
85.114.159.93
002d724acda8da4e44a859de9536f5f6bb3c728b7fbcda456703138b4e02881a
015fe53a47903430d7d5cdeea266d92571be3e535ed9321bf1db9ea2c6363746
02e5d19a183da192e043987b408ccc29f42f512819fff85ba46f8a678dbb1773
0382a06b8e3ec31595098573a3dbfd2d17b458498c1aa3b485741b0413777a9c
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
03ae59e8c73a807a1a1cd743ff73952fdf5daf285b96f01781e124468531401d
05328c0e9fdc275a3a633409a0967476791cfa67b1f7fa94a71c585423ed2c65
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce0e50357bc73930442b4473603a6752592688b8eeae3458e34b5b9e2e87d6c
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e679b9741ec5e6d0c0f19f2cda0c2232fc33548c7fd828f4ebaf2aac0a82a47
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c748318ff42d318458ecde073d66441c47dfa28d941be5f42694fc4e02a0ac
131670c344a1c5951ebc2d33a634177924e089fcb43272238df6292846c698aa
1608980c6f4deb0e238ce9af217e69059535d627e4d9fa8adc9908661912b3a1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1928dc2b2ee127bbc7cbd955ec925315d8fbf150e1db4bea35263b0bb0afc98d
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1bea71d07ca30415d598ea3dfbe6641f5aa63fe0414d3c27ed6bd0e89c603439
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cde3c5f27b09d488d79031a4de833bad306e69fc1d5cbc90defb72022405045
1dda90b6dceede532557409907964cd275e73aba22fed2e522534eb22ceed692
1e07a613e9bddb0f5fe531de69ddbe1fe6f277599a8cbd58b1e722df737b2fa3
1ee8f4cd45f3d34a0ae043ca187b991018cf9691cb54172c469d3e13f77b77dd
1f12abca7dec3f6a510ae3f85dd99c76a46a61fa3dfe3514993dec9996b2a0cd
1fecaf8fcb78c537e1c1e6cee00ec28b8f2e6c5b2799df77986f82d71b5d1409
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
22483f55f29bb80fcd2640f8ce075b6e79b1748a24be7b87668ead1cc6b96203
226fc7898f6ff88dcef4fd920484039471618de0c2da72c07f7218a23f38b00f
23ab4ea1c4f1729e22396f5dcdb10c46212588c44d475e24b4a8c507da9d1a5b
24d9e0f6522e72566665a7620816f192758408c4477c682218bfb67cf56de488
256de1accbccc4ffee65cf0ae6ddda99d1a056e669ddb390c959b942df9a5358
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
272a4b456695415e12644c3f9728f1b1ecf84779774b4e529f5f956b3859698d
29c9d493c37f54747b9c02fffde690a9f8cb87f4e1897f9b0f3205eff4758975
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b66dac769ca65569588193995405f8bd1cd28cbaaa44020725a3de793a72bd4
2c110224eb23f708bb35bfd429462d0b9d95f901dafe821ff95f0f9586e149a8
2cfe3860cbed1aadb7413754ecab66c5e58561a48cced4efa2f0a4a294cd39d1
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dbb0e9a1e4a7d82d4a339cf4a87d3b2d10711462f7588a906d4a3faba41a4c1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37645426ce26dbf2364457c3cd3c9d234bbf7f2c7d19f5fb6ccd65cc07742eba
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3bbdc875c6dc4aa773d239725eedfc8d16b83e62e7666af63067afd8b593d386
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f28a8892351db10165e0cf02f2de82aff11b77be08aeed016c54c1548a353f5
3f4c346921a67cc975117e73b2530434831558cd3b85a37b6fbde7273f376e34
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4115aac8457d766b62d8088e6986923b4240ca353ad95df2fa7bb9aa7205786a
4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef
41ffc3dc8ad717f17d0a2ca8e1fa128a6882bac0dc881fab0029b46fc66453c2
440d29dd54c0a414b7a7318f0f0f8534e8499759c5460dd6b87c7013f4c000a6
444ec93a8e238a11757a5339a337c7766b716ea3837b706f6de08574f6e260c6
45656c1bf226209801446005c2055eaf3ec4e64c25ab34b4aa6748b5dd0ce742
45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512
461a52763d7cd68bb6e9201bf4b36203e0e1a8fe5b5ea7359ce51f6d61118b95
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4cbd21c111ccfb849e7518531d43741187571092e43d6a7d0bc255ce6a25b368
4d03ca7f3ce7f1698643944490152dd091759abaae48a654dcb8c0e1fff69094
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4f117f119dc946c4400c81a288ffea886808c8b3f9987c5c32426c1edea711d7
4f524854030f6ced460c57fc5cb2267acf50edba35ce3a8b7a5c1084dfdaf337
4f5ece0f2889248fde0b4145bf691b0c8b02600de4e2291b14e8de5324a746b7
4fad67b84e430714025aeeb2827aadb769bc6c36ce2818d7e5540fb6be1be063
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
519df7f6c1ab12884b2ecc9ed4d7740aa85e828a8eaa062facbb5102ced5cf76
522cff3b503d4b7d21cd86390d5b5aaf28899e5d3ff402692a73ee540915466f
53109bce55f07f198fc8da502de83e354222a3b18de7b4eb3d21d796d0409bbb
53ecf00a5c44a03ded9505807d176e27a50457949e6f2474576a170638e7a1f1
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d6325ee2a4fecf57fc3ec7127d57d195b8ed3f83d3c66a04bc9ea18e623df0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4447ef4df513c0f5bc6dff8232177b177b1655ec4e9023ed0d0e4f2fe22da
55ff52a61ccee4bb9f0e3ac8b02354ae6dfa23c7af78b83a5d373a599a22003d
57a4bb5c5fad1da04cf1d43c824c9117e6ae12d5fca469fd4e525e216fb37761
587f830653181030ee20cc03bd0c60ab1066fc6d6a408b9a03ffe90e6b866e36
599484f5458509339918e4b0c0cc0725214382038f76b41beeffca2fdb085ca9
5b3ff6be3b5ab2d387f0233bb726a0d809570a565ca0e64a42a16a93d23b4b27
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5c079ba4e53b2aa20e080bf0c09862a66c8713e6cda440154173fe63be0db87b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ee5c52e7f3e4ade63370d2962b8860f64c8c85c359415a3e287f5451a4b8d84
5fdd431164083bc93ddc3a108b2cf12e939dbd75018410f851da642d410f895c
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61197d325d2be46142871abfe1c675a937f44c41f387643432039f08eac4abe4
614746b52a14c73782d6bebd9bf0c4ff0466d1a1a652882ee2c7b75eb680bfc9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
65f9884c915c66eb996b132ee5711a0066a1675a1b89f2e45ca0a3a09138ed2d
66447cfc636542b4acdb280f4d41993dd18718ba71c208ef9b74f24ca508353d
66e6fad9e5ec87bcda3f169e68173f0d99c792ec94f8586d7df8a4edb540d1e5
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
698bee2a8b2563960756a7a23ef7c9fa59dcc8fd7633bc0c53e5279045a11b24
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af528723378d8817f596b467061a2689f2cba6063b8d778959f17f8cf266c12
6b10f883def52bf750108380619e4a877f34377cb8867d845d97b6d002259091
6d4a5a8296ca52691fde29abc2b8cd81c06ce8717a4b703ef1221bcd01e1d8dc
70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8
7179469e537ed7ed9e237251f8fc31b5961c3d7e5249ce40458591962c99dab4
71f4a6b13f5d5b9c56c3c3e769b5914c7e5738b295477d9c42caa75101a1ec06
721cb40da5eddb6b81df8ca37deabc89c9e3c4fec8e4a93506fedb996cf3c65c
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
76d2322d49a00d326f0f1a895eff4041618a76d0973d09c1576bf929bd4f4b25
78030d1a8fa7efb4f8ca770b673f4a84954574ee9735ef901b619dab534ed521
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00
7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c
7ca79b17283dd424f6e491d2effc14b0a4861b5c8ea6580950551ba8e49b948a
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db
7e99cae469202590f2a4c1afb6fb984d8a842cabebc849559c3659e1c93bd5f8
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
827e1cc5ceab64c27099667906a29a8f2e5ac4e8928b0c61100e27c4dc610b45
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8574539c14558b21ac335278fc3b06e69dbd3023caa7946d92e5d9f5e7af4a9c
8746fab60d1d007ab70553af82dc75231368ae5d33ab4a2ea197b82eb6dd545e
87d95fb7457887e26f8b993648dcdfb7fae9e2307fd6c4ceaed89583154c489f
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
881e783c0fbff9c18d75a79588bee24c0ddda5ece31ff287d14faa86709bf54f
890fdead0d4a43bbf51f0fb239fd171a7b2fc0755894ab0939bf6eb1b8124504
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4
8eb5cfee6b650194cf3aa8c09fc392d34def3ba5432eaefa747cf1fbae2678f2
8f13602e92307c177df39f3d5177cbdc051a0083fa1c86b677d859b22b82cde9
9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4
9027197592f5514157ab0a29af5969430574873bf201cf3888a01835d5f8b633
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
97ea3913d28a8053138d1e6219d984cf0a1da9fb289a949179040c653af5f5f7
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a66f83a07fd596968296b6cc65a20596f7661643b7f08e3c8d6a03782572598
9b9233c0c01ce219c102432f8da76d92d40bee603d575e238540da05da0ad17c
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ee5c8cc2110f283eb7f773de3ca2482e08907f7fb5e05140f04a4f23d0e6951
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
9f7f8c3195855a7274e63859fb891cfd09189e45beb039b368ef775a35c76db1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2f6fec90f9b0079aad59d497fa75796162208996aa12a56b65ad4dc2cb07053
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9dab5ee3c958db3b3246d418b62bdba57d8080d502be8f4f1d8a6eebcd202
a56e678e086ed14a47401f4ab33634f6c7d7278ba86b15ac42aab401b06fd0f7
a667659c49a5f03e99e5626a9796a68bbe406c48aa671e4bc5e74d0e22f6691b
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a6a880736be073fb91fc96f408bd0eadb0a679e84535b1c0835dd4a355916138
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8fb548c04e553ea792b161b82740a47df129cd3d11a0c43c2d537c50470ae7b
a9cf52f47c4e3091c855da3c4decef0f51c2a29471e81125c5e975f2a095b533
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abc828b99fe65a9124353357dcd230f580cc3f4fa0f4ff726f4685aacd6d9cdd
ac0b312f9cb9d890f38d50965cac80da09e0157a74877d144cf9db089963e1ea
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adb19d51f48a3421ec569317f6dbf326e6f14f678c12d14fb4ae6667ded18f9f
ae56a402dbf2ec1e90d8f5e8586f0b4408224c9c5eb9852a2f01bcd63e64367e
b0496ff7b5e02ba5dcf004405c2b4eba9e66d7a89002346aa17ea3c1b4311806
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2c83406917f94579ddce8c580d0b39518623c4b7af8f1a17d9634943859cea6
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b384f27b35cea173a8b0348f80866e244a8c943cbae4fa25be4fe5b587b7aef0
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b6e9eeb6e2523fe254d5e6ee3e30a14903f7f57f19832c8dd136fe49921d8181
b75ae2742b6579d5d553cc2081905f0c94aba89454171643378bbbd3556f45a8
b947a3efe23b4827fa6e4f7c6c0364baa2f66d27d0eb8074d5ab36380876e952
bab1fe14911d3132c48db5d9732eae69ff56a52f60acc11584a41bbafd8c2f58
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bd67cfc8e241cdc14e07ec312481b8140267c9ddad0084319782bf5a9407ada3
bdb6e28d07790c2fa5a06cf5640d4f2a3fd613b22e25b47e9b6eb68574952f1c
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23a473cf8a3a8b61398a296bfe911b75d9cfb59c9e3b6ad459d5bd73ccf7c47
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c50d78ce24986e279056717313017673e9871a640c394432fbf03f1bba924ff4
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c682215efcdbc5ee282a13d340b533f0699770d50ad9c526608183f561602f93
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d
cc4b0c0e3f6bef7a65aed715e26ccbbb24f99a9730485c56d61c63c4dba00918
cc9264fbea72e16c2ab081f398e5740211ae2a88f942f0d5c94fb98e4e508841
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70
cefbe6376bcc1d6a4c20a11ebf4b11385df48ccf116d648f37ebb2c297df3662
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe8e5168d661e94ef9fc3ae9d3f2a5b7a02093231694e1ae0573b5be6c4215a
d172b99cca17cf1620d081c472b17a2d9cd3f234c7faf352ba444807a1d9b026
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
d4310e56d4f24aebaedcd972bbb25ec84f414fa5b9be2766749b518f4a920ba5
d6956621527b73359720e6526916f3edcf875e4a39f401fd83792c6e4c8afec9
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6
d72b6ec00177e55b79d1e072f38d3fa54a53c1fa3b2ca3d4754c082606d2abed
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
d996e3708d96f895004f2c79de855fd6dc7f547995e0cc189e342f7d9ee753d2
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc3db37f2c9150c9d0aba3630de0acb5a6f7590dd4d6133a23b516766b309a66
dcc156f774f770c9969f60f278f977ce3a561b5927bf0acb682f4834e1729c3c
dd4a2c472cc3343960710171c24b6d70d0e5a0875a3a690dfcf6247996dc4012
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
ddf85037fd1f04c4684ed0357cf80a71a3c4aa19049bfccdaec678b4b18dc8e2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
def8fe9741279b34ef368d7dc416366eaf44d386d1cdcb656b7e2ebaf3f9af37
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
dfbebe4a54ee825b9561efd60551145c07c5f2cb0774fcff1b8f768f8f34aea8
e107da344b7bd9cdaf6af59e979e6e395ffc1a1490dde708a9439617e6d74d19
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e2bb1a6ec2abb3564cbc192ae57e2ac020dad17d87d2883bd188632810c4b074
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dad81ae9e89995623b89e9c6f7c5c926a098f0882f66dfeb6a7bf99926c1f2
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e66457d8f46fe0f5ac82b797eac3867792a50c9643b2869e6006368d18af7c6d
e7817d850af67d2d58a07f9b829016d23b8b3ffe58264a5c6fe7f60bd93cc294
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7
e8c2c9778b8be2a36dbc1b901980275da46953db9f83e41d21ba1c47a6ab2a94
e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772
eb73b4b13ce5f630efd84832e66bf7f27fd2bb50416053aebc1ebc3002da6c61
ebddd073681775500ee333591ffecb89aa1c4ce489892c5844616035a290a99f
ed1e968fddbb1ffad28a0a5dfa77537869c6e85e7b67d6be7d93f91828129741
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00c7a764c71395275be56b063201b32965d6eade6d8c5743a657034e17aea96
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f496b4544f491ae23fe1b2d7ce5aa997627e0bc8c10e778c159591e1c5482b54
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f742542c34e26a16a911560e8326a6227abf65aa377d1bc11422b36309a6c077
fa045a38d39e9c9441b12976bd79f527785a69abc28788d0a16f879960f87fbe
fc328eeaf800bfc497c691f3d92a67891dc61368e72111f0c1a02c7fe37d702b
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe2bf0b9062d7db793ceabebaa2d43c057781baeecd3087259dbc90f498a5a18
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc