urlscan.io logo urlscan.io
SecurityTrails logo

says.com Open in urlscan Pro
2606:4700::6812:13ee  Public Scan

Go To Rescan Add Verdict Report
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=Iw...
Submission: On January 07 via manual from MY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 7 countries across 54 domains to perform 282 HTTP transactions. The main IP is 2606:4700::6812:13ee, located in United States and belongs to CLOUDFLARENET, US. The main domain is says.com. The Cisco Umbrella rank of the primary domain is 232403.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 5th 2021. Valid for: a year.
This is the only time says.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.129.63 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
5 142.250.185.130 15169 (GOOGLE)
3 143.204.98.111 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 89.187.169.47 60068 (CDN77 ^_^)
1 143.204.98.93 16509 (AMAZON-02)
1 104.16.89.50 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2.18.233.180 16625 (AKAMAI-AS)
6 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
56 151.101.1.44 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 7 143.204.98.87 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 52.30.140.199 16509 (AMAZON-02)
19 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
12 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
2 2600:9000:215... 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 199.232.136.157 54113 (FASTLY)
1 2600:1f16:d83... 16509 (AMAZON-02)
1 2620:1ec:27::... 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.193.181 54113 (FASTLY)
7 2a03:2880:f11... 32934 (FACEBOOK)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.3 13414 (TWITTER)
1 104.244.42.197 13414 (TWITTER)
1 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 20.84.22.197 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 18.208.50.180 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
10 141.226.228.48 200478 (TABOOLA-AS)
7 2a00:1450:400... 15169 (GOOGLE)
1 34.247.104.176 16509 (AMAZON-02)
1 104.111.215.191 16625 (AKAMAI-AS)
1 18.193.198.58 16509 (AMAZON-02)
2 2 185.33.220.145 29990 (ASN-APPNEX)
2 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.223.40.198 16509 (AMAZON-02)
2 2600:1f18:612... 14618 (AMAZON-AES)
4 4 185.94.180.125 35220 (SPOTX-AMS)
2 3.121.249.198 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
2 69.173.144.165 26667 (RUBICONPR...)
4 2606:4700::68... ()
1 141.95.3.10 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 2a04:4e42:200... ()
1 141.226.224.32 ()
282 73
16    2606:4700::6812:13ee (United States)

ASN13335 (CLOUDFLARENET, US)
says.com
images.says.com
2    2606:4700:3035::6815:273b (United States)

ASN13335 (CLOUDFLARENET, US)
policy.revasia.com
6    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2606:4700::6812:d50 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.nst.com.my
2    2606:4700::6812:eec (United States)

ASN13335 (CLOUDFLARENET, US)
themalaysianreserve.com
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    151.101.129.63 (United States)

ASN54113 (FASTLY, US)
streamable.com
3    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
3    143.204.98.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net
tags.crwdcntrl.net
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
statics.streamable.com
v.embed-cdn.com
1    143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net
cdn-cf-east.streamable.com
1    104.16.89.50 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.embed.ly
6    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
56    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
11    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
5    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
id.crwdcntrl.net
19    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
ampcid.google.de
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
12    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
2    2600:9000:2156:200:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
5    2606:4700::6811:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)
says.api.useinsider.com
log.api.useinsider.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2600:1f16:d83:1201::6e:1 (Columbus, United States)

ASN16509 (AMAZON-02, US)
c16d-35-240-187-111.ngrok.io
1    2620:1ec:27::cafe:1861 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    151.101.193.181 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
7    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
8    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
6    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
2    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
f.clarity.ms
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    18.208.50.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-50-180.compute-1.amazonaws.com
ping.chartbeat.net
2    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
7    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
ml314.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    18.193.198.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-198-58.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2600:1f18:612b:4232:5007:e458:edcf:dd38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    3.121.249.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-249-198.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
4    2606:4700::6811:ab72 (None, )

ASN- ()
segment.api.useinsider.com
location.api.useinsider.com
hit.api.useinsider.com
1    141.95.3.10 (France)

ASN16276 (OVH, FR)
PTR: p31.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    2a04:4e42:200::300 (None, )

ASN- ()
pips.taboola.com
1    141.226.224.32 (None, )

ASN- ()
cds.taboola.com
Apex Domain
Subdomains		 Transfer
68 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 847
trc.taboola.com — Cisco Umbrella Rank: 523
15.taboola.com — Cisco Umbrella Rank: 1700
am-trc-events.taboola.com — Cisco Umbrella Rank: 14322
images.taboola.com — Cisco Umbrella Rank: 1327
vidstat.taboola.com — Cisco Umbrella Rank: 1704
imprammp.taboola.com — Cisco Umbrella Rank: 11798
am-match.taboola.com — Cisco Umbrella Rank: 12290
am-vid-events.taboola.com — Cisco Umbrella Rank: 12000
sync-t1.taboola.com — Cisco Umbrella Rank: 1063
sync.taboola.com — Cisco Umbrella Rank: 726
pips.taboola.com
cds.taboola.com
2 MB
26 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
122 KB
18 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
1 MB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
static.doubleclick.net — Cisco Umbrella Rank: 341
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
243 KB
16 says.com
says.com — Cisco Umbrella Rank: 232403
images.says.com — Cisco Umbrella Rank: 316548
3 MB
10 google.com
adservice.google.com — Cisco Umbrella Rank: 69
www.google.com — Cisco Umbrella Rank: 8
ampcid.google.com — Cisco Umbrella Rank: 1586
29 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
78 KB
9 useinsider.com
says.api.useinsider.com — Cisco Umbrella Rank: 849869
segment.api.useinsider.com
location.api.useinsider.com
log.api.useinsider.com
hit.api.useinsider.com
98 KB
8 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1395
bcp.crwdcntrl.net — Cisco Umbrella Rank: 538
sync.crwdcntrl.net — Cisco Umbrella Rank: 641
id.crwdcntrl.net — Cisco Umbrella Rank: 1697
21 KB
7 facebook.com
www.facebook.com — Cisco Umbrella Rank: 88
1 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1488
f.clarity.ms — Cisco Umbrella Rank: 2200
c.clarity.ms — Cisco Umbrella Rank: 998
25 KB
7 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 124
5 KB
7 typekit.net
use.typekit.net — Cisco Umbrella Rank: 455
p.typekit.net — Cisco Umbrella Rank: 565
100 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
309 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
40 KB
5 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 906
eus.rubiconproject.com — Cisco Umbrella Rank: 503
token.rubiconproject.com — Cisco Umbrella Rank: 583
pixel.rubiconproject.com — Cisco Umbrella Rank: 270
11 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 8579
ampcid.google.de — Cisco Umbrella Rank: 45749
www.google.de — Cisco Umbrella Rank: 6151
2 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 418
3 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 339
mug.criteo.com — Cisco Umbrella Rank: 3226
1 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151
127 KB
4 streamable.com
streamable.com — Cisco Umbrella Rank: 37364
statics.streamable.com — Cisco Umbrella Rank: 62047
cdn-cf-east.streamable.com — Cisco Umbrella Rank: 46738
89 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
1 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1071
mab.chartbeat.com — Cisco Umbrella Rank: 1928
33 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 398
58 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 249
632 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 254
440 B
2 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 2694
365 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 351
2 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 112
76 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 224
5 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 2828
32 KB
2 themalaysianreserve.com
themalaysianreserve.com — Cisco Umbrella Rank: 480983
2 nst.com.my
assets.nst.com.my — Cisco Umbrella Rank: 182250
306 KB
2 revasia.com
policy.revasia.com — Cisco Umbrella Rank: 400707
3 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 730
323 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 545
526 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 245
84 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 371
417 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 402
304 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1202
422 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 960
201 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 239
552 B
1 t.co
t.co — Cisco Umbrella Rank: 457
469 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 465
1 ngrok.io
c16d-35-240-187-111.ngrok.io
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 559
6 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 97
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
61 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202
7 KB
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 446
115 KB
1 embed.ly
cdn.embed.ly — Cisco Umbrella Rank: 15662
4 KB
1 embed-cdn.com
v.embed-cdn.com — Cisco Umbrella Rank: 65546
78 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1229
5 KB
282 54
Domain Requested by
37 images.taboola.com
18 www.youtube.com www.youtube.com
13 cdn.taboola.com says.com
cdn.taboola.com
13 says.com says.com
static.cloudflareinsights.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
says.com
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
11 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
says.com
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
www.googletagservices.com
8 www.google.com tpc.googlesyndication.com
www.youtube.com
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
7 www.gstatic.com www.youtube.com
www.gstatic.com
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
7 www.facebook.com bcp.crwdcntrl.net
7 sb.scorecardresearch.com 1 redirects says.com
widget.perfectmarket.com
6 googleads.g.doubleclick.net 2 redirects www.googleadservices.com
www.youtube.com
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
6 connect.facebook.net says.com
connect.facebook.net
bcp.crwdcntrl.net
6 www.google-analytics.com streamable.com
www.googletagmanager.com
www.google-analytics.com
6 use.typekit.net says.com
use.typekit.net
5 am-trc-events.taboola.com
5 securepubads.g.doubleclick.net says.com
www.googletagservices.com
securepubads.g.doubleclick.net
4 sync.search.spotxchange.com 4 redirects
4 f.clarity.ms www.clarity.ms
f.clarity.ms
4 www.googletagservices.com says.com
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
3 log.api.useinsider.com
3 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
ads.pubmatic.com
3 www.google.de
3 trc.taboola.com cdn.taboola.com
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 tags.crwdcntrl.net says.com
tags.crwdcntrl.net
3 cdn.jsdelivr.net says.com
3 images.says.com says.com
2 hit.api.useinsider.com says.api.useinsider.com
2 eus.rubiconproject.com imprammp.taboola.com
eus.rubiconproject.com
2 ups.analytics.yahoo.com 2 redirects
2 x.bidswitch.net imprammp.taboola.com
am-match.taboola.com
2 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
2 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
2 fonts.googleapis.com 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net says.com
2 secure.adnxs.com 2 redirects
2 stats.g.doubleclick.net www.google-analytics.com
2 c.clarity.ms 1 redirects
2 i.ytimg.com www.youtube.com
2 yt3.ggpht.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 fonts.gstatic.com www.youtube.com
2 says.api.useinsider.com www.googletagmanager.com
says.api.useinsider.com
2 static.chartbeat.com www.googletagmanager.com
says.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 statics.streamable.com streamable.com
2 themalaysianreserve.com says.com
2 assets.nst.com.my says.com
2 policy.revasia.com says.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 location.api.useinsider.com says.api.useinsider.com
1 segment.api.useinsider.com says.api.useinsider.com
1 pixel.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 sync.taboola.com am-match.taboola.com
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 s0.2mdn.net 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
1 sync.crwdcntrl.net bcp.crwdcntrl.net
1 aa.agkn.com bcp.crwdcntrl.net
1 tags.bluekai.com bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 vidstat.taboola.com cdn.taboola.com
1 15.taboola.com cdn.taboola.com
1 ping.chartbeat.net
1 c.bing.com 1 redirects
1 ampcid.google.de www.google-analytics.com
1 mab.chartbeat.com static.chartbeat.com
1 t.co
1 analytics.twitter.com static.ads-twitter.com
1 ampcid.google.com www.google-analytics.com
1 www.clarity.ms says.com
1 c16d-35-240-187-111.ngrok.io www.googletagmanager.com
1 static.ads-twitter.com says.com
1 www.googleadservices.com www.googletagmanager.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.googletagmanager.com says.com
1 cdnjs.cloudflare.com says.com
1 ads.pubmatic.com says.com
1 cdn.embed.ly streamable.com
1 v.embed-cdn.com streamable.com
1 cdn-cf-east.streamable.com streamable.com
1 p.typekit.net use.typekit.net
1 streamable.com says.com
1 static.cloudflareinsights.com says.com
282 95
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-05 -
2022-09-04		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
nst.com.my
Cloudflare Inc ECC CA-3		 2021-08-31 -
2022-08-30		 a year crt.sh
themalaysianreserve.com
Cloudflare Inc ECC CA-3		 2021-07-28 -
2022-07-27		 a year crt.sh
streamable.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-05 -
2022-12-06		 a year crt.sh
statics.streamable.com
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.streamable.com
Amazon		 2021-03-10 -
2022-04-08		 a year crt.sh
v.embed-cdn.com
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.embed.ly
Sectigo RSA Domain Validation Secure Server CA		 2021-02-15 -
2022-02-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
useinsider.com
Cloudflare Inc ECC CA-3		 2021-09-20 -
2022-09-19		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.ngrok.io
R3		 2022-01-02 -
2022-04-02		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-01 -
2022-06-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.ml314.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh

This page contains 18 frames:

Primary Page: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Frame ID: 95F559DD1EECC1708ABB2C6FC7D2EF73
Requests: 175 HTTP requests in this frame

Frame: https://streamable.com/s/c0415/ualca
Frame ID: B963A14A8DCF6E66F9C3461F47B05952
Requests: 8 HTTP requests in this frame

Frame: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A4C59FF651BB76094812C6DB3F118997
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/fXYZg81P83c
Frame ID: BF1FA6660483E46E5ABFF7D7E7779CA2
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/iPHNspcFyow
Frame ID: 8558D6896E78166E731853A8A77F5B4B
Requests: 18 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11139
Frame ID: 3ACB61735FDD6D47C163DF83A07D0ACD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77684D04CB684AF0A718C8A2D8A85B98
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA0E0B43232E20249D9E440AE9E2A56B
Requests: 2 HTTP requests in this frame

Frame: https://says.api.useinsider.com/worker-new.html
Frame ID: 06242B07632451ABB16EF850713F2A3E
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=61%2C12%2C8%2C2&b=797747%2C1769168&c=11139
Frame ID: BB8673E6255B3093B55BDD834A7AE08D
Requests: 10 HTTP requests in this frame

Frame: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B9431E1D4C2E15CE2661BFF5D3A9787C
Requests: 14 HTTP requests in this frame

Frame: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D234217216F735E8E32F7C383CE1D3E4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDG8AEQ4uvaiAMY_PekvgEwAQ&v=APEucNVXDEi1y252CW1Pvw6XvrUOPR2WcPRNRZsLYBSZju9G3RGJFRrnR7qCkWsSSLQej7n_qRPdT5f4eKAt7JE-kgsXVVlZUg
Frame ID: 09D46F2F14A99B5508B16052A1C3B599
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A0836640DAE9C23C8DDD1C032434242B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0EE9E4E97D57102B2D93EC8AEA79E434
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&cmcv=&pix=undefined&cb=1641532787940&uv=3096&tms=1641532787940&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vA!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=B1DD6EA27798534412899692722&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 346962148CAA4FB9036F74C6F729B4FC
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: EE5F81DEB4D5EF9191DF6DE4D0B618FC
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 5DD303EB3E11D9DC4892D926D168E122
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

There's A Rage Room In The Heart Of KL Where You Can Smash Things For FunGroup 3Group 3Group 3Group 3

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • api\.useinsider\.\w+/
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

282
Requests

97 %
HTTPS

55 %
IPv6

54
Domains

95
Subdomains

73
IPs

7
Countries

8035 kB
Transfer

17097 kB
Size

53
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsays.com%2F&domain=says.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=60WoKXwrM2ZRTXpYeUJxRFgvNzJxUm1CMGhxcUlYWG1pdzA3K1NRRkdtY0VOQXhta3FjSDZtalpGWTBjdmhNanJGMlBWSFdZTW9ZbXBXV0E4blRacWFWL0Z4VFlNMVIzV2VsT0VTOXUwYURiSUppQXRnRFZabmlCWkRobU11ZGVIZTM1VXczbEtnbUNnR1hkTnVIa0hqMk1UaTlGQ2VSTUtwQjlabXVianFvbmtaaHhKak03dlJDUU5rZHQ5cGQvSWpzODBHcW8wdmJzYmQ4YTl6T21KOHJFTWlhWUV0V2o3RkVOOW0vMVNKTUVadHdrPXw&cppv=2
Request Chain 66
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034955&ns__t=1641532786689&ns_c=UTF-8&cv=3.5&c8=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&c7=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1641532786689&ns_c=UTF-8&cv=3.5&c8=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&c7=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&c9=
Request Chain 103
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 105
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 123
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=C32BFBAC9A7247329D1C63A3A64C117D&RedC=c.clarity.ms&MXFR=0DAF08F9132E626E318019DC172E6CEF HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=C32BFBAC9A7247329D1C63A3A64C117D&MUID=33E9A24229E4664F14F0B367288F67EA
Request Chain 182
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=182675272%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D182675272%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/rand=182675272/tpid=5001737321893040841/tp=ANXS
Request Chain 243
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=6eb1eefd-6f79-11ec-a20a-191344880306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6eb1eec6-6f79-11ec-a20a-191344880306&orig=video&us_privacy=1---gdpr=1&
Request Chain 247
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=6eb3ac09-6f79-11ec-9125-1bf9ad920206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6eb3abd3-6f79-11ec-9125-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&
Request Chain 249
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58534/occ?verify=true HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-lkkaaIpE2uHvylZUjNJCGY6glrOwFfaMecOhkHQ-~A
Request Chain 251
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

282 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun
says.com/my/lifestyle/ 		61 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger 6.0.4
Resource Hash
7309c2816ced7684c96489063634978e35b7cc458a31fd580de8e6aa978a7fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-type
text/html; charset=utf-8
status
200 OK
cache-control
private, max-age=1800, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
5870bbc5-3b57-4ac1-ba7f-c0df7ba6a556
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-runtime
0.110082
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 6.0.4
via
1.1 google
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6c9abb9afc953754-MXP
content-encoding
br
bootstrap-9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4.css
says.com/assets/ 		154 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/bootstrap-9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4.css
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6c9abb9e3eef3754-MXP
date
Fri, 07 Jan 2022 05:19:44 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
age
4049
etag
W/"5ddf9000-26643"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30
content-encoding
br
expires
Fri, 07 Jan 2022 05:20:14 GMT
application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
says.com/assets/ 		339 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6c9abb9e3ef03754-MXP
date
Fri, 07 Jan 2022 05:19:44 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 08 Nov 2021 15:01:00 GMT
server
cloudflare
age
4049
etag
W/"61893bac-54a7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30
content-encoding
br
expires
Fri, 07 Jan 2022 05:20:14 GMT
cookie.consent.css
policy.revasia.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://policy.revasia.com/cookie.consent.css
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:273b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe8e5168d661e94ef9fc3ae9d3f2a5b7a02093231694e1ae0573b5be6c4215a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=yFoefQ==, md5=/Co07jaJviW5aoG5Zrx82A==
date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3440
x-guploader-uploadid
ABg5-UyEOJvzVGE81lPXkcq-IZX-OGoblKsYJr-u1MSh8me-Jgaqlso1ciaucoJ-CFGUOQEf_L4mPVQuxYfILXMDuggBCGTttQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 27 Sep 2019 04:27:42 GMT
server
cloudflare
etag
W/"fc2a34ee3689be25b96a81b966bc7cd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FR9btzKxJ9GfybgGE%2FQblX5QRupyCU6kz3UNEWPcjrQ%2FEryAtDMnZkiWfprPDUan6uHq%2FhDQFHefg6gpImG%2BFVgzcgSZxFu7kYvA7hB6vImg326o2zyDkteCRcdWTlfXw3l926%2Fg0x3cVXkd1Kel10%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1569558462623355
content-type
text/css
cache-control
public, max-age=14400
x-goog-stored-content-length
1132
cf-ray
6c9abb9e8b5d0f66-MXP
expires
Fri, 07 Jan 2022 04:51:07 GMT
ner5wjl.css
use.typekit.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ner5wjl.css
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1fecaf8fcb78c537e1c1e6cee00ec28b8f2e6c5b2799df77986f82d71b5d1409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 07 Jan 2022 05:19:44 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1080
says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
says.com/assets/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://says.com/assets/says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6c9abb9e4ef43754-MXP
date
Fri, 07 Jan 2022 05:19:44 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
etag
W/"5ddf9000-86a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=60
content-encoding
br
1558417b096b5d8e7cbe0183ea9cbf26.png
images.says.com/uploads/user/avatar/706213/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/user/avatar/706213/1558417b096b5d8e7cbe0183ea9cbf26.png
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fc9dd1870bfe6cd45f9a6dda809cf8ac5f1bc42dca32da1c0de766c7796506

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
cf-cache-status
HIT
age
241685
cf-polished
origSize=8935, status=webp_bigger
x-guploader-uploadid
ADPycdtX62X0Q_QqwcIpthLTtkE4nI3oZEg7SXmDCsjPwmWwPFotZVBSufnnsmThyxGwrvvYCGfnOXPxkuQBkNiktJtV54x1Ew
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
8652
last-modified
Tue, 21 Jul 2020 13:17:56 GMT
server
cloudflare
etag
"7266f8a05a26f6ac4578175ad359d210"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=e+sS5w==, md5=cmb4oFom9qxFeBda01nSEA==
x-goog-generation
1595337476453484
expires
Wed, 07 Jan 2032 17:19:44 GMT
cache-control
public, max-age=315576000
x-goog-stored-content-length
8935
accept-ranges
bytes
cf-ray
6c9abb9e4f023754-MXP
cf-bgj
imgq:100,h2pri
favicon-32x32.png
says.com/ 		504 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://says.com/favicon-32x32.png
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cea595e621b7a79d4ef54024001c5340d0132b7ec31cdbc5f01f12c552683f40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
via
1.1 google
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1277
content-disposition
inline; filename="favicon-32x32.webp"
content-length
504
last-modified
Mon, 03 Jan 2022 05:24:31 GMT
server
cloudflare
etag
"61d2888f-4fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6c9abb9e4ef53754-MXP
cf-bgj
imgq:100,h2pri
dsasiijfa_1641526980.jpg
assets.nst.com.my/images/articles/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/dsasiijfa_1641526980.jpg
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48380751e4255e690edaca91a26bca24ad484679ace0c99eee67836cc6a13784

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:45 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycduMDu9-hTtxGWK0joFG-rMis6Gl6wDa-a0yaq7cHStJjB0Drhlr44VLSW8JM_UIeaGXkEhrnrmYOMa8jj-nVM3xhAmwMg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
121192
last-modified
Fri, 07 Jan 2022 03:43:01 GMT
server
cloudflare
etag
"8a6cf0fcc18205833437e18cda9b9da1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=QINoHA==, md5=imzw/MGCBYM0N+GM2pudoQ==
x-goog-generation
1641526981114995
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
121192
accept-ranges
bytes
cf-ray
6c9abb9e9d925a2b-MXP
expires
Fri, 07 Jan 2022 06:19:45 GMT
fudufuhsaia_1641525532.jpg
assets.nst.com.my/images/articles/ 		186 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nst.com.my/images/articles/fudufuhsaia_1641525532.jpg
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
776f6bdeb7bb14a6e4a36b2b97ef7d9f01410a4359e4ef17555d8f8db348647b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycds4-8qinnbGgsVyeEvyzjRh77Muby_IRcPh_erNIyYzz6TWEFag662eOHjmI-5K8B_UNkDjyMIYHtAdBdNNHVo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
190560
last-modified
Fri, 07 Jan 2022 03:18:52 GMT
server
cloudflare
etag
"6c5423d68f6f758c613d4334fea91f8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=EOG7CQ==, md5=bFQj1o9vdYxhPUM0/qkfjA==
x-goog-generation
1641525532794101
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
190560
accept-ranges
bytes
cf-ray
6c9abb9ead935a2b-MXP
expires
Fri, 07 Jan 2022 06:19:46 GMT
Banjir.jpg
themalaysianreserve.com/wp-content/uploads/2022/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themalaysianreserve.com/wp-content/uploads/2022/01/Banjir.jpg
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
000_9VL2UU-1024x684.jpg
themalaysianreserve.com/wp-content/uploads/2022/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themalaysianreserve.com/wp-content/uploads/2022/01/000_9VL2UU-1024x684.jpg
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rocket-loader.min.js
says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Jan 2022 15:17:54 GMT
server
cloudflare
etag
W/"61d5b6a2-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6c9abb9e4ef63754-MXP
vary
Accept-Encoding
expires
Sun, 09 Jan 2022 05:19:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://says.com/
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6c9abb9e8b6183a2-MXP
ualca
streamable.com/s/c0415/ Frame B963 		78 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://streamable.com/s/c0415/ualca
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.63 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4f4ff89df39878abed803b8aaeb83768b3a15e393793d1f8bd555d6df18bbb10
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.18.0 (Ubuntu)
cache-control
no-cache, no-store, must-revalidate
x-cache-status
MISS
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-ua-device
desktop
x-domain
says.com
accept-ranges
bytes
date
Fri, 07 Jan 2022 05:19:44 GMT
age
1709
x-served-by
cache-iad-kcgs7200070-IAD, cache-hhn4068-HHN
x-cache
HIT, MISS
x-cache-hits
1, 0
x-timer
S1641532784.387687,VS0,VE309
vary
X-UA-Device, Accept-Encoding, X-Username, X-Domain
strict-transport-security
max-age=300
content-length
22522
large_thumb_f81a.png
images.says.com/uploads/story/cover_image/42609/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story/cover_image/42609/large_thumb_f81a.png
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff188de42b762f54e925bad99e6e860d386ad25af83434af2e55dc3231296176

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:45 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdt6vQDyARJczKsmxu9B-V1NCFxRab2akBx5JWqWildU9hDcco8M-P7ASSUjgHw-oLtS8QXxIz1mw-Zf_lNCnwpnD-MB2A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
1757546
last-modified
Tue, 21 Jul 2020 13:16:03 GMT
server
cloudflare
etag
"915adb9aa3323568cdb8b1752c2dc732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=xHTQmg==, md5=kVrbmqMyNWjNuLF1LC3HMg==
x-goog-generation
1595337363754992
cache-control
public, max-age=315576000
x-goog-stored-content-length
1757546
accept-ranges
bytes
cf-ray
6c9abb9e5f083754-MXP
expires
Wed, 07 Jan 2032 17:19:45 GMT
typeahead.jquery.min.js
cdn.jsdelivr.net/typeahead.js/0.10.5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/typeahead.js/0.10.5/typeahead.jquery.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3dad81ae9e89995623b89e9c6f7c5c926a098f0882f66dfeb6a7bf99926c1f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6085310
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19162-FRA, cache-mxp6924-MXP
timing-allow-origin
*
server
cloudflare
etag
W/"510c-S3JXs07We2e7+mK0ogQDjPiLH0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6c9abb9eeb39e903-MXP
algoliasearch.helper.min.js
cdn.jsdelivr.net/algoliasearch.helper/2/ 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/algoliasearch.helper/2/algoliasearch.helper.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36866
x-jsd-version
2.28.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19136-FRA, cache-mxp6941-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1f4ce-yhw0k44Hf5WfhCJOdgej62yDo+U"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6c9abb9efb3ae903-MXP
algoliasearch.min.js
cdn.jsdelivr.net/algoliasearch/3.9/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/algoliasearch/3.9/algoliasearch.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d03ca7f3ce7f1698643944490152dd091759abaae48a654dcb8c0e1fff69094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6336604
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19140-FRA, cache-mxp6959-MXP
timing-allow-origin
*
server
cloudflare
etag
W/"dca7-7EOIzEqVciton1p8sULUNdzPZIc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6c9abb9efb3be903-MXP
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
cbc403a4f6c5a164e25c45b7be438e1e369b7029b285fd71941d08ecc7bd99e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27007
x-xss-protection
0
server
sffe
etag
"1094 / 28 of 1000 / last-modified: 1641462274"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jan 2022 05:19:44 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/11139/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
614746b52a14c73782d6bebd9bf0c4ff0466d1a1a652882ee2c7b75eb680bfc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 09:43:16 GMT
content-encoding
gzip
etag
W/"f97499c030a325003e49d5770c741f8d"
last-modified
Wed, 05 Jan 2022 09:25:10 GMT
server
AmazonS3
age
70652
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
XiaXq4jO5LQ4oGzwWFR9LkfNyjDMjwgP24vMrcqBViy_T9gugfKixg==
bootstrap-70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8.js
says.com/assets/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/bootstrap-70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6c9abb9ebf473754-MXP
date
Fri, 07 Jan 2022 05:19:44 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
age
4048
etag
W/"5ddf9000-ef1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30
content-encoding
br
expires
Fri, 07 Jan 2022 05:20:14 GMT
application-cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d.js
says.com/assets/ 		492 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.com/assets/application-cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6c9abb9ebf483754-MXP
date
Fri, 07 Jan 2022 05:19:44 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 02 Mar 2021 15:22:36 GMT
server
cloudflare
age
4048
etag
W/"603e583c-7b1ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30
content-encoding
br
expires
Fri, 07 Jan 2022 05:20:14 GMT
cookie.consent.js
policy.revasia.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://policy.revasia.com/cookie.consent.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:273b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bea71d07ca30415d598ea3dfbe6641f5aa63fe0414d3c27ed6bd0e89c603439

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=9GWciA==, md5=u1V6Wme8uXWjBAwtr2LbJw==
date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3439
x-guploader-uploadid
ABg5-Uz5Zbf1kMz99qh3OIstMPovXh-7nWCobjUgvosBc77NQhAjvHMZQyvXBa_VaQbyz28WTtZYoxqWNYePO0FNQ0c
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 29 Oct 2019 04:03:50 GMT
server
cloudflare
etag
W/"bb557a5a67bcb975a3040c2daf62db27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95155RenDIO3KbCNFa3TOadTwk7LJvc3pjJ7GvDK7vwOa5s69FKFFpAFA8PebuLj2qbaXl3OU3a%2FBiJsMMXAGr2gNKvsLpx48nvA9MDSMgLgfUGLYhF5%2Bl4DH%2FGM7lMW5MVDNUhmIXWbgRHEtwKLPX8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572321830602698
content-type
text/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
3234
cf-ray
6c9abb9ebb760f66-MXP
expires
Fri, 07 Jan 2022 04:51:18 GMT
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3769516affac69e2a8b1a14f9ae4572464ce4ffbf798449d989ca6fc36c1acae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27006
x-xss-protection
0
server
sffe
etag
"1094 / 16 of 1000 / last-modified: 1641462274"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jan 2022 05:19:44 GMT
p.css
p.typekit.net/ 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=ner5wjl&ht=tk&f=139.140.173.174.175.176.10444.10739.10741.17001.17005&a=526275&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
fa-solid-900.woff2
says.com/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://says.com/fonts/fa-solid-900.woff2
Requested by
Host: says.com
URL: https://says.com/assets/application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Referer
https://says.com/assets/application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:45 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 03 Jan 2022 05:24:31 GMT
server
cloudflare
etag
"61d2888f-12690"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6c9abba0082e3754-MXP
content-length
75408
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
57a4bb5c5fad1da04cf1d43c824c9117e6ae12d5fca469fd4e525e216fb37761

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
server
nginx
etag
"642d9266d1f9c63e0e36cec5fe51c6a1134c359a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19916
l
use.typekit.net/af/27776b/00000000000000003b9b0939/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/27776b/00000000000000003b9b0939/27/l?subset_id=2&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0382a06b8e3ec31595098573a3dbfd2d17b458498c1aa3b485741b0413777a9c

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
server
nginx
etag
"e1ccbb4a993cd81acf325a5b5760f522404cc494"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19664
fa-brands-400.woff2
says.com/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://says.com/fonts/fa-brands-400.woff2
Requested by
Host: says.com
URL: https://says.com/assets/application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d

Request headers

Referer
https://says.com/assets/application-4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 03 Jan 2022 05:24:31 GMT
server
cloudflare
etag
"61d2888f-1231c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6c9abba008303754-MXP
content-length
74524
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f496b4544f491ae23fe1b2d7ce5aa997627e0bc8c10e778c159591e1c5482b54

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
server
nginx
etag
"2c0b6e23328e638bb18899aafbc85ad950333c16"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19364
l
use.typekit.net/af/6aec08/00000000000000003b9b0935/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6aec08/00000000000000003b9b0935/27/l?subset_id=2&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d4310e56d4f24aebaedcd972bbb25ec84f414fa5b9be2766749b518f4a920ba5

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
server
nginx
etag
"1ba84f7704212796fc4339b5d2f9857087d10fca"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20072
l
use.typekit.net/af/86b539/00000000000000003b9b093a/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/86b539/00000000000000003b9b093a/27/l?subset_id=2&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ner5wjl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2f6fec90f9b0079aad59d497fa75796162208996aa12a56b65ad4dc2cb07053

Request headers

Referer
https://use.typekit.net/ner5wjl.css
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
server
nginx
etag
"7a571531ba8746780d4709c32909a81a6b90fc36"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20572
OpenSansLocal.css
statics.streamable.com/fonts/ Frame B963 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://statics.streamable.com/fonts/OpenSansLocal.css
Requested by
Host: streamable.com
URL: https://streamable.com/s/c0415/ualca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
feb474414d4762c8c1ab35647ecc8da901fdd8e971eb6384a58c5a6fe2355efa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://streamable.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
br
cdn-edgestorageid
756
x-amz-request-id
7A9NEVEM1XEM7JVB
cdn-cachedat
12/27/2021 13:10:47
cdn-pullzone
33385
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
SdOfGeloyiuZhue07/QfdtSEhvce5JG07Rb+Y6M5A4bar4tElDpVl/zfI8hBBYvKvXAN5zFJF8w=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Thu, 07 Mar 2019 18:51:03 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-uid
255cf631-b054-4e67-82b4-c62b6a93a2a5
cdn-requestid
fc0eaf9801e19d17540376d32f4c7c1c
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
c0415.jpg
cdn-cf-east.streamable.com/image/ Frame B963 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cf-east.streamable.com/image/c0415.jpg?Expires=1641789900&Signature=Yhhpj10PQw~jM-BNH7opryr4v7xpKCPyclXiDToBJMR6lORYd~TMA9XCRFPTThC5kO7w6y~sSWDWLe16gbdcH0HvVJsu3wsRjl5hr45snw5vTPsuBcSH-CaG5M7YcyvYuRlogwRMncNcpEPgGd~2u8~xLX50Stbwl6iGbHVY-wOb-m2oxhiqWXlW33JG3hT9BRL7KWcKpHTpdEy3gdjlACNO9GMqK3UF7jjnM6EZez2XQTOJlTEFktJXu6KxnZljINVIDQSPfQz9YbEDEJvEUGonGnZYTy3KcbBuMM~zIKepw145RdbT2-sJfmoEYfiG-NqHsO5UdQksChWR516TIg__&Key-Pair-Id=APKAIEYUVEN4EVB2OKEQ
Requested by
Host: streamable.com
URL: https://streamable.com/s/c0415/ualca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-93.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4975ab1e8aae859d9cf81521895c37620b1443a5cc76f2a97414f995883d524a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://streamable.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 00:49:11 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified
Thu, 05 Mar 2020 09:15:32 GMT
server
AmazonS3
age
102634
etag
"6adc74e6c99df963572daab80d4820e1"
x-cache
Hit from cloudfront
content-type
image/jpg
cache-control
max-age=315360000
content-disposition
attachment;
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
64159
x-amz-cf-id
0XKhwjvADZzldAN9NEb3YXBy9b1UW5FpZRAhOcWMNTkqs3a81O-5Gg==
favicon.ico
statics.streamable.com/static/ Frame B963 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statics.streamable.com/static/favicon.ico
Requested by
Host: streamable.com
URL: https://streamable.com/s/c0415/ualca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
d2325b5f948304800cab112345163a82d61b24194d858c807f35b52f64a09276

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://streamable.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
br
cdn-edgestorageid
756
x-amz-request-id
00JM85XS453BWHPP
cdn-cachedat
12/27/2021 13:10:11
cdn-pullzone
33385
x-amz-id-2
aWr0GveRs1b58UYuh+11f1HEP2xH9B+riFWz2UmrQZlHiDcmy5jX8/iq4W8eTIF2y221ARWls4c=
server
BunnyCDN-DE1-756
last-modified
Fri, 04 May 2018 14:57:33 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
cdn-cache
HIT
cdn-uid
255cf631-b054-4e67-82b4-c62b6a93a2a5
cache-control
public, max-age=2592000
cdn-requestid
ec7d129ab04e28762acf6925bbf56aa5
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
player.js
v.embed-cdn.com/v16/ Frame B963 		225 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v.embed-cdn.com/v16/player.js
Requested by
Host: streamable.com
URL: https://streamable.com/s/c0415/ualca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
42358034ab02462b6a97d66ff3cbf51673c8af6d7a3426f68b7e222299fc28e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://streamable.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
br
cdn-edgestorageid
756
x-amz-request-id
NTR54ZK058JFXTTB
cdn-cachedat
12/27/2021 07:17:58
cdn-pullzone
33379
x-amz-id-2
C5LoqMKwEcoS+MYIpeo4a6uBXm87s7GaweXgwGLhxan7vp8FMvi/4/sb7xDV/is7Lg2awxpKGqc=
server
BunnyCDN-DE1-756
last-modified
Fri, 12 Nov 2021 19:58:03 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
255cf631-b054-4e67-82b4-c62b6a93a2a5
cache-control
public, max-age=2592000
cdn-requestid
e665923dbc97bd337501ac6ccd09f8c3
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
player-0.1.0.min.js
cdn.embed.ly/ Frame B963 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.embed.ly/player-0.1.0.min.js
Requested by
Host: streamable.com
URL: https://streamable.com/s/c0415/ualca
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.89.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://streamable.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:44 GMT
content-encoding
gzip
cf-cache-status
HIT
age
70
x-amz-request-id
CD4ZHWWQJF5VEAVJ
x-amz-id-2
2CHY5C2Eks+KHTUekXJ1J9hHj6q3K+hU1K6+vgBK2hBBL4M0bb9wS9ZUjMg2OhFREHvdV9iIlvI=
last-modified
Tue, 24 Oct 2017 18:33:09 GMT
server
cloudflare
etag
W/"19b624e7fe7a86b4c7851ed61e250626"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
x-amz-version-id
null
cf-ray
6c9abba10f5d5bed-FRA
expires
Fri, 07 Jan 2022 09:19:44 GMT
analytics.js
www.google-analytics.com/ Frame B963 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: streamable.com
URL: https://streamable.com/s/c0415/ualca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://streamable.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6290
date
Fri, 07 Jan 2022 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 07 Jan 2022 05:34:54 GMT
truncated
/ Frame B963 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
pwt.js
ads.pubmatic.com/AdServer/js/pwt/121793/1376/ 		377 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
16adf8c0cf6ed747ee0358358062223296e7285af48e189f7de282698528ea07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 09:01:19 GMT
server
Apache/2.2.15 (CentOS)
etag
"1701087-5e424-5d4d1ff471919"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=168955
accept-ranges
bytes
content-type
text/javascript
content-length
116820
expires
Sun, 09 Jan 2022 04:15:41 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
5IUV8Uu2KG6iPeHHwssNKk9v+PdpLIKuvT0zQsoby4QvpWCnXe6Sxnn846OMKvqrDwPIb1JRYN+mM274DxAIvA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 07 Jan 2022 05:19:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: says.com
URL: https://says.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
294526
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6646
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4IHyxJOFGchUPGFeU8ZoLuY6OCIEaBlST3R%2B8Xksc7QqBE0p5LdH2mruPxCVBgrtmJUdFjDTO9C4ys21H5h9cSFhNgIGIPirxy1X6hG9QImBiQ58s9CtXFoohTmJpazgut%2Ba%2BNepJKOgqmrz9lekZI0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c9abbab987d5995-MXP
expires
Wed, 28 Dec 2022 05:19:46 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jan 2022 05:19:46 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		175 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=says.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
55c4447ef4df513c0f5bc6dff8232177b177b1655ec4e9023ed0d0e4f2fe22da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
0
expires
Fri, 07 Jan 2022 05:19:46 GMT
169284420317900
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/169284420317900?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
135e77ab4be0b20ab0b9fde23a78826f8fef7634e8f65139ee3e0e3c60dce136
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
T3Io7r7/LG7CAN9MBSJGTGnuul09kgWbAXdxRPCyGIIXMpTYaJmCyg+eW/z+jrZRnPyH2Us7PQdwKcbREvGHyA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 07 Jan 2022 05:19:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.js
cdn.taboola.com/libtrc/revasiaberhad-saysmy/ 		513 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c7c6809766ceecd97d6e5b8957469fc0c31f432ca5f3dab7181b84f8e114b90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Fpr01TY2pGDmYUKWMQzg063L1WEnRvQP
content-encoding
gzip
etag
"c868d8a5614a95e7759c63ddd751ecc2"
age
0
x-cache
HIT
content-length
38122
x-amz-id-2
UorSUp2HGDbUHCb9BgjU4xwo2WBx4ZoyNGIWjYRJ/7t6b8yQl1tarGVwJoJhnwLdpDIzZ9vq2nk=
x-served-by
cache-hhn4065-HHN
last-modified
Thu, 06 Jan 2022 10:15:40 GMT
server
AmazonS3
x-timer
S1641532787.577546,VS0,VE115
date
Fri, 07 Jan 2022 05:19:46 GMT
vary
Accept-Encoding
x-amz-request-id
0YAXP6DKA401321A
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
71
x-cache-hits
1
gtm.js
www.googletagmanager.com/ 		235 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c096cb9e2a680bbe541241b4716b27ce4af896decd959c2ee02f6b2ca476040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62131
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jan 2022 05:19:46 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
307bca04abfc4054d09811c7d6aa3d6876fd5a1ec4c718f56f05ad774e4b3fe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SeKRYK6WxlHRwoXZUvBnAA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
GBr6rqOpF3RmjpXxMk7CL2i9DVIcZ6NA3Hmk+BA19Rtx4Sy69WLRSyz06vnjubFRQ7vpP+I2XScJi7BOiMRa5A==
x-fb-content-md5
0331abde9874e38a3c5dd68dfd8696f1
x-frame-options
DENY
date
Fri, 07 Jan 2022 05:19:46 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3e12b3b3556d1547aecffcefbf15ef75"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 07 Jan 2022 05:33:15 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:50:56 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
80679
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
qRc2cjaObMy3Ga5oIZeU1dphsIlS-SwPagELBjuE-f_qUeDNUjjTPQ==
update_show
says.com/my/stories/42609/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://says.com/my/stories/42609/update_show?_=1641532786541
Requested by
Host: says.com
URL: https://says.com/assets/application-cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger 6.0.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
X-CSRF-Token
HyjRzzwiUFWtCDQaIDpYNSxhRyDbqhxY3oPuBMuwJWOjyBEoCXYgcd85DjWZ7La0b6bbNGFmRGe/Ny+XlUrsOQ==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger 6.0.4
status
200 OK
content-encoding
br
x-xss-protection
1; mode=block
x-request-id
69508c1a-0afa-4aff-9856-f87b2784cd95
x-runtime
0.029345
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 07 Jan 2022 05:19:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
cf-ray
6c9abbac294b3754-MXP
980b.gif
images.says.com/uploads/story_source/source_image/768244/ 		686 KB
687 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.says.com/uploads/story_source/source_image/768244/980b.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e717e471d327f2f1a02cfa359c544598afde16f0c35ad0b08554901db413b07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdv3Qom0dfeYd5IUVksdG6wPgBcUS6kV1aqItTgQiEzuVKBVOMkubb09AyJnqQYkQGWgi1mtb4BjezbCIhOuAs4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
702195
last-modified
Tue, 21 Jul 2020 13:08:46 GMT
server
cloudflare
etag
"6ba65bc12608c3a10cbaa114e2982ec8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Aqqi3w==, md5=a6ZbwSYIw6EMuqEU4pguyA==
x-goog-generation
1595336926187130
cache-control
public, max-age=315576000
x-goog-stored-content-length
702195
accept-ranges
bytes
cf-ray
6c9abbac294d3754-MXP
expires
Wed, 07 Jan 2032 17:19:47 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=says.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=says.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		300 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3322533202867840&correlator=21737767779325&output=ldjh&impl=fifs&eid=31061814%2C31063377&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220107&iu_parts=1009103%2CSAYS_desktop_outofpage%2CSAYS_desktop_billboard%2CSAYS_desktop_leaderboard%2CSAYS_halfpage%2CSays_InArticle_Pixel%2CSAYS_desktop_in_article_mrec%2Csays_inskin%2CSays_Web_Interstitial%2CSays_Andbeyond_Pixel&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=1x1%2C970x250%2C728x90%2C300x600%2C1x1%2C300x250%2C1x1%2C1x1%2C1x1&ists=258&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0&cust_params=section%3Dlifestyle%26pos%3Darticle%26environment%3Dproduction%26Brands%3D%26tagsSays%3Dlifestyle%252Crageroom%252Ctravel%252Cactivities%252Cattractions%252Crage&cookie_enabled=1&bc=31&abxe=1&lmt=1641532786&dt=1641532786587&dlt=1641532784334&idt=2188&frm=20&biw=1600&bih=1200&oid=2&adxs=1015%2C315%2C-9%2C-9%2C230%2C-9%2C0%2C-9%2C1015&adys=704%2C60%2C-9%2C-9%2C4301%2C-9%2C5082%2C-9%2C4700&adks=1585380070%2C3455604261%2C126976903%2C205075962%2C4088274682%2C3035523402%2C1044105006%2C765343895%2C468646908&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&vis=1&dmc=8&scr_x=0&scr_y=0&psz=370x4330%7C1600x250%7C0x-1%7C0x-1%7C770x410%7C0x-1%7C1600x5083%7C0x-1%7C370x3899&msz=370x0%7C970x-1%7C0x-1%7C0x-1%7C1x-1%7C0x-1%7C1x-1%7C0x-1%7C1x-1&ga_vid=333989470.1641532787&ga_sid=1641532787&ga_hid=1163640478&ga_fc=false&fws=4%2C4%2C2%2C2%2C4%2C2%2C0%2C2%2C4&ohw=1600%2C1600%2C0%2C0%2C1600%2C0%2C0%2C0%2C1600&btvi=0%7C0%7C-1%7C-1%7C1%7C-1%7C2%7C-1%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
58647f228fe008f1e08d5dcceff6e40d4f5df7097cdb8a2cb8964158ef482055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84244
x-xss-protection
0
google-lineitem-id
-2,-1,-2,-1,-2,-1,-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-2,-1,-2,-1,-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://says.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
111f87080fb69c259c2b88f2ce8f7d0ed2a3741ac39c3ffd25ce43326eb35125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8717
x-xss-protection
0
container.html
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A4C5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 07 Jan 2022 05:19:46 GMT
expires
Sat, 07 Jan 2023 05:19:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12940
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jan 2022 05:19:46 GMT
data
bcp.crwdcntrl.net/6/ 		719 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2fc7dbabfc005fcc46abffb82e1a2023d7ab0ca0755e01d2c47c9d378e35a527

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://says.com
cache-control
no-cache
x-server
10.45.30.202
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
719
expires
0
fXYZg81P83c
www.youtube.com/embed/ Frame BF1F 		59 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/fXYZg81P83c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d8f40a505e00b1ff67ee6d75dcd350526031887ca30058f8f494d926894b726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 07 Jan 2022 05:19:46 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iPHNspcFyow
www.youtube.com/embed/ Frame 8558 		60 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/iPHNspcFyow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f63977a77d21a2faf01899cc776ee6164e9742602b92936c8a49270c7097601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 07 Jan 2022 05:19:46 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
says.com/cdn-cgi/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://says.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://says.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6c9abbac59733754-MXP
vary
Origin
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsays.com%2F&domain=says.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://says.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://says.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1822
date
Fri, 07 Jan 2022 05:19:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsays.com%2F&domain=says.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=60WoKXwrM2ZRTXpYeUJxRFgvNzJxUm1CMGhxcUlYWG1pdzA3K1NRRkdtY0VOQXhta3FjSDZtalpGWTBjdmhNanJGMlBWSFdZTW9ZbXBXV0E4blRacWFWL0Z4VFlNMVIzV2VsT0VTOXUwYURiSUppQXRnRFZabmlCWkRobU...
352 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=60WoKXwrM2ZRTXpYeUJxRFgvNzJxUm1CMGhxcUlYWG1pdzA3K1NRRkdtY0VOQXhta3FjSDZtalpGWTBjdmhNanJGMlBWSFdZTW9ZbXBXV0E4blRacWFWL0Z4VFlNMVIzV2VsT0VTOXUwYURiSUppQXRnRFZabmlCWkRobU11ZGVIZTM1VXczbEtnbUNnR1hkTnVIa0hqMk1UaTlGQ2VSTUtwQjlabXVianFvbmtaaHhKak03dlJDUU5rZHQ5cGQvSWpzODBHcW8wdmJzYmQ4YTl6T21KOHJFTWlhWUV0V2o3RkVOOW0vMVNKTUVadHdrPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
31d9c853c708b76c66157ca9d90951cfd523478ad12b1354ad7f70eaaa8802f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2412
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:46 GMT
location
https://mug.criteo.com/sid?cpp=60WoKXwrM2ZRTXpYeUJxRFgvNzJxUm1CMGhxcUlYWG1pdzA3K1NRRkdtY0VOQXhta3FjSDZtalpGWTBjdmhNanJGMlBWSFdZTW9ZbXBXV0E4blRacWFWL0Z4VFlNMVIzV2VsT0VTOXUwYURiSUppQXRnRFZabmlCWkRobU11ZGVIZTM1VXczbEtnbUNnR1hkTnVIa0hqMk1UaTlGQ2VSTUtwQjlabXVianFvbmtaaHhKak03dlJDUU5rZHQ5cGQvSWpzODBHcW8wdmJzYmQ4YTl6T21KOHJFTWlhWUV0V2o3RkVOOW0vMVNKTUVadHdrPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4139
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a014be48ad2d69469e55c2f6ef8f0a37b844bb92c4b0c690fc198e70e075410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27012
x-xss-protection
0
server
sffe
etag
"1094 / 223 of 1000 / last-modified: 1641462274"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jan 2022 05:19:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 05:19:46 GMT
sdk.js
connect.facebook.net/en_US/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=32c7e79d7b501de4782f2b477d917e17
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eac4247ef2c5f2b263a8514cb7582559bb4315a359c60c2b86726384d47e90cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://says.com/
Origin
https://says.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
rh2K46blFyTuUfXWa+56Pg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83511
x-fb-rlafr
0
x-fb-debug
QkvI8OBwgRhJhiQ1/z6iPa0z4xmKOyu4kXQ/F4jG7epaNTiTW7NY47GfFs6p+YEkrWNCnigb2F9t7N3SRobRVQ==
x-fb-content-md5
3401930928873c36c319f6243670eef3
x-frame-options
DENY
date
Fri, 07 Jan 2022 05:19:46 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"a7d89780e2661abad9d1fa0a9862d149"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 07 Jan 2023 04:25:14 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034955&ns__t=1641532786689&ns_c=UTF-8&cv=3.5&c8=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1641532786689&ns_c=UTF-8&cv=3.5&c8=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fu...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1641532786689&ns_c=UTF-8&cv=3.5&c8=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&c7=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&c9=
Protocol
H2
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
BzvHynh84fcTbcVyTZk70mcTWZeYo-LaaUSAgAMgIifuRBKD1_zJrg==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 07 Jan 2022 05:19:46 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6034955&ns__t=1641532786689&ns_c=UTF-8&cv=3.5&c8=There's%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&c7=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&c9=
content-length
414
x-amz-cf-id
4384TmiuG4Hl6LU0-D7YgMCuY050TTLs_pmBXTi0VT0YuwN6Jvm4zA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6292
date
Fri, 07 Jan 2022 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 07 Jan 2022 05:34:54 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14724
x-xss-protection
0
server
cafe
etag
224124413464385116
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 05:19:46 GMT
chartbeat_mab_image.js
static.chartbeat.com/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab_image.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:30:41 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 20:17:30 GMT
server
nginx
age
6544
etag
W/"6009e15a-5976"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
UVmMj-aPr58ss1IPu8-SZ35RsqwrQ55jGKLziiK5e8NyWacsvoN-GA==
expires
Fri, 07 Jan 2022 05:30:41 GMT
ins.js
says.api.useinsider.com/ 		365 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://says.api.useinsider.com/ins.js?id=10002153
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e379b820d523eb341fa24c9e45799ac185bf589364f69ed73995c8c9a1f65c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
br
cf-cache-status
HIT
age
4049
x-amz-request-id
32WS3WMX3ZH01W19
x-amz-id-2
tvILz3fNtuxK/flcf/CJ1vkTAXYPpRIfNOEU6QsSFAB3EylCf0xgLORSSzuHTX69IAFQiAsi9ys=
last-modified
Thu, 06 Jan 2022 09:33:57 GMT
server
cloudflare
etag
W/"2365f2b2593cd7e184c70056bbe6ebda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=300
x-amz-version-id
4kHR7sdqGWfUOqNMGnlUohfC1J6Bh6hN
cf-ray
6c9abbad4bbfe8fb-MXP
expires
Fri, 07 Jan 2022 05:24:46 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:50:56 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
80679
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
KEwBitf0cUmiBTZdxk-lSVvHEsyIQr7XajH4_IVhOOJDzWNqzk-_PA==
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000073-IAD, cache-hhn11545-HHN
pcto.js
c16d-35-240-187-111.ngrok.io/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c16d-35-240-187-111.ngrok.io/pcto.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNLRMX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f16:d83:1201::6e:1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 05:19:46 GMT
Connection
close
Content-Length
65
Content-Type
text/plain
9zgdxuyjho
www.clarity.ms/tag/ 		572 B
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/9zgdxuyjho
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1861 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
226fc7898f6ff88dcef4fd920484039471618de0c2da72c07f7218a23f38b00f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
x-powered-by
ASP.NET
x-azure-ref
0cs3XYQAAAADwQaNeu6TcTYyWgF7g2BWKRlJBMzFFREdFMDQwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
www-player-webp.css
www.youtube.com/s/player/edff9f99/ Frame BF1F 		338 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fXYZg81P83c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fXYZg81P83c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
131946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47369
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:40:40 GMT
www-embed-player.js
www.youtube.com/s/player/edff9f99/www-embed-player.vflset/ Frame BF1F 		227 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fXYZg81P83c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fXYZg81P83c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
131946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75031
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:40:40 GMT
base.js
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame BF1F 		2 MB
529 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fXYZg81P83c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fXYZg81P83c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:43:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
131780
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
541622
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:43:26 GMT
fetch-polyfill.js
www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/ Frame BF1F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fXYZg81P83c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fXYZg81P83c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
131946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:40:40 GMT
www-player-webp.css
www.youtube.com/s/player/edff9f99/ Frame 8558 		338 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iPHNspcFyow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iPHNspcFyow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
131946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47369
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:40:40 GMT
www-embed-player.js
www.youtube.com/s/player/edff9f99/www-embed-player.vflset/ Frame 8558 		227 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iPHNspcFyow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iPHNspcFyow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
131946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75031
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:40:40 GMT
base.js
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame 8558 		2 MB
529 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iPHNspcFyow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iPHNspcFyow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:43:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
131780
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
541622
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:43:26 GMT
fetch-polyfill.js
www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/ Frame 8558 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iPHNspcFyow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iPHNspcFyow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
131946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:40:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF1F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fXYZg81P83c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 17:06:41 GMT
x-content-type-options
nosniff
age
216785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 17:06:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8558 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iPHNspcFyow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 17:06:41 GMT
x-content-type-options
nosniff
age
216785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 17:06:41 GMT
load.js
widget.perfectmarket.com/revasiaberhad-saysmy/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/revasiaberhad-saysmy/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76d2322d49a00d326f0f1a895eff4041618a76d0973d09c1576bf929bd4f4b25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
2XADTVrpjTfHIXWV0pT_ZYhLmSHLgZ_Z
content-encoding
gzip
etag
"b40ca4051ce92e93c82089fdf1047558"
age
0
x-cache
HIT, MISS
content-length
1254
x-amz-id-2
8nzQqvBZkpNrJ1IDuDS8EZ0+Q3Wad0+ZJpkhnguFHYfQeqBBwEvuc8MnkdfO83tWR4S4C1eYhjY=
x-served-by
cache-sna10728-LGB, cache-hhn4057-HHN
last-modified
Tue, 17 Mar 2020 06:36:23 GMT
server
AmazonS3
x-timer
S1641532787.773923,VS0,VE170
date
Fri, 07 Jan 2022 05:19:46 GMT
vary
Accept-Encoding,,
x-amz-request-id
NCEKA0JT4E0TS1AV
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 0
impl.20220106-2-RELEASE.js
cdn.taboola.com/libtrc/ 		615 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220106-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0f93cbff208f3aecc4a2d63cd0a20b4c086d0fccdc26ffb84568ca8fcb08b594

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
nzX8NUlnagFfmJvVzQnCFShEC6H6Tnhu
content-encoding
br
etag
"3cf1978b80e06c3f2279e0e5f0d33d59"
age
19825
x-cache
HIT
content-length
129793
x-amz-id-2
z9NFYfWeFS2VmREA2vmCzvg9kZ+y1oRO/OaDpL9xXhDQdwwTrG97YKinGf2nTyyQyPArAGGrfsw=
x-served-by
cache-hhn4065-HHN
last-modified
Thu, 06 Jan 2022 07:40:27 GMT
server
AmazonS3-br
x-timer
S1641532787.743807,VS0,VE0
date
Fri, 07 Jan 2022 05:19:46 GMT
vary
Accept-Encoding
x-amz-request-id
44CNC4NQGPXA2M63
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
3800
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 3ACB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11139
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

content-type
text/html
date
Thu, 06 Jan 2022 05:31:01 GMT
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
x-amz-server-side-encryption
AES256
cache-control
max-age: 86400
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
M-VFiIYj1h1ZMopADMU_sYLU0ds0prIytb716UY7I71h8_udQ8j_Aw==
age
85725
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=60WoKXwrM2ZRTXpYeUJxRFgvNzJxUm1CMGhxcUlYWG1pdzA3K1NRRkdtY0VOQXhta3FjSDZtalpGWTBjdmhNanJGMlBWSFdZTW9ZbXBXV0E4blRacWFWL0Z4VFlNMVIzV2VsT0VTOXUwYURiSUppQXRnRFZabmlCWkRobU11ZGVIZTM1VXczbEtnbUNnR1hkTnVIa0hqMk1UaTlGQ2VSTUtwQjlabXVianFvbmtaaHhKak03dlJDUU5rZHQ5cGQvSWpzODBHcW8wdmJzYmQ4YTl6T21KOHJFTWlhWUV0V2o3RkVOOW0vMVNKTUVadHdrPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1078
date
Fri, 07 Jan 2022 05:19:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=204299389728697&ev=fb_page_view&dl=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&rl=&if=false&ts=1641532786771&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 07 Jan 2022 05:19:46 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=204299389728697&ev=fb_page_view&dl=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&rl=&if=false&ts=1641532786772&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 07 Jan 2022 05:19:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7768 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Thu, 06 Jan 2022 20:07:59 GMT
expires
Fri, 06 Jan 2023 20:07:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
33107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DA0E 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c35206600477a314038bc3fa5729b93ac651a8ba4b950395b05031fc91dabdd0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C+BIqo9LFusE1cs32YxEsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 07 Jan 2022 05:19:46 GMT
date
Fri, 07 Jan 2022 05:19:46 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-C+BIqo9LFusE1cs32YxEsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publisher:getClientId
ampcid.google.com/v1/ 		74 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://says.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
b
sb.scorecardresearch.com/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034955&comscorekw=fbia&ns__t=1641532786780&ns_c=UTF-8&cv=3.5&c8=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&c7=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
UTCZ3nQjbZUc15EmgML6t3nGHuVlu_41i7Sx92m3TGJq3y1-bXu_9g==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/ 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1641532786781&ns_c=UTF-8&cv=3.5&c8=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&c7=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
EBtwDFrpiL9ME59NqTUiP9-3eKy2uIQW9MNJA1v6XTIWr3iy-HNZLQ==
x-cache
Miss from cloudfront
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/830366072/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830366072/?random=1641532786803&cv=9&fst=1641532786803&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg150&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&tiba=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9257d2fc0f1e501035e17ed8dc09cd180dcd03642978c1112602372e8d5ad56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1168
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:48:35 GMT
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 00:28:27 GMT
server
nginx
age
1871
etag
W/"6179eeab-11377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ARXbl6_VlcPryrssvxJR7NHoUuDRoBj4UBa_NE68GlkXSi60i5Gj6g==
expires
Fri, 07 Jan 2022 06:48:35 GMT
adsct
analytics.twitter.com/i/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1blg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=35af9c1f-7041-430e-a30e-a4862937d667&tw_document_href=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
102
date
Fri, 07 Jan 2022 05:19:46 UTC
cache-control
no-cache, no-store, max-age=0
server
tsa_o
x-connection-hash
47f778e1ecbb999efc7202b3aed8eb13a3fb0605dd7449a9bedefdd027cb7666
content-length
0
strict-transport-security
max-age=631138519
adsct
t.co/i/ 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1blg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=35af9c1f-7041-430e-a30e-a4862937d667&tw_document_href=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
107
pragma
no-cache
last-modified
Fri, 07 Jan 2022 05:19:46 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b67c2765fab64d908ad0ef493d55c59265518772ea4bceb3393c257a20e14cee
x-transaction
0c19a6acf9e84edf
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		235 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=says.com&domain=says.com&path=%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab_image.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ebab854ae968fde78b7b4cc8240e4580bda5f1d99bef539b2a2769d3b075b0e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
174
x-served-by
cache-mxp6931-MXP
access-control-allow-origin
*
x-timer
S1641532787.898904,VS0,VE105
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Wed, 05 Jan 2022 05:19:46 GMT
json
trc.taboola.com/revasiaberhad-saysmy/trc/3/ 		57 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/revasiaberhad-saysmy/trc/3/json?tim=05%3A19%3A46.860&lti=deflated&data=%7B%22id%22%3A888%2C%22ii%22%3A%22%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1641464063089%2C%22vi%22%3A1641532786858%2C%22cv%22%3A%2220220106-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5083%2C%22qs%22%3A%22%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4649.359375%2C%22mw%22%3A740%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A7%2C%22uim%22%3A%22organic-thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%202nd%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%202nd%22%2C%22cd%22%3A4699.828125%2C%22mw%22%3A370%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%2CBelow%20Article%20Thumbnails%3Dthumbnails-b%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%202nd%3Dorganic-thumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220106-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
db8b8f19571f163d2f9504803c854aa5cefc29a7f7dee67eda68c00518a1bb14

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
282
date
Fri, 07 Jan 2022 05:19:47 GMT
content-encoding
gzip
server
nginx
x-timer
S1641532787.871987,VS0,VE282
x-served-by
cache-hhn4065-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://says.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
publisher:getClientId
ampcid.google.de/v1/ 		3 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://says.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
id
googleads.g.doubleclick.net/pagead/ Frame 8558
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iPHNspcFyow
Protocol
H3
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beae42806e60f21603cbc9db1e973109db8378eaafc669ca420defae32c774b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 07 Jan 2022 05:19:46 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8558 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:12:14 GMT
x-content-type-options
nosniff
age
452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 07 Jan 2022 05:27:14 GMT
id
googleads.g.doubleclick.net/pagead/ Frame BF1F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fXYZg81P83c
Protocol
H3
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b134fde89ebfa43641375b03db908871b6d1934afe94d6a952fe630fa43a07da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 07 Jan 2022 05:19:46 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BF1F 		29 B
89 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:12:14 GMT
x-content-type-options
nosniff
age
452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 07 Jan 2022 05:27:14 GMT
remote.js
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame 8558 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd41db2e1e96f28eee9a1eec9333b8b8810b685ae4e304624b74e1a10b0167fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iPHNspcFyow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:43:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
131778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29833
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:43:28 GMT
rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js
www.google.com/js/th/ Frame 8558 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad609f7412bd864afe19e2e3f5046e0aca37045723940a4c84697b9d0e8c491c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 09:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
69593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13412
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 09:59:53 GMT
embed.js
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame 8558 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iPHNspcFyow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:43:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
131779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7633
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:43:28 GMT
remote.js
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame BF1F 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd41db2e1e96f28eee9a1eec9333b8b8810b685ae4e304624b74e1a10b0167fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fXYZg81P83c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:43:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
131779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29833
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:43:28 GMT
rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js
www.google.com/js/th/ Frame BF1F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad609f7412bd864afe19e2e3f5046e0aca37045723940a4c84697b9d0e8c491c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 09:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
69594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13412
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 09:59:53 GMT
embed.js
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame BF1F 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fXYZg81P83c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 16:43:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
131779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7633
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 01:18:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Jan 2023 16:43:28 GMT
truncated
/ Frame 8558 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
bOdcS31Rnn0UGSV5zUxrz9ZbePWiuBqSipLk_ZCR2F3WEj3Hfy5-eCjk7QI3iS8e2TNtnpwT2xU=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 8558 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/bOdcS31Rnn0UGSV5zUxrz9ZbePWiuBqSipLk_ZCR2F3WEj3Hfy5-eCjk7QI3iS8e2TNtnpwT2xU=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iPHNspcFyow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
87f390c5a067fdeed9ba1e736ff02f8e97220a37d13fb28a910007c1f958b6ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:17:24 GMT
x-content-type-options
nosniff
age
7343
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2432
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 04 Jan 2022 09:06:04 GMT
hqdefault.webp
i.ytimg.com/vi_webp/iPHNspcFyow/ Frame 8558 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/iPHNspcFyow/hqdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iPHNspcFyow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
557cfd4746bcfc0abc05cca7cf4faa59823641b93b3c3deb87e9c7f844ca99f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28544
x-xss-protection
0
server
sffe
etag
"1641368682"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Jan 2022 05:24:47 GMT
truncated
/ Frame BF1F 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
bOdcS31Rnn0UGSV5zUxrz9ZbePWiuBqSipLk_ZCR2F3WEj3Hfy5-eCjk7QI3iS8e2TNtnpwT2xU=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame BF1F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/bOdcS31Rnn0UGSV5zUxrz9ZbePWiuBqSipLk_ZCR2F3WEj3Hfy5-eCjk7QI3iS8e2TNtnpwT2xU=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fXYZg81P83c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
87f390c5a067fdeed9ba1e736ff02f8e97220a37d13fb28a910007c1f958b6ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:17:24 GMT
x-content-type-options
nosniff
age
7343
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2432
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 04 Jan 2022 09:06:04 GMT
hqdefault.jpg
i.ytimg.com/vi/fXYZg81P83c/ Frame BF1F 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/fXYZg81P83c/hqdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fXYZg81P83c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0aee772eaa1637138fed7052154f2ff52abff10c1f187dc10cfed2f05c40355
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:43:12 GMT
x-content-type-options
nosniff
age
5795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48674
x-xss-protection
0
server
sffe
etag
"1641132905"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Jan 2022 05:43:12 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1163640478&t=pageview&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&ul=en-us&de=UTF-8&dt=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACAABBAQCAC~&jid=944415525&gjid=1281307111&cid=333989470.1641532787&tid=UA-27970811-1&_gid=262133666.1641532787&_r=1&gtm=2wg1505WNLRMX&cd1=Arisha%20Rozaidee&cd3=n%2Fa&cd5=lifestyle&cd6=lifestyle%2C%20rageroom%2C%20travel%2C%20activities%2C%20attractions%2C%20rage&z=1076989710
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/830366072/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/830366072/?random=1641532786803&cv=9&fst=1641531600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg150&sendb=1&frm=0&url=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&tiba=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&async=1&fmt=3&is_vtc=1&random=1327405175&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/830366072/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/830366072/?random=1641532786803&cv=9&fst=1641531600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg150&sendb=1&frm=0&url=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&tiba=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&async=1&fmt=3&is_vtc=1&random=1327405175&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
f.clarity.ms/s/0.6.31/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/s/0.6.31/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9zgdxuyjho
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:46 GMT
content-encoding
br
etag
"1d7ffcbff747e00"
last-modified
Sun, 02 Jan 2022 11:29:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=C32BFBAC9A7247329D1C63A3A64C117D&RedC=c.clarity.ms&MXFR=0DAF08F9132E626E318019DC172E6CEF
  • https://c.clarity.ms/c.gif?CtsSyncId=C32BFBAC9A7247329D1C63A3A64C117D&MUID=33E9A24229E4664F14F0B367288F67EA
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=C32BFBAC9A7247329D1C63A3A64C117D&MUID=33E9A24229E4664F14F0B367288F67EA
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f95a3e4769d2d71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9C1D64D82AE540D88F2733076835DC87 Ref B: FRAEDGE1520 Ref C: 2022-01-07T05:19:47Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=C32BFBAC9A7247329D1C63A3A64C117D&MUID=33E9A24229E4664F14F0B367288F67EA
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
worker-new.html
says.api.useinsider.com/ Frame 0624 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://says.api.useinsider.com/worker-new.html
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-type
text/html
access-control-allow-origin
*
last-modified
Thu, 06 Jan 2022 04:01:20 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
4049
expires
Sun, 23 Jan 2022 05:19:47 GMT
cache-control
public, max-age=1382400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c9abbaf8cfbe8fb-MXP
content-encoding
br
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=says.com&p=%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun&u=7GJlvB38co8hLaZs&d=says.com&g=65124&g0=lifestyle&g1=arisha%20rozaidee&n=1&f=00001&c=0&x=0&m=0&y=5083&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2669&_s=%7B%22ga%22%3Anull%7D&t=CeK--eDLY1r-D5XliNCEeEqbDf6XGo&V=129&i=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&tz=0&sn=1&sv=B31KoyD2mCFeBwl__9BWNRblBScWFQ&sd=1&im=067b2ef3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.50.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-50-180.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
pmk-202002191.4.js
widget.perfectmarket.com/revasiaberhad-saysmy/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/revasiaberhad-saysmy/pmk-202002191.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/revasiaberhad-saysmy/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc4b0c0e3f6bef7a65aed715e26ccbbb24f99a9730485c56d61c63c4dba00918

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
yuLPZ2whkpUPf6ItPHGvFNOkVO6R346r
content-encoding
gzip
etag
"f974acdc6ebcc31b6fd1434e5c831123"
age
4989546
x-cache
HIT, HIT
content-length
30922
x-amz-id-2
wdQYrYxv1EEVjEktxhsaZDdzyZg7jhOrxbGe/VrO/06MBz6j8tvw8rnP2gLauTu4Qdw8FH0yFxg=
x-served-by
cache-sna10745-LGB, cache-hhn4057-HHN
last-modified
Tue, 17 Mar 2020 06:36:23 GMT
server
AmazonS3
x-timer
S1641532787.137798,VS0,VE1
date
Fri, 07 Jan 2022 05:19:47 GMT
vary
Accept-Encoding,,
x-amz-request-id
30BRPKV7P9ZMZFVW
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27970811-1&cid=333989470.1641532787&jid=944415525&gjid=1281307111&_gid=262133666.1641532787&_u=YChACAAABAQCAC~&z=792164790
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 07 Jan 2022 05:19:47 GMT
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169284420317900&ev=PageView&dl=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&rl=&if=false&ts=1641532787150&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbc=fb.1.1641532787149.IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&fbp=fb.1.1641532787150.844378079&it=1641532786485&coo=false&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Fri, 07 Jan 2022 05:19:47 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/11139/ 		1 KB
934 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/11139/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e22cb4e66e648370b980132b699183bd83db43648b6a901394b428c8cede89a

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 06 Jan 2022 09:41:32 GMT
content-encoding
gzip
age
70696
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 Jan 2022 09:25:10 GMT
server
AmazonS3
etag
W/"d090cfae6309c3d6f61faede5c8a04fb"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
qJPYGJkI0Gz-5C-FGLDEM9Gzpz75mHjZ361inv-3l0xr8PLns1U5Ig==
sodar
pagead2.googlesyndication.com/pagead/ Frame DA0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3322533202867840&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixels
bcp.crwdcntrl.net/ Frame BB86 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=61%2C12%2C8%2C2&b=797747%2C1769168&c=11139
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=11139
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2a0d2f74a554c2d0677d75d7fec2440622c7f110cd2c7c64a16f060e7e18e27e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tags.crwdcntrl.net/

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-type
text/html
content-length
1860
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.28.123
server
Jetty(9.4.38.v20210224)
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220106-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
n7qu5_m2oY3yYk8zx0ISQgopnHkiUO7s
content-encoding
gzip
etag
"103abcd7af0ff73c2bca84d874ada0e2"
age
21965
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6020
x-amz-id-2
GeZqO0F3NOz0iOI821vgOrpurze73riaxjRievCeZJaww5OvYYab4S9DM5B85HZrq/4Smi3CKCA=
x-served-by
cache-hhn4065-HHN
last-modified
Tue, 30 Nov 2021 12:15:08 GMT
server
AmazonS3
x-timer
S1641532787.180646,VS0,VE0
date
Fri, 07 Jan 2022 05:19:47 GMT
vary
Accept-Encoding
x-amz-request-id
DM4TS8RBC4QR30HB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
37
x-cache-hits
9669
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
948 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220106-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
8oi59FmV5lZnBSZug04yEHoBr2VIEPOj
content-encoding
gzip
etag
"44e0fb48ae5c8af459ee8102bcc39ee7"
age
21964
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
702
x-amz-id-2
YfEo/jNKy9VyzAv0FTU0ShdBG6Mo4oz8bW0wfQ1Y8GKbPYea7tc56se0/ZtAApmrLISWlz6RHhc=
x-served-by
cache-hhn4065-HHN
last-modified
Tue, 30 Nov 2021 12:15:07 GMT
server
AmazonS3
x-timer
S1641532787.180737,VS0,VE0
date
Fri, 07 Jan 2022 05:19:47 GMT
vary
Accept-Encoding
x-amz-request-id
DM4JZ6Z5KTTR7WY0
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
37
x-cache-hits
8356
tfa-eid.20220106-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20220106-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5134228adcaa0fc32236684795bca9b368864e9374fbd49757c71d9d8e707e2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
LFcdA3ZSJHd.0TnVdFhWcDTqdN2IE9Tm
content-encoding
gzip
etag
"b10f42d3b496900579cc38389c258b8d"
age
17
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5061
x-amz-id-2
l9emKif+NonBjvv/qngzzaHS2rCq/+g60KoA5+qPqYbwFGRumxlM/7x/P7HWhkmhELldpB5wzMM=
x-served-by
cache-hhn4065-HHN
last-modified
Thu, 06 Jan 2022 14:52:57 GMT
server
AmazonS3
x-timer
S1641532787.181553,VS0,VE0
date
Fri, 07 Jan 2022 05:19:47 GMT
vary
Accept-Encoding
x-amz-request-id
ZMG3P4WHGP5T9HYH
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
37
x-cache-hits
4
sha256.20220106-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20220106-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eeacc99d7476446ea4f2e74bd12e75b11195c0a0e2ff89951046d5a5052f5661

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
fR_Z5huqqGM.sJ3QQAsmRLTlIXyoICFx
content-encoding
gzip
etag
"d5080f2c35acead79f013d9f5e372105"
age
118
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2590
x-amz-id-2
CAiN7njOhEe6mBGTw9757a3IsROL/4weMcjK8Vvca7I1ctPpXE+UBDR/ajjExE5F4wEdAk0Sg68=
x-served-by
cache-hhn4065-HHN
last-modified
Thu, 06 Jan 2022 14:53:13 GMT
server
AmazonS3
x-timer
S1641532787.181743,VS0,VE0
date
Fri, 07 Jan 2022 05:19:47 GMT
vary
Accept-Encoding
x-amz-request-id
PXJJJSD8GQ4CN5PA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
37
x-cache-hits
60
tb
15.taboola.com/ 		38 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=revasiaberhad-saysmy&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun&encoded=1&uid=904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2&variant=-100|4439&callback=TRC.videoTagCallbacks.videoCallback1&cb=1641532787182&tagid=&cntry=DE&platform=1&sesid=e03719a56d7b5f524d713e7cdc0af4a6&itemid=/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun&viewid=1641532786858&geolat=&geoing=&deviceifa=&appid=&sd=v2_e03719a56d7b5f524d713e7cdc0af4a6_904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2_1641532786_1641532786_CNawjgYQu6lAGKqR6pfjLyABKAEwODib4wlAgooQSMzF3gNQpewQWABgAGjbwtakkbOV1QpwAA&ri=c23b5e610b5074a6f765a180e59cfd1d&appname=&cdb=&gdprApplies=true&rid=&sii=3740069817775933053&oee=true&tpubid=1053883&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1053519&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220106-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a237686b34ddd9d412e86a71c4d69d9100707d49d5d5d3eff2f668683d2ee94

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-encoding
gzip
access-control-allow-origin
https://says.com
machineid
1449
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn4065-HHN
pragma
no-cache
server
nginx
x-timer
S1641532787.185464,VS0,VE17
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20220106-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220106-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83aa6b310cdcebbb3c40efd2dceaccfc2b13e494e22574835bbbbd0108cef70b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
VzSiqo1vNcm5NO60fMIoTdTljEt8wZge
content-encoding
gzip
etag
"c35d97a43d77f814b03d6b7cb27215f5"
age
99
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
ohGphEfc3pZpoI6bkS7bK659z4Peh4roscU/HQE66dfgTHXrTamZwWesqZGrLONlyJ+psR9rAZ4=
x-served-by
cache-hhn4065-HHN
last-modified
Thu, 06 Jan 2022 14:53:33 GMT
server
AmazonS3
x-timer
S1641532787.185936,VS0,VE0
date
Fri, 07 Jan 2022 05:19:47 GMT
vary
Accept-Encoding
x-amz-request-id
J5ST9K8VA5JG7VSB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
37
x-cache-hits
26
userx.20220106-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220106-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc751631b01d707fbf9d49d2cb3852260ca0973defc31630c43df334872b3a45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
8hk.PoG9ags0rlC00dcgg046wxDx0GVZ
content-encoding
gzip
etag
"5a4d6106700f672eaa8df0c435a532f9"
age
10
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5410
x-amz-id-2
Uhh/aoIbK19iPLCbs77JwjP5ZDu9ZB+LtxCdzoZZ3tzV90gPzFWlSxQUTcC6j0A5yMfu+miAPys=
x-served-by
cache-hhn4065-HHN
last-modified
Thu, 06 Jan 2022 14:52:52 GMT
server
AmazonS3
x-timer
S1641532787.196133,VS0,VE1
date
Fri, 07 Jan 2022 05:19:47 GMT
vary
Accept-Encoding
x-amz-request-id
Y1ZN23FYNNYNVKH2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
37
x-cache-hits
1
cta-component.20220106-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220106-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8e3cca7afe137169ab0dded5678ac0213c615c4f0c2f2a5cf99a5a5b3b4c449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
aZkiJjgKZwzpKnmMAqwCWYyKrSxzylo6
content-encoding
gzip
etag
"e1c8afa59e00ce9f2d3415b0c9eec362"
age
76
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5021
x-amz-id-2
zrFdN2JzTAagg1XmP2twLL98JfvzWwsiRPAfO5Gvr7IEHPzgwHg1C1TcrTAG08y6eG1L2ECdLKw=
x-served-by
cache-hhn4065-HHN
last-modified
Thu, 06 Jan 2022 14:53:43 GMT
server
AmazonS3
x-timer
S1641532787.200837,VS0,VE0
date
Fri, 07 Jan 2022 05:19:47 GMT
vary
Accept-Encoding
x-amz-request-id
PEVB1ET6NR230EAS
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
37
x-cache-hits
4
explore-more.20220106-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20220106-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/revasiaberhad-saysmy/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5539208e2eac41830b45b93b3a6c50eb872b5e72f872f12969d7a8d6cc06f670

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
ECgl6_Pg8TNno22FHHI.yo7SqoxpXRge
content-encoding
gzip
etag
"4a54cff0ee3a00e31c3285cf259d7de6"
age
91
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4480
x-amz-id-2
MmD+KCV0tXcV2IWakKGmw1ukYTBaNGTbSwbThUzcRqnp6K36cR0+2LjvaQxv3evYWH2lLvdvGBk=
x-served-by
cache-hhn4065-HHN
last-modified
Thu, 06 Jan 2022 14:53:35 GMT
server
AmazonS3
x-timer
S1641532787.209687,VS0,VE0
date
Fri, 07 Jan 2022 05:19:47 GMT
vary
Accept-Encoding
x-amz-request-id
ZBSX3R38QPJ3S830
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
37
x-cache-hits
8
debug
am-trc-events.taboola.com/revasiaberhad-saysmy/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/revasiaberhad-saysmy/log/2/debug?tim=05%3A19%3A47.187&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=5388&cv=20220106-2-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13315
debug
am-trc-events.taboola.com/revasiaberhad-saysmy/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/revasiaberhad-saysmy/log/2/debug?tim=05%3A19%3A47.188&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=1191&cv=20220106-2-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13315
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
90
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
vdA1fM/ueVcBDOoUVSEDRpa24mwHyUIbutJtEAlNDOonE4Ed3pW5LXSBfg1anUvlIEPpR7ITYCg=
x-served-by
cache-hhn4065-HHN
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1641532787.239194,VS0,VE0
date
Fri, 07 Jan 2022 05:19:47 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
C4YJQ6A4BDP6Z3HK
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
37
x-cache-hits
15
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27970811-1&cid=333989470.1641532787&jid=944415525&_u=YChACAAABAQCAC~&z=1768174099
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27970811-1&cid=333989470.1641532787&jid=944415525&_u=YChACAAABAQCAC~&z=1768174099
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B943 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 07 Jan 2022 05:19:46 GMT
expires
Sat, 07 Jan 2023 05:19:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abtests
trc.taboola.com/revasiaberhad-saysmy/log/3/ 		0
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/revasiaberhad-saysmy/log/3/abtests?route=AM:AM:V&lti=deflated&ri=b6b967b24497f2750f5bd817faaa0bf3&sd=v2_e03719a56d7b5f524d713e7cdc0af4a6_904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2_1641532786_1641532786_CNawjgYQu6lAGKqR6pfjLyABKAEwODib4wlAgooQSMzF3gNQpewQWABgAGjbwtakkbOV1QpwAA&ui=904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2&pi=/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun&wi=3740069817775933053&pt=text&vi=1641532786858&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1641532787298%7D&tim=05%3A19%3A47.298&id=6352&llvl=2&cv=20220106-2-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish
server
nginx
x-timer
S1641532787.304018,VS0,VE9
x-served-by
cache-hhn4065-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
pagead2.googlesyndication.com/bg/ Frame 7768 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e63e150802cb6521f1082f50e27a68b516c2afe27832d5cec6be1d2027339083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 19:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
35825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13512
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 19:22:42 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 8558 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 05:19:47 GMT
9535.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/9535.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4206c25c7a42acaec37bfb5b5c4144aebdea6204697cf42a7728ecee4e60a605

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
2509509
edge-cache-tag
439795343567125114038161934437292561400,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
cache-tag
439795343567125114038161934437292561400,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
264
expiration
expiry-date="Fri, 24 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/9535.jpg
content-length
46934
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Tue, 23 Nov 2021 11:25:31 GMT
server
nginx
x-timer
S1641532787.319361,VS0,VE1
etag
"70ba1b0b440ddbd0b13d7c0bc3e24a5b"
x-served-by
cache-dca17743-DCA, cache-dca17746-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
875928d3a8e7e82246def33bae1926e2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/875928d3a8e7e82246def33bae1926e2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17cad871214c208c7e4bf8dcfd512d10b053fa93fc0693cb3882e287011034a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3236534
edge-cache-tag
416442411640116667038776634425352491232,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
144
expiration
expiry-date="Fri, 31 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/875928d3a8e7e82246def33bae1926e2.png
content-length
33946
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Tue, 30 Nov 2021 13:32:59 GMT
server
nginx
x-timer
S1641532787.319411,VS0,VE1
etag
"a93570d7d7b60b64e1698727c0fb098c"
x-served-by
cache-wdc5554-WDC, cache-dca17730-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
3b3b873129b66be51373e5b6d7769664.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b3b873129b66be51373e5b6d7769664.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aed38d21380146b4eb1ac909b5f00340bba89d8f8cff4696b2b3811627fc26e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
4989755
edge-cache-tag
343955008864550298737709319544917916478,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
123
expiration
expiry-date="Sat, 13 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b3b873129b66be51373e5b6d7769664.jpeg
content-length
43102
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Wed, 13 Oct 2021 18:32:42 GMT
server
nginx
x-timer
S1641532787.319294,VS0,VE1
etag
"aae9dcb84c1b51a32e9415306036c4df"
x-served-by
cache-wdc5562-WDC, cache-dca17756-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
00bafe7dcbb230a17c00bce4228c7c5b.jpg
images.taboola.com/taboola/image/fetch/h_450,w_900,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_450,w_900,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00bafe7dcbb230a17c00bce4228c7c5b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f8113516e6b700f80eabe1c960dcf901ab9d3854f192eead8b8d635a4dbfba5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3087041
edge-cache-tag
503560816097622383520826989519610811760,533101586484757815982408083691690681159,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
535
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_450,w_900,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00bafe7dcbb230a17c00bce4228c7c5b.jpg
content-length
11458
x-request-id
1eb259443de9dc5e48b01ba5feda345a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 11 Nov 2021 11:25:35 GMT
server
nginx
x-timer
S1641532787.319462,VS0,VE1
etag
"2182919b6501eef2b4305e85d44d52df"
x-served-by
cache-wdc5542-WDC, cache-dca17764-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
9adf2a98315baed83bd4692f1333a9e2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cac672fdf704db4efb8a9094c8f88118de2d86868e493eb2fce425688c989911

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3843605
edge-cache-tag
586919808178527439769263544249810208008,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
103
expiration
expiry-date="Mon, 29 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
content-length
19436
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 29 Oct 2021 12:50:15 GMT
server
nginx
x-timer
S1641532787.319520,VS0,VE1
etag
"3e584c2ca0b7acd4d6fc0b5f0f0a868f"
x-served-by
cache-dca17734-DCA, cache-dca17756-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
de470eabe09fa22a9cf85c5932f6ba21.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de470eabe09fa22a9cf85c5932f6ba21.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
84b1e12cac11b21464e7486780a0b6f75b70ad46d81c714b50a82cb59b46fc73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
4226150
edge-cache-tag
312291557557141952616368003467703930367,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
101
expiration
expiry-date="Mon, 29 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de470eabe09fa22a9cf85c5932f6ba21.jpg
content-length
5644
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 29 Oct 2021 10:48:51 GMT
server
nginx
x-timer
S1641532787.319565,VS0,VE0
etag
"64458dd42e7fd88cad26a42173cb2bef"
x-served-by
cache-wdc5570-WDC, cache-dca17778-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 178
926e690865261a1f43e3e9a130a3a447.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/926e690865261a1f43e3e9a130a3a447.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca73a7d0d047beb4309308bb58c6626df780d5bb839340b70a4c6c070c466654

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3328609
edge-cache-tag
364867598260050739277068408146472801346,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
535
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/926e690865261a1f43e3e9a130a3a447.png
content-length
41942
x-request-id
1a777ac9249fa7e074ff851d633feff7
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Mon, 29 Nov 2021 13:30:40 GMT
server
nginx
x-timer
S1641532787.328578,VS0,VE1
etag
"a027a7ad60e2e1ae6f4b153b70b89d7c"
x-served-by
cache-wdc5551-WDC, cache-dca17782-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame BF1F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 05:19:47 GMT
9535.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/9535.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d9ba3eadef12ba520749fbd669c1e116c4e61f28a3aaa099200d36b4d9ab9190

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
98
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2347196
edge-cache-tag
439795343567125114038161934437292561400,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
439795343567125114038161934437292561400,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
161
x-cache
HIT, MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/9535.jpg
content-length
61688
x-request-id
832ff9b4dc3449a87628938caa82a36c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sat, 20 Nov 2021 14:11:55 GMT
server
nginx
x-timer
S1641532787.329490,VS0,VE98
etag
"0ebbadba4d37c8643583fb26574c9c2b"
x-served-by
cache-bwi5048-BWI, cache-dca17731-DCA, cache-iad-kjyo7100109-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 0
ecba.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/30568/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/30568/ecba.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe33962c08f4f69eb88198b8a56b570a3b019fe10fea937c44da872d1b165eb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
97
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
871695
edge-cache-tag
359512506276649091362464352364413874090,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
359512506276649091362464352364413874090,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
760
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/30568/ecba.jpg
content-length
42798
x-request-id
fbf6cfeca7ccbd91d419596be29e0291
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 28 Nov 2021 01:14:15 GMT
server
nginx
x-timer
S1641532787.331612,VS0,VE97
etag
"c025ddb3feeaa153b22ec01d9156b78e"
x-served-by
cache-bwi5024-BWI, cache-iad-kjyo7100164-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
thumb_cc11.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44518/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44518/thumb_cc11.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9745e14f3400b312c5493f11bd87465ca464bbdd8d12bb76d2df64f6c25ecabf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
291798
edge-cache-tag
442672218060873548660388170295242426401,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
442672218060873548660388170295242426401,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
407
expiration
expiry-date="Thu, 06 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44518/thumb_cc11.jpg
content-length
25934
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 06 Dec 2021 04:39:13 GMT
server
nginx
x-timer
S1641532787.331721,VS0,VE94
etag
"faea327bdbe8684aa5e7cf3212c20db7"
x-served-by
cache-bwi5020-BWI, cache-iad-kiad7000034-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
38f4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34559/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34559/38f4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cab00a8f38173aff30818685677f81e3ddf45484135d3fca00906400c625ade6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
1684970
edge-cache-tag
348508603861720919346010215651736459770,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
348508603861720919346010215651736459770,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
150
expiration
expiry-date="Fri, 24 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34559/38f4.jpg
content-length
42230
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 23 Nov 2021 09:10:50 GMT
server
nginx
x-timer
S1641532787.331797,VS0,VE93
etag
"ff9121a2f4b15486387c9e170ed74188"
x-served-by
cache-bwi5046-BWI, cache-iad-kjyo7100117-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
d4ce.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/43875/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/43875/d4ce.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bcb364b14c29acf55f1f6bd167a0aa6705ef92b7eb9139ba50b3ae121acdb372

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
1117
date
Fri, 07 Jan 2022 05:19:48 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
521317800546490121683099890882165768343,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
cache-tag
521317800546490121683099890882165768343,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
953
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/43875/d4ce.jpg
content-length
39748
x-request-id
acd39bd53de75a570a67c688afbd8527
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Wed, 15 Dec 2021 06:02:39 GMT
server
nginx
x-timer
S1641532787.331875,VS0,VE1117
etag
"bd719591990a8f93fcd4401ecc2e54a6"
x-served-by
cache-dca17757-DCA, cache-iad-kiad7000173-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
50f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/37721/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/37721/50f8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
98e20fed1ad95e3f47ff63d1307887cbbf59d4d8d87b59001e5e24545caff46b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
96
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
864229
edge-cache-tag
557147430032391617620370462892285537717,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag
557147430032391617620370462892285537717,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
65
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/37721/50f8.jpg
content-length
45456
x-request-id
d1184f0583eca390f244757be2b2d0dd
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 16 Dec 2021 17:09:20 GMT
server
nginx
x-timer
S1641532787.338028,VS0,VE96
etag
"388aea149b3420dfe1b6fc0e6ca28436"
x-served-by
cache-wdc5537-WDC, cache-iad-kjyo7100128-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
thumb_e5ed.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44382/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44382/thumb_e5ed.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa81d8e25752bc894740691e4213a0d98a9d7575b9ac3f70e15f02dcebff4550

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
912
date
Fri, 07 Jan 2022 05:19:48 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
496763397739178254498408676175633513196,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag
496763397739178254498408676175633513196,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
789
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44382/thumb_e5ed.jpg
content-length
21264
x-request-id
420d80943cf2388b72898e8f2860c571
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 26 Dec 2021 14:13:49 GMT
server
nginx
x-timer
S1641532787.435891,VS0,VE912
etag
"82778047522085837313909495194d40"
x-served-by
cache-bwi5034-BWI, cache-iad-kcgs7200161-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
thumb_e34c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/51928/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/51928/thumb_e34c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a01e2f2217509abd05a352895fdcaac4415371443349446e4a74b663377326d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
920
date
Fri, 07 Jan 2022 05:19:48 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
446004040418045041810879294938507139807,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag
446004040418045041810879294938507139807,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
755
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/51928/thumb_e34c.jpg
content-length
36258
x-request-id
33bd55d2b31335c2a400df7463e22f71
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sun, 02 Jan 2022 15:48:53 GMT
server
nginx
x-timer
S1641532787.435961,VS0,VE920
etag
"1cfe88caae99f0924bb7131bd1959e16"
x-served-by
cache-wdc5542-WDC, cache-iad-kiad7000134-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
875928d3a8e7e82246def33bae1926e2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/875928d3a8e7e82246def33bae1926e2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b232175bba8b59afcf0155e10ae542f673b956f47847078ea4e32b99803669d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3248644
edge-cache-tag
416442411640116667038776634425352491232,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-envoy-upstream-service-time
921
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/875928d3a8e7e82246def33bae1926e2.png
content-length
97854
x-request-id
817430527d02be7dc0f60628860718e5
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 30 Nov 2021 13:27:44 GMT
server
nginx
x-timer
S1641532787.438675,VS0,VE1
etag
"3630d4523b4918a91e86247a03e02835"
x-served-by
cache-bwi5066-BWI, cache-dca17756-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
3b3b873129b66be51373e5b6d7769664.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b3b873129b66be51373e5b6d7769664.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4d72b2f9e475db594a80a1031c986d964e50ed55b6380aeff6f2d735001639ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
4625698
edge-cache-tag
343955008864550298737709319544917916478,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
189
expiration
expiry-date="Sun, 12 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b3b873129b66be51373e5b6d7769664.jpeg
content-length
158838
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 11 Nov 2021 22:01:05 GMT
server
nginx
x-timer
S1641532787.440046,VS0,VE1
etag
"f2e4b950a99ff4c4ea2d7bea2c0a43c1"
x-served-by
cache-dca17760-DCA, cache-dca17766-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
thumb_ac51.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/45844/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/45844/thumb_ac51.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cd6f210fa553b422963c25ce83a397ba24dd73fce5f2839901afc1ca94d28c48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
320
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
442442742038936589956003641103510533520,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
442442742038936589956003641103510533520,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
163
expiration
expiry-date="Sun, 23 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/45844/thumb_ac51.jpg
content-length
9416
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Thu, 23 Dec 2021 01:51:22 GMT
server
nginx
x-timer
S1641532787.441942,VS0,VE320
etag
"d0414338ac42132e598cba2aa09e4f8e"
x-served-by
cache-dca17738-DCA, cache-iad-kiad7000130-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
47b4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.says.com/uploads/story/cover_image/28645/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.says.com/uploads/story/cover_image/28645/47b4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
25b314ac4845e3a76ae529cf77396ce9d370cfc95885d7d4e1cca3e8814dccd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
945
date
Fri, 07 Jan 2022 05:19:48 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
546115553138537244738281004366277106822,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
546115553138537244738281004366277106822,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
757
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.says.com/uploads/story/cover_image/28645/47b4.jpg
content-length
25224
x-request-id
453f33bcda4e206e56444556085875f6
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Wed, 29 Dec 2021 15:55:55 GMT
server
nginx
x-timer
S1641532787.448794,VS0,VE945
etag
"2f02483d5cabce94b7c1eb00a5309351"
x-served-by
cache-dca17758-DCA, cache-iad-kiad7000045-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
00bafe7dcbb230a17c00bce4228c7c5b.jpg
images.taboola.com/taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00bafe7dcbb230a17c00bce4228c7c5b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3ad368d600f9971b1c837949f532cb9244daac10b98e56154a7ede8906d99af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3069530
edge-cache-tag
503560816097622383520826989519610811760,610722570029655557522431031339968720983,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
38
expiration
expiry-date="Sun, 02 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00bafe7dcbb230a17c00bce4228c7c5b.jpg
content-length
4844
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 02 Dec 2021 12:00:24 GMT
server
nginx
x-timer
S1641532787.450675,VS0,VE1
etag
"651eebe8f5c0eab0348e3b3323ca0326"
x-served-by
cache-wdc5546-WDC, cache-dca17777-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
926e690865261a1f43e3e9a130a3a447.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/926e690865261a1f43e3e9a130a3a447.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e7617410fe978cf5cd50e9429ea9de95eb1c2cbc7f5ba8316284ae48f3085d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3327815
edge-cache-tag
364867598260050739277068408146472801346,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
120
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/926e690865261a1f43e3e9a130a3a447.png
content-length
13878
x-request-id
92ea2f0b814054c6c95744280584aa80
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 29 Nov 2021 13:30:40 GMT
server
nginx
x-timer
S1641532787.458040,VS0,VE1
etag
"6edca7dea479b05c74890cd58ca6d9c7"
x-served-by
cache-wdc5534-WDC, cache-dca17741-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
af17.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/36812/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/36812/af17.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8ee7ce0597064f4648640ffba96ce5fc6954acad1d948313b8be809b7aeb3d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
645
date
Fri, 07 Jan 2022 05:19:48 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
422544546084307890047863822119190793300,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
422544546084307890047863822119190793300,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
525
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/36812/af17.jpg
content-length
30404
x-request-id
3a94957818c97015ed0ac9c20a82ed56
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 06 Jan 2022 21:31:00 GMT
server
nginx
x-timer
S1641532787.466479,VS0,VE645
etag
"838f32ee5e72caad35cd2cb5f6191033"
x-served-by
cache-bwi5037-BWI, cache-iad-kcgs7200153-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
46dd.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/38567/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/38567/46dd.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
366ce2ce7a1919c556fd1faa65b91beb29de78739191dbf238b0195435652504

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
1395828
edge-cache-tag
398076662742207016959685154007804289677,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
398076662742207016959685154007804289677,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
119
expiration
expiry-date="Thu, 23 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/38567/46dd.png
content-length
28404
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 22 Nov 2021 01:17:06 GMT
server
nginx
x-timer
S1641532788.769556,VS0,VE93
etag
"01a4582230aa911049bf7d14a071ba21"
x-served-by
cache-wdc5563-WDC, cache-iad-kcgs7200121-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
generate_204
www.youtube.com/ Frame 8558 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?UanfYw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/iPHNspcFyow
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
www.youtube.com/ Frame BF1F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?7jyr1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fXYZg81P83c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.5.9/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.5.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220106-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1608980c6f4deb0e238ce9af217e69059535d627e4d9fa8adc9908661912b3a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront), 1.1 varnish
age
933447
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
29149
x-served-by
cache-hhn4065-HHN
last-modified
Mon, 27 Dec 2021 10:02:06 GMT
server
AmazonS3
x-timer
S1641532787.473957,VS0,VE0
etag
"cfa326391ec5ae5c236d77282035eb1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
pjbi9rxHkyeH1Wz08RYZxl4YmIUmclEqCDrRW8SrC3ZKF52wo2HIFA==
x-cache-hits
43374
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/revasiaberhad-saysmy/pmk-202002191.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 03:50:56 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
80680
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
eMT04_w3_J2d32S2wmxcWZg8Ksn-Jvvxi7imCFC07XyXeAnwxacXnQ==
tr
www.facebook.com/ Frame BB86 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=169284420317900&ev=LotameAudienceID_830320&noscript=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=61%2C12%2C8%2C2&b=797747%2C1769168&c=11139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Fri, 07 Jan 2022 05:19:47 GMT
utsync.ashx
ml314.com/ Frame BB86 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=6005f46faaa2c3a6e7d3929ef4ebe851&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=61%2C12%2C8%2C2&b=797747%2C1769168&c=11139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 Jan 2022 05:19:47 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Sat, 08 Jan 2022 00:19:47 GMT
5907
tags.bluekai.com/site/ Frame BB86 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=b7d537a43022dc680d5902f954b73201
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=61%2C12%2C8%2C2&b=797747%2C1769168&c=11139
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 05:19:47 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
g.json
aa.agkn.com/adscores/ Frame BB86 		103 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=61%2C12%2C8%2C2&b=797747%2C1769168&c=11139
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.198.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-198-58.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
application/json
content-length
103
expires
0
tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=182675272/tpid=5001737321893040841/ Frame BB86
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=182675272%2Ftpid%3D%24UID%2Ftp%3DANXS
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D182675272%252Ftpid%253D%2524UID%252Ftp%253DANXS
  • https://sync.crwdcntrl.net/map/c=281/rand=182675272/tpid=5001737321893040841/tp=ANXS
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/rand=182675272/tpid=5001737321893040841/tp=ANXS
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=61%2C12%2C8%2C2&b=797747%2C1769168&c=11139
Protocol
H2
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.46
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 07 Jan 2022 05:19:47 GMT
X-Proxy-Origin
217.64.151.10; 217.64.151.10; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b0305d29-caf7-4316-8ee9-533bd536dacd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/rand=182675272/tpid=5001737321893040841/tp=ANXS
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D234 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 07 Jan 2022 05:19:46 GMT
expires
Sat, 07 Jan 2023 05:19:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
social
am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/social?route=AM:AM:V&lti=deflated&ri=b6b967b24497f2750f5bd817faaa0bf3&sd=v2_e03719a56d7b5f524d713e7cdc0af4a6_904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2_1641532786_1641532786_CNawjgYQu6lAGKqR6pfjLyABKAEwODib4wlAgooQSMzF3gNQpewQWABgAGjbwtakkbOV1QpwAA&ui=904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2&pi=/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun&wi=3740069817775933053&pt=text&vi=1641532786858&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun%22%2C%22sec%22%3A%22lifestyle%22%2C%22aut%22%3A%5B%22Arisha%20Rozaidee%22%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.says.com%2Fuploads%2Fstory%2Fcover_image%2F42609%2Fthumb_f81a.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=05%3A19%3A47.543&id=4781&llvl=2&cv=20220106-2-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
social
am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/social?route=AM:AM:V&lti=deflated&ri=b6b967b24497f2750f5bd817faaa0bf3&sd=v2_e03719a56d7b5f524d713e7cdc0af4a6_904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2_1641532786_1641532786_CNawjgYQu6lAGKqR6pfjLyABKAEwODib4wlAgooQSMzF3gNQpewQWABgAGjbwtakkbOV1QpwAA&ui=904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2&pi=/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun&wi=3740069817775933053&pt=text&vi=1641532786858&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-iframe%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A2%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun%22%2C%22sec%22%3A%22lifestyle%22%2C%22aut%22%3A%5B%22Arisha%20Rozaidee%22%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.says.com%2Fuploads%2Fstory%2Fcover_image%2F42609%2Fthumb_f81a.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=05%3A19%3A47.543&id=7894&llvl=2&cv=20220106-2-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
9535.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/9535.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4206c25c7a42acaec37bfb5b5c4144aebdea6204697cf42a7728ecee4e60a605

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
2509510
edge-cache-tag
439795343567125114038161934437292561400,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
cache-tag
439795343567125114038161934437292561400,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
264
expiration
expiry-date="Fri, 24 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/9535.jpg
content-length
46934
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Tue, 23 Nov 2021 11:25:31 GMT
server
nginx
x-timer
S1641532788.869700,VS0,VE0
etag
"70ba1b0b440ddbd0b13d7c0bc3e24a5b"
x-served-by
cache-dca17743-DCA, cache-dca17746-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
875928d3a8e7e82246def33bae1926e2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/875928d3a8e7e82246def33bae1926e2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17cad871214c208c7e4bf8dcfd512d10b053fa93fc0693cb3882e287011034a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3236535
edge-cache-tag
416442411640116667038776634425352491232,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
144
expiration
expiry-date="Fri, 31 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/875928d3a8e7e82246def33bae1926e2.png
content-length
33946
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Tue, 30 Nov 2021 13:32:59 GMT
server
nginx
x-timer
S1641532788.877663,VS0,VE0
etag
"a93570d7d7b60b64e1698727c0fb098c"
x-served-by
cache-wdc5554-WDC, cache-dca17730-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
3b3b873129b66be51373e5b6d7769664.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b3b873129b66be51373e5b6d7769664.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aed38d21380146b4eb1ac909b5f00340bba89d8f8cff4696b2b3811627fc26e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
4989756
edge-cache-tag
343955008864550298737709319544917916478,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
123
expiration
expiry-date="Sat, 13 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b3b873129b66be51373e5b6d7769664.jpeg
content-length
43102
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Wed, 13 Oct 2021 18:32:42 GMT
server
nginx
x-timer
S1641532788.884900,VS0,VE0
etag
"aae9dcb84c1b51a32e9415306036c4df"
x-served-by
cache-wdc5562-WDC, cache-dca17756-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
00bafe7dcbb230a17c00bce4228c7c5b.jpg
images.taboola.com/taboola/image/fetch/h_450,w_900,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_450,w_900,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00bafe7dcbb230a17c00bce4228c7c5b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f8113516e6b700f80eabe1c960dcf901ab9d3854f192eead8b8d635a4dbfba5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3087042
edge-cache-tag
503560816097622383520826989519610811760,533101586484757815982408083691690681159,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
535
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_450,w_900,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00bafe7dcbb230a17c00bce4228c7c5b.jpg
content-length
11458
x-request-id
1eb259443de9dc5e48b01ba5feda345a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 11 Nov 2021 11:25:35 GMT
server
nginx
x-timer
S1641532788.892318,VS0,VE0
etag
"2182919b6501eef2b4305e85d44d52df"
x-served-by
cache-wdc5542-WDC, cache-dca17764-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
9adf2a98315baed83bd4692f1333a9e2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cac672fdf704db4efb8a9094c8f88118de2d86868e493eb2fce425688c989911

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3843606
edge-cache-tag
586919808178527439769263544249810208008,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
103
expiration
expiry-date="Mon, 29 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
content-length
19436
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 29 Oct 2021 12:50:15 GMT
server
nginx
x-timer
S1641532788.899713,VS0,VE0
etag
"3e584c2ca0b7acd4d6fc0b5f0f0a868f"
x-served-by
cache-dca17734-DCA, cache-dca17756-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
de470eabe09fa22a9cf85c5932f6ba21.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de470eabe09fa22a9cf85c5932f6ba21.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
84b1e12cac11b21464e7486780a0b6f75b70ad46d81c714b50a82cb59b46fc73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
4226151
edge-cache-tag
312291557557141952616368003467703930367,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
101
expiration
expiry-date="Mon, 29 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de470eabe09fa22a9cf85c5932f6ba21.jpg
content-length
5644
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 29 Oct 2021 10:48:51 GMT
server
nginx
x-timer
S1641532788.908397,VS0,VE0
etag
"64458dd42e7fd88cad26a42173cb2bef"
x-served-by
cache-wdc5570-WDC, cache-dca17778-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 179
926e690865261a1f43e3e9a130a3a447.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/926e690865261a1f43e3e9a130a3a447.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca73a7d0d047beb4309308bb58c6626df780d5bb839340b70a4c6c070c466654

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3328610
edge-cache-tag
364867598260050739277068408146472801346,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
535
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/926e690865261a1f43e3e9a130a3a447.png
content-length
41942
x-request-id
1a777ac9249fa7e074ff851d633feff7
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Mon, 29 Nov 2021 13:30:40 GMT
server
nginx
x-timer
S1641532788.915418,VS0,VE0
etag
"a027a7ad60e2e1ae6f4b153b70b89d7c"
x-served-by
cache-wdc5551-WDC, cache-dca17782-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
9535.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/9535.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d9ba3eadef12ba520749fbd669c1e116c4e61f28a3aaa099200d36b4d9ab9190

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2347196
edge-cache-tag
439795343567125114038161934437292561400,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
439795343567125114038161934437292561400,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
161
x-cache
HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34044/9535.jpg
content-length
61688
x-request-id
832ff9b4dc3449a87628938caa82a36c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sat, 20 Nov 2021 14:11:55 GMT
server
nginx
x-timer
S1641532788.923163,VS0,VE0
etag
"0ebbadba4d37c8643583fb26574c9c2b"
x-served-by
cache-bwi5048-BWI, cache-dca17731-DCA, cache-iad-kjyo7100109-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 1
ecba.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/30568/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/30568/ecba.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe33962c08f4f69eb88198b8a56b570a3b019fe10fea937c44da872d1b165eb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
871696
edge-cache-tag
359512506276649091362464352364413874090,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
359512506276649091362464352364413874090,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
760
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/30568/ecba.jpg
content-length
42798
x-request-id
fbf6cfeca7ccbd91d419596be29e0291
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 28 Nov 2021 01:14:15 GMT
server
nginx
x-timer
S1641532788.934373,VS0,VE0
etag
"c025ddb3feeaa153b22ec01d9156b78e"
x-served-by
cache-bwi5024-BWI, cache-iad-kjyo7100164-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
thumb_cc11.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44518/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44518/thumb_cc11.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9745e14f3400b312c5493f11bd87465ca464bbdd8d12bb76d2df64f6c25ecabf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
291799
edge-cache-tag
442672218060873548660388170295242426401,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
442672218060873548660388170295242426401,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
407
expiration
expiry-date="Thu, 06 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/44518/thumb_cc11.jpg
content-length
25934
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 06 Dec 2021 04:39:13 GMT
server
nginx
x-timer
S1641532788.942052,VS0,VE0
etag
"faea327bdbe8684aa5e7cf3212c20db7"
x-served-by
cache-bwi5020-BWI, cache-iad-kiad7000034-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
38f4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34559/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34559/38f4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cab00a8f38173aff30818685677f81e3ddf45484135d3fca00906400c625ade6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
1684971
edge-cache-tag
348508603861720919346010215651736459770,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag
348508603861720919346010215651736459770,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
150
expiration
expiry-date="Fri, 24 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/34559/38f4.jpg
content-length
42230
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 23 Nov 2021 09:10:50 GMT
server
nginx
x-timer
S1641532788.949305,VS0,VE0
etag
"ff9121a2f4b15486387c9e170ed74188"
x-served-by
cache-bwi5046-BWI, cache-iad-kjyo7100117-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
50f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/37721/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/37721/50f8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
98e20fed1ad95e3f47ff63d1307887cbbf59d4d8d87b59001e5e24545caff46b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
864230
edge-cache-tag
557147430032391617620370462892285537717,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag
557147430032391617620370462892285537717,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
65
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.says.com/uploads/story/cover_image/37721/50f8.jpg
content-length
45456
x-request-id
d1184f0583eca390f244757be2b2d0dd
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 16 Dec 2021 17:09:20 GMT
server
nginx
x-timer
S1641532788.956709,VS0,VE0
etag
"388aea149b3420dfe1b6fc0e6ca28436"
x-served-by
cache-wdc5537-WDC, cache-iad-kjyo7100128-IAD, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
00bafe7dcbb230a17c00bce4228c7c5b.jpg
images.taboola.com/taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00bafe7dcbb230a17c00bce4228c7c5b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3ad368d600f9971b1c837949f532cb9244daac10b98e56154a7ede8906d99af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3069531
edge-cache-tag
503560816097622383520826989519610811760,610722570029655557522431031339968720983,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
38
expiration
expiry-date="Sun, 02 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_430,y_285/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00bafe7dcbb230a17c00bce4228c7c5b.jpg
content-length
4844
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 02 Dec 2021 12:00:24 GMT
server
nginx
x-timer
S1641532788.964821,VS0,VE0
etag
"651eebe8f5c0eab0348e3b3323ca0326"
x-served-by
cache-wdc5546-WDC, cache-dca17777-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
926e690865261a1f43e3e9a130a3a447.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/926e690865261a1f43e3e9a130a3a447.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e7617410fe978cf5cd50e9429ea9de95eb1c2cbc7f5ba8316284ae48f3085d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish, 1.1 varnish
age
3327816
edge-cache-tag
364867598260050739277068408146472801346,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
120
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/926e690865261a1f43e3e9a130a3a447.png
content-length
13878
x-request-id
92ea2f0b814054c6c95744280584aa80
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 29 Nov 2021 13:30:40 GMT
server
nginx
x-timer
S1641532788.971937,VS0,VE0
etag
"6edca7dea479b05c74890cd58ca6d9c7"
x-served-by
cache-wdc5534-WDC, cache-dca17741-DCA, cache-hhn4065-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
fbevents.js
connect.facebook.net/en_US/ Frame BB86 		98 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=61%2C12%2C8%2C2&b=797747%2C1769168&c=11139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
5IUV8Uu2KG6iPeHHwssNKk9v+PdpLIKuvT0zQsoby4QvpWCnXe6Sxnn846OMKvqrDwPIb1JRYN+mM274DxAIvA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 07 Jan 2022 05:19:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
says.com/assets/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://says.com/assets/says-logo-white-7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6c9abbb26e0e3754-MXP
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 09:14:40 GMT
server
cloudflare
age
3
etag
W/"5ddf9000-86a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=60
content-encoding
br
cast_sender.js
www.gstatic.com/eureka/clank/97/ Frame 8558 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/97/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 05:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15488
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 15:04:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Fri, 07 Jan 2022 05:36:22 GMT
cast_sender.js
www.gstatic.com/eureka/clank/97/ Frame BF1F 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/97/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 05:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15488
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 15:04:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Fri, 07 Jan 2022 05:36:22 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 09D4 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDG8AEQ4uvaiAMY_PekvgEwAQ&v=APEucNVXDEi1y252CW1Pvw6XvrUOPR2WcPRNRZsLYBSZju9G3RGJFRrnR7qCkWsSSLQej7n_qRPdT5f4eKAt7JE-kgsXVVlZUg
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 07 Jan 2022 05:19:47 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 07 Jan 2022 05:19:47 GMT
cache-control
private
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame B943 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 02:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 02:08:45 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/ Frame B943 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 04:33:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 04:33:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B943 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9O8BffKeGcKh-TICaCmTPLgG4gUiE4768glqRW6sqOxzcZQ1276UaLGuDJ1_W2W7JdSqdLv1lvbxAD_tUzQBval_6J9JVSltAFS7xBe425sVRXT9kfyjheVonJQ9ztHNbaqudVEaYNu-lk9Z-M8_aasro2UHvEyH9O9snic1GSOqjJPotrcW3wtEoEvPHSENyQMaY4wU7YR80aPdUxGGRPHpbOw0a5Z6UvqncYWeN0DwSd42A4gwW4e8Xds63YGFJ4SQdxYsS6UUfEiQBWtEDKr89YhfvFL58CUvY6v-2EDXGiq2p2MOYK2IOWVmEHV3E9oK7mj_ek1jWwLegxRyHNHVCosTL_MqJ751VaLM4hv60loiSCJ84oornRDWkTNISBN54Y7zgj5QaDjDoJV0t38W-z9saq6vjASiuocCn6dlGI7DwozrYe7fRtw0sz7opMrYEHLPHm_XAWg78_HloBZ9EZL33W3yP1E4OsrYK-gDZYzKelgQJ1WOFWEQXBVCIxaMNtxigzxxuS4A3NMKSvVASIDjiLSHMl3mhIARee9aqyFVkEDmIRJc6oIa4ieMAso7BoSdIb1cO9tuVlpbDWOgrvZY1tDHRiXqsk_2xU5VtEQQ20uRUcOAFI5C4kUsB_9_lNHqSiC77byImsNn5ESPAUkdMPyhIkmdw6GDs6bKQknJjFu68QzeFLUKVMS_RPOu_EjqMWEfZBZJDicwBS4w0BJQ6uRQJ7bHV4KB7Wxu9PWYBTrln88DJznfljkOug8WQ9c9-xQ9CvA6m78q009vog4dtkoKAR9Sg6Lt6TBih-2twHCrYs7Sj81k5SfaElZ0ne_kqr4r8xkcrq_3KNt0OpGkX2Qu6yRXY8KZCveJ9U9dpNxBeMII1o38Yh8rgaiwUUquqe5A39SvkiGfi8lq664RyxP7QuCKbi-OR8RQmgLJBfldgx5__-lVR3j7vh29XXGkHLBNtbj1f-xkCdCz0cixLComHMm8G6khJ8WCmhG42h11mGh5r9MOOxoytXfyhQf7uMyM7ZUMy-hJUuYi1PnhINWSeOomc6FXreqBWTn75Hn9Ae5U6yoHM0kGjTjmIg1va6HOh3QfvE2jFicQIIfvYXzBogmE5FuQOQiYwPvdq0uia7w&sai=AMfl-YRENLAXHLC_YMtAHXYqeRsxeL2I7TEuNloSUvtMcANeZGfwoRlhZOssRMGo-tLXAaEZ3kKy8hKQXFKB7HDhSxT_7hsr4wv9BnxxWE3fZHlbHIFgWcwIBxHqSXjkXVuf1bilwX5oPhOG1KT4teanM3kh5lXq67wvNz4sIjjHgNGSg6yEPZ1xO_-vXPrGCsM4GTD9J0UpFKWnFv6EUMskehyajKJIgcDGay9pmAXHus2tJYDTMUca1ERok_n8H07JYnSczW5QxrAgRQmuHzE4_vEFVGfQSES8Q9RB9P0XfRZfYUzrWUriQOeUII2mXKBruN6Wkew42Yx4hba5rxQ90tMHSYrZopoRFJM-_RSK_JCSduPyWtnNA1mTD-xN5kR89qkuaUbAB5vc2jk&sig=Cg0ArKJSzE-XvIaRKh2tEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220104.33249&adurl=
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 07 Jan 2022 05:19:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B943 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 11:40:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236364
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jan 2023 11:40:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B943 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-APhlp69wSwwzYj83JSKFBLv1W-xuecV3j5J8LSV7s5wt0VCT2po570w9Ka74sKrWBxCy3vOU-S8HmicI_LSgVp9ZwH4y7_QnlciAvS923zzw0F8pA
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame B943 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 05:17:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B943 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 05:19:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame B943 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 05:18:39 GMT
l
www.google.com/ads/measurement/ Frame B943 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQd4KpLwOxvMMN4ZtueL856r7Bp580TDBWFy9Dn2nDUMhCPuW-D2I1BY2LeH2q_3MlAHYTP
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
7370942076513272188
s0.2mdn.net/simgad/ Frame B943 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7370942076513272188
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0fe6ce7488686c1a15f87904e4a273e7957af779aa583a6894a195b4bb9bd04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 18:06:51 GMT
x-content-type-options
nosniff
age
213176
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85408
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 14:56:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Jan 2023 18:06:51 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169284420317900&ev=Microdata&dl=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&rl=&if=false&ts=1641532787707&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun%22%2C%22meta%3Adescription%22%3A%22When%20anger%20management%20therapy%20is%20just%20too%20expensive.%22%2C%22meta%3Akeywords%22%3A%22lifestyle%2Crageroom%2Ctravel%2Cactivities%2Cattractions%2Crage%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun%22%2C%22og%3Adescription%22%3A%22When%20anger%20management%20therapy%20is%20just%20too%20expensive.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimages.says.com%2Fuploads%2Fstory%2Fcover_image%2F42609%2Fthumb_f81a.png%22%2C%22og%3Asite_name%22%3A%22SAYS%22%2C%22article%3Apublished_time%22%3A%222020-03-05T17%3A56%3A07%2B08%3A00%22%2C%22article%3Amodified_time%22%3A%222020-03-05T17%3A56%3A07%2B08%3A00%22%2C%22article%3Atag%22%3A%22rage%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbc=fb.1.1641532787149.IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&fbp=fb.1.1641532787150.844378079&it=1641532786485&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Fri, 07 Jan 2022 05:19:47 GMT
collect
f.clarity.ms/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://says.com
date
Fri, 07 Jan 2022 05:19:46 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
css2
fonts.googleapis.com/ Frame D234 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 03:55:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 07 Jan 2022 05:19:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jan 2022 05:19:47 GMT
css
fonts.googleapis.com/ Frame A083 		3 KB
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 03:55:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 07 Jan 2022 05:19:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jan 2022 05:19:47 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame A083 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 05:09:42 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame A083 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 05:15:39 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame A083 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 05:17:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A083 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jan 2022 05:19:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame A083 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 05:18:39 GMT
l
www.google.com/ads/measurement/ Frame A083 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6UvFoU1SRWkrtoEaQHOoKPiz7N1l4i4ukqfSnnAMRD3pcZTqhkLZ0h51x25ObiUoX6qNn
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame A083 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 03 Apr 2022 22:16:39 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/ Frame D234 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d8693cddca8ef95b6b06ab98ad4ae68d7c7a30aa8d781e418c28b84bfcca7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8415
x-xss-protection
0
server
cafe
etag
17051659159829090632
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Jan 2022 05:14:58 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D234 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:10:49 GMT
x-content-type-options
nosniff
age
538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Jan 2023 05:10:49 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D234 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
URL: https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:32:52 GMT
x-content-type-options
nosniff
age
290815
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 03 Jan 2023 20:32:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B943 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9O8BffKeGcKh-TICaCmTPLgG4gUiE4768glqRW6sqOxzcZQ1276UaLGuDJ1_W2W7JdSqdLv1lvbxAD_tUzQBval_6J9JVSltAFS7xBe425sVRXT9kfyjheVonJQ9ztHNbaqudVEaYNu-lk9Z-M8_aasro2UHvEyH9O9snic1GSOqjJPotrcW3wtEoEvPHSENyQMaY4wU7YR80aPdUxGGRPHpbOw0a5Z6UvqncYWeN0DwSd42A4gwW4e8Xds63YGFJ4SQdxYsS6UUfEiQBWtEDKr89YhfvFL58CUvY6v-2EDXGiq2p2MOYK2IOWVmEHV3E9oK7mj_ek1jWwLegxRyHNHVCosTL_MqJ751VaLM4hv60loiSCJ84oornRDWkTNISBN54Y7zgj5QaDjDoJV0t38W-z9saq6vjASiuocCn6dlGI7DwozrYe7fRtw0sz7opMrYEHLPHm_XAWg78_HloBZ9EZL33W3yP1E4OsrYK-gDZYzKelgQJ1WOFWEQXBVCIxaMNtxigzxxuS4A3NMKSvVASIDjiLSHMl3mhIARee9aqyFVkEDmIRJc6oIa4ieMAso7BoSdIb1cO9tuVlpbDWOgrvZY1tDHRiXqsk_2xU5VtEQQ20uRUcOAFI5C4kUsB_9_lNHqSiC77byImsNn5ESPAUkdMPyhIkmdw6GDs6bKQknJjFu68QzeFLUKVMS_RPOu_EjqMWEfZBZJDicwBS4w0BJQ6uRQJ7bHV4KB7Wxu9PWYBTrln88DJznfljkOug8WQ9c9-xQ9CvA6m78q009vog4dtkoKAR9Sg6Lt6TBih-2twHCrYs7Sj81k5SfaElZ0ne_kqr4r8xkcrq_3KNt0OpGkX2Qu6yRXY8KZCveJ9U9dpNxBeMII1o38Yh8rgaiwUUquqe5A39SvkiGfi8lq664RyxP7QuCKbi-OR8RQmgLJBfldgx5__-lVR3j7vh29XXGkHLBNtbj1f-xkCdCz0cixLComHMm8G6khJ8WCmhG42h11mGh5r9MOOxoytXfyhQf7uMyM7ZUMy-hJUuYi1PnhINWSeOomc6FXreqBWTn75Hn9Ae5U6yoHM0kGjTjmIg1va6HOh3QfvE2jFicQIIfvYXzBogmE5FuQOQiYwPvdq0uia7w&sai=AMfl-YRENLAXHLC_YMtAHXYqeRsxeL2I7TEuNloSUvtMcANeZGfwoRlhZOssRMGo-tLXAaEZ3kKy8hKQXFKB7HDhSxT_7hsr4wv9BnxxWE3fZHlbHIFgWcwIBxHqSXjkXVuf1bilwX5oPhOG1KT4teanM3kh5lXq67wvNz4sIjjHgNGSg6yEPZ1xO_-vXPrGCsM4GTD9J0UpFKWnFv6EUMskehyajKJIgcDGay9pmAXHus2tJYDTMUca1ERok_n8H07JYnSczW5QxrAgRQmuHzE4_vEFVGfQSES8Q9RB9P0XfRZfYUzrWUriQOeUII2mXKBruN6Wkew42Yx4hba5rxQ90tMHSYrZopoRFJM-_RSK_JCSduPyWtnNA1mTD-xN5kR89qkuaUbAB5vc2jk&sig=Cg0ArKJSzE-XvIaRKh2tEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=119&vt=11&dtpt=119&dett=2&cstd=0&cisv=r20220104.33249&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: says.com
URL: https://says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun?fbclid=IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 07 Jan 2022 05:19:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
1394602727253794
connect.facebook.net/signals/config/ Frame BB86 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1394602727253794?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ee5c52e7f3e4ade63370d2962b8860f64c8c85c359415a3e287f5451a4b8d84
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
FqEILlYssydubVWm53gr2I8bwWx0Ezyaf5RjF7S4PJ8AZE3v1CaJa3XKDzY0Gafzinm+oQPmokN2WLHbsHcz+g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 07 Jan 2022 05:19:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ Frame B943 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5637e894416c18c52bb252e1fd209512fe83dd0058e3eb69299e83579902812

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0EE9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 04 Jan 2022 11:40:23 GMT
expires
Wed, 04 Jan 2023 11:40:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
236364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
social
am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/revasiaberhad-saysmy/log/3/social?route=AM:AM:V&lti=deflated&ri=b6b967b24497f2750f5bd817faaa0bf3&sd=v2_e03719a56d7b5f524d713e7cdc0af4a6_904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2_1641532786_1641532786_CNawjgYQu6lAGKqR6pfjLyABKAEwODib4wlAgooQSMzF3gNQpewQWABgAGjbwtakkbOV1QpwAA&ui=904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2&pi=/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun&wi=3740069817775933053&pt=text&vi=1641532786858&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-iframe%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22ln%22%3A%22below-fold%22%2C%22lx%22%3A1015%2C%22ly%22%3A797%2C%22m%22%3A%22video%22%2C%22v%22%3A3%2C%22md%22%3A%7B%22ap%22%3Anull%2C%22vd%22%3Anull%7D%7D%2C%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-iframe%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22ln%22%3A%22below-fold%22%2C%22lx%22%3A1015%2C%22ly%22%3A1061%2C%22m%22%3A%22video%22%2C%22v%22%3A3%2C%22md%22%3A%7B%22ap%22%3Anull%2C%22vd%22%3Anull%7D%7D%5D%7D&tim=05%3A19%3A47.833&id=6686&llvl=2&cv=20220106-2-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
gen_204
pagead2.googlesyndication.com/pagead/ Frame A083 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20220104&sample=0.01
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame BB86 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1394602727253794&ev=PageView&dl=https%3A%2F%2Fbcp.crwdcntrl.net%2Fpixels%3Fs%3D61%252C12%252C8%252C2%26b%3D797747%252C1769168%26c%3D11139&rl=https%3A%2F%2Ftags.crwdcntrl.net%2F&if=true&ts=1641532787894&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&it=1641532787777&coo=false&rqm=GET
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=61%2C12%2C8%2C2&b=797747%2C1769168&c=11139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Fri, 07 Jan 2022 05:19:47 GMT
generate_204
tpc.googlesyndication.com/ Frame 7768 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jH6L3g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
st
imprammp.taboola.com/ Frame 3469 		1 KB
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&cmcv=&pix=undefined&cb=1641532787940&uv=3096&tms=1641532787940&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vA!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=B1DD6EA27798534412899692722&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ec3163cce183e601cd03d439a7120880c421cef0cadc8313256de78486441a10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Fri, 07 Jan 2022 05:19:47 GMT
via
1.1 varnish
x-served-by
cache-hhn4065-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1641532788.945267,VS0,VE10
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame EE5F 		928 B
1013 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
66447cfc636542b4acdb280f4d41993dd18718ba71c208ef9b74f24ca508353d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/

Response headers

server
nginx
date
Fri, 07 Jan 2022 05:19:47 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3406
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66232205&crid=4965925&dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&cmcv=&pix=31589837&cb=1641532787940&uv=3096&tms=1641532787940&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vA!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1641532783779.7!ts:1641532787940&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:47 GMT
content-length
0
server
nginx
V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js
pagead2.googlesyndication.com/bg/ Frame 0EE9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 16:15:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
47028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13406
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 16:15:59 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3469 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&cmcv=&pix=undefined&cb=1641532787940&uv=3096&tms=1641532787940&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vA!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=B1DD6EA27798534412899692722&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 3469 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&cmcv=&pix=undefined&cb=1641532787940&uv=3096&tms=1641532787940&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vA!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=B1DD6EA27798534412899692722&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:5007:e458:edcf:dd38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 3469
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6eb1eec6-6f79-11ec-a20a-191344880306&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6eb1eec6-6f79-11ec-a20a-191344880306&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&cmcv=&pix=undefined&cb=1641532787940&uv=3096&tms=1641532787940&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vA!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=B1DD6EA27798534412899692722&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13130

Redirect headers

Date
Fri, 07 Jan 2022 05:19:48 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6eb1eec6-6f79-11ec-a20a-191344880306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
87
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 3469 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&cmcv=&pix=undefined&cb=1641532787940&uv=3096&tms=1641532787940&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vA!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=B1DD6EA27798534412899692722&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.249.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-249-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 05:19:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
taboola-supply-partners.tremorhub.com/ Frame EE5F 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:5007:e458:edcf:dd38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame EE5F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame EE5F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6eb3abd3-6f79-11ec-9125-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6eb3abd3-6f79-11ec-9125-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13130

Redirect headers

Date
Fri, 07 Jan 2022 05:19:48 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6eb3abd3-6f79-11ec-9125-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
130
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame EE5F 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.249.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-249-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 05:19:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame EE5F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-lkkaaIpE2uHvylZUjNJCGY6glrOwFfaMecOhkHQ-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-lkkaaIpE2uHvylZUjNJCGY6glrOwFfaMecOhkHQ-~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13130

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-lkkaaIpE2uHvylZUjNJCGY6glrOwFfaMecOhkHQ-~A
date
Fri, 07 Jan 2022 05:19:48 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3322533202867840&bg=!-vml-b3NAAbDtiZlw7Y7ACkAdvg8WgO4CGN2SGfOUsfBwBN94zLwtRK-MoMbqoeMley6KMn9x57IfwIAAAFsUgAAACZoAQeZAn5OiDnguSWdYDC9wzXG00emtpYazIGvm83ZUKNyGSrgY2uyaQfVbFn46VMlS9Z7PbSB9omY1GiY9bHRQA1dk5JZDYfC2paIt9lE4l7u5N0xhLtj9WQGCHzpPDP16WqspS4fT8SkB5UFOyGjbhz2CGh6Qy0dj8P87FED6ammXHOeckrOYMkFb8TPPBnxQnL_Ei5w6IQypPmQZlFk35vh1AelG0KT3tJA2DWcKG96X0mK0PCJkkDAxRS7BlaIQCSCMNVrsfyAo2AcDgaSxhbflFQJ-JVoHzXhY4PAzfACnOyCRw5okA11cIH2IQ4o4LCDKrOXw9ZGnKBM5au-zhgKrfoDwcq_hNUNMJZ8ZJPRYHYlbgtK1k3_2FIkVaEAcOuoB77ebKhIrpDLZCfcpcPhYWF1_eGP_x7AmQ_jX7qMk8WSEC6HrTPUOtIjkJKnGdLrLHxvafe0hcdduwh2b7mkmMxN_D7Vo72KF65NV-dvhT49Mmgq5ZioMsIP44xXYW1CNWiat1XSQXc_-s33jo6vjLxWMD3gClOIVbiQzTy910Hs7ce-AayGNMGb_nB2RuYuEKSfa85P2fj36IjeEqa_9o3_Iy6r-YZoQH1A5azWaVD1D8KY8_WLlrsqJMnDL3dEwYN_SXMDYNlhmn03CQPIBIo4uAx2we4yR3hMlQtWhk5--ctV8lxlQHePKGCtLexq14gK6RIfWsgOJmoKs90XAgNcKYxKScZNjAZ-wj25HY9vDDjsA_HvypLv66kRZuOqLctnzqzkn8Y5UsFpuBBgWXRdBUpEexWsxygU5FVvlQvzbKXBni6CiFzO3iisXv71JdhbNRkKoMzf2R0dyxTcmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 5DD3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66232205&crid=4965925&dast=V7hXwCFgOSuEajMQED3QSSuEajMQED3QUAAAAGBvQHG8IYkWgrBmW3Ww5Xm9FoMRkul7PlZDeZDCFDGCMSbcWg7HbL4WozGi0Wm-FmttptpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa84QxNp8PnutdrHs7PXeN3-9XOv9hpc3lOz7PLLzq6LC-35q1wSx4-l1vy97vdSrtbdHS5hS6H5fTW29xas1t3dFlebuXf9dY47G7N2-E5ukVHp93necv8lrfMdbcDAAAAwAPAknEJxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAF3uQYAFIeCukynl93i8Bj9AQDwoAACACCAQQJAgFNaAmAhWnECAAAAAAAAAMDy____HzMg_9koA6BBNtED8OAD8EBUkFrECAAAACAb6FLhaFInVBZVAAAE6VYAVwAAAX4y-on3YQAAAANjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgoUzMtyKgnTu0XEABg7RcQAIBN3QAA3gTggo6gFYPB6ghotFnODgAAAODu____Xw-kDJvdYrlwzUa-iWvmmoxGvsVm5duYPIaFzbSwbe8La6uzwbFjsi9EWGa_76CgnJ4es8sgKrreFrvDafYcxAcNw3IyCOY3YYvRajLZLIez5WIyGI6Go9H-BHI3wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDREmByMZjbjarhWrnwzt2jjWbkVzsXErZo4TCvPcrhwuVZr0etjOo4cq8nMMsWD-bic-9qFi4IBbHsRXKQTycv28DwdFpfl6DC5NQ_n5-28iCWak0U6kV32LcNmt1guXLORb-KauSajkW-xWfk2Jo9hYTMtbPvmYDSzGVfDtXLlm7lFG8_KrXAuJm7VxGFaeZbDhcu1WoteH9Nx5FhNZpZ9YzZarDaT3XC2b8xGi9VmshvO9h06w3f1ORut29jB4zIutcHNamY-KFwGi_cnMS2m3dnB8_sdnTb1xtnZGYWX79FrUHgOHtXiOz28Xouf1lgUfg8GRSwRnC7SiehlPF3EEsnTIp1oLJuJa2VbDCauwW60sM18s9XCMRysXMuNzeQYWcQSpekinejVzr_YaXN5Ts-zyy86uiwvt-atcEsePpdb8ve73Uq7W3R0uYUuh-X01tvcWrNbd3RZXm7l3_XWOOxuzdvhObpFR6fd53nL_Ja3zHW3qP_YIIvdXDaaK1aLuWKwSgAAAAAAAAAAS5gzbwIAAABwGshuNhutlgsAQbGrCwwCAAAAAACwO3Ne5rofa9xX3PgxhbxsD8_TYXFZjg6TW_Nwft7OKwNATDwxb_ZMEGu1WtYAAAAC2AAAAAHcunkLCLPkAA!&cmcv=&pix=undefined&cb=1641532787940&uv=3096&tms=1641532787940&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!scec9_vB!spa2_vA!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=B1DD6EA27798534412899692722&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 07 Jan 2022 05:19:48 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date
Fri, 07 Jan 2022 05:19:48 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EE9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRHb8cs3XYeGbJ4ePjuwP4OqaKAAAAAA4AeAEAg&bg=!Li2lLWnNAAbDtiZlw7Y7ACkAdvg8WkJRAd2CuCvU6ehyKI-9VDrT-mpbmXElre72GpEQ33Y4cOw7aQIAAACWUgAAAAxoAQeZAs_UOe4Uh93sY5-7ipyvUKBqBZoLTXcdLio-ZJ7G1mQRbih6jEIAVl7JQTZAezKpn7ZBxLRdBpRsC8qiYwPLS4k0f2eAMWO9Ua_YQqb2RTuJ2PXh2RnmUcOsLMMjrQLEZaNObIpLlaaQDe_1WxxgHs8t_EXymq2gIhMWYtBesrkzr1GkEnIel6T8DTJopLcD6wCOTU-fFcOzUeRpPpAXf_BQVKBiQYKLWg7p6lCuX8olH9TRFtFBKudfVKPt-ziRfA1SWiRofANzB3fIqg97GAv2oifgXDs2fDlg2oiBMakNmtMsB8LCMBcDt3cYsYeOX0tc7sCuLUP0jPa5Arzqaf-2E_Zisg2d5dfpzsbRf4A2d_MiQZwpaKIgCcYYMaKw30DdmKdwuLxYIPl7pyuQHuMfd5in1gbIaBAOdvXjSWQIXF37swmOY8ixdn3gR5s7MEIyxVGlta9Ip3nc4ycuAfvrTklmjb23L87lRcqbeP6dVfBOvj6XX6BGsXcMtuseZdT_8yL-yMjB2tpdpoDLmMnCu4wfqeAtVy25CMnT8GPmVT0Utf9TjfOcoxdFgb4XXIP7JqxQIiXeOUyEx6v8WLkwXA9t9RxTPi9uDBulP6VaAPV1JwVFJRpPboV7r3l5KLXpddVNk0kDtXoMbMdVv0GqRx-kB9k81ODyQrw8mJBnykyjgfiyHuk8gjWhrkVk4lPljGOzBhVSevF143ghab-zVIbYRbio7TDIGs6Awu2H8rrLJ_MfTI4DGZrv07zvccTYebLCBmDdvIGx9XKxsdbXkKRieXHlFiRkdpPC3cnciYfSVPHbPLXQ5376kyjB0aDsk00yIMVxb2mGe1DXzjDiN4ACxTI8chFQbLds9x2lIVh4TchpNFsuzlKm288I_OojOeHSnDMeaP_QlENXh0jd8dT8je6Ek6QWmWyyz73WEdYqjfR31uRY7JKCPA1bFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5DD3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c1c8e331f9e57876bc58b18eafb957a7863b7fe164b059ad294fe87c908ce939

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 05:19:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16173
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Fri, 07 Jan 2022 09:49:21 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5DD3 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
collect
f.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://says.com
date
Fri, 07 Jan 2022 05:19:47 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
sync.php
pixel.rubiconproject.com/exchange/ Frame 5DD3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
bulk
trc.taboola.com/revasiaberhad-saysmy/log/3/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/revasiaberhad-saysmy/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220106-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Fri, 07 Jan 2022 05:19:48 GMT
via
1.1 varnish
server
nginx
x-timer
S1641532788.304487,VS0,VE12
x-served-by
cache-hhn4065-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://says.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
21961
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4065-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1641532789.565526,VS0,VE0
date
Fri, 07 Jan 2022 05:19:48 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
53
x-cache-hits
2149
16415327886383d34576a66.ed8330c6
segment.api.useinsider.com/v4/segments/ 		927 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://segment.api.useinsider.com/v4/segments/16415327886383d34576a66.ed8330c6?partnerid=10002153&fields=e0e252a5d8c8cdc04eacbd926868cffc,1a3e01539f4264ca05f749a0c0b39d41&
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ab72 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca79b17283dd424f6e491d2effc14b0a4861b5c8ea6580950551ba8e49b948a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cf-ray
6c9abbb94c980e22-MXP
/
location.api.useinsider.com/ 		269 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://location.api.useinsider.com/?v=2&pId=10002153&
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ab72 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9d931209f713690a349cddbb7035dd0afb8c29ebd739b10abd85371981bace31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-cache, private
cf-ray
6c9abbb94a1d3747-MXP
content-type
application/json
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27970811-1&cid=333989470.1641532787&jid=708530494&gjid=2127723334&_gid=262133666.1641532787&_u=aCjAiAABBAQCAG~&z=2142680150
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 07 Jan 2022 05:19:48 GMT
content-type
text/plain
access-control-allow-origin
https://says.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
log.api.useinsider.com/v2/ 		42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215L2xpZmVzdHlsZS90aGVyZS1zLWEtcmFnZS1yb29tLWluLXRoZS1oZWFydC1vZi1rbC13aGVyZS15b3UtY2FuLXNtYXNoLXRoaW5ncy1mb3ItZnVuP2ZiY2xpZD1Jd0FSMHZBbFA2Vk5hSEFJaGlucEpQQXhiSFFLcEZ4Z3hpejR0bGxzb25kNVU2VV9ud1luT2piYVFRSWE4IiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkvbGlmZXN0eWxlL3RoZXJlLXMtYS1yYWdlLXJvb20taW4tdGhlLWhlYXJ0LW9mLWtsLXdoZXJlLXlvdS1jYW4tc21hc2gtdGhpbmdzLWZvci1mdW4%2FZmJjbGlkPUl3QVIwdkFsUDZWTmFIQUloaW5wSlBBeGJIUUtwRnhneGl6NHRsbHNvbmQ1VTZVX253WW5PamJhUVFJYTgiLCJ1c2VySWQiOiIxNjQxNTMyNzg4NjM4M2QzNDU3NmE2Ni5lZDgzMzBjNiIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6ImVYSnpjemh4YUdZdFpqZHZheTF1Y1dwbExXd3pOM2t0T0dKaGMyVTJPSFZrYjJNMFh6RTJOREUxTXpJM09Eaz0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2NDE1MzI3ODkiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjNzIiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=says
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
6c9abbb949d8e8fb-MXP
content-length
42
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1163640478&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&ul=en-us&de=UTF-8&dt=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=Tab%20Talk%20v2%20%7C%20Continue%20Reading-impressions-custom&el=(builder%20ID%3A%20322)%20-%20Variation%20Ratio%3A%2090%25&_u=aCjAiAABBAQCAC~&jid=708530494&gjid=2127723334&cid=333989470.1641532787&tid=UA-27970811-1&_gid=262133666.1641532787&gtm=2wg1505WNLRMX&z=1139682436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jan 2022 18:12:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40021
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
log.api.useinsider.com/v2/ 		42 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215L2xpZmVzdHlsZS90aGVyZS1zLWEtcmFnZS1yb29tLWluLXRoZS1oZWFydC1vZi1rbC13aGVyZS15b3UtY2FuLXNtYXNoLXRoaW5ncy1mb3ItZnVuP2ZiY2xpZD1Jd0FSMHZBbFA2Vk5hSEFJaGlucEpQQXhiSFFLcEZ4Z3hpejR0bGxzb25kNVU2VV9ud1luT2piYVFRSWE4IiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkvbGlmZXN0eWxlL3RoZXJlLXMtYS1yYWdlLXJvb20taW4tdGhlLWhlYXJ0LW9mLWtsLXdoZXJlLXlvdS1jYW4tc21hc2gtdGhpbmdzLWZvci1mdW4%2FZmJjbGlkPUl3QVIwdkFsUDZWTmFIQUloaW5wSlBBeGJIUUtwRnhneGl6NHRsbHNvbmQ1VTZVX253WW5PamJhUVFJYTgiLCJ1c2VySWQiOiIxNjQxNTMyNzg4NjM4M2QzNDU3NmE2Ni5lZDgzMzBjNiIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6ImVYSnpjemh4YUdZdFpqZHZheTF1Y1dwbExXd3pOM2t0T0dKaGMyVTJPSFZrYjJNMFh6RTJOREUxTXpJM09Eaz0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2NDE1MzI3ODkiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjODEiLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=says
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
6c9abbb949dbe8fb-MXP
content-length
42
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1163640478&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&ul=en-us&de=UTF-8&dt=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=Cookie%20Consent%20Button%20Clicks-impressions-custom&el=(builder%20ID%3A%20382)%20-%20Variation%20Ratio%3A%2095%25&_u=aCjAiAABBAQCAG~&jid=&gjid=&cid=333989470.1641532787&tid=UA-27970811-1&_gid=262133666.1641532787&gtm=2wg1505WNLRMX&z=354229412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jan 2022 18:12:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40021
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
log.api.useinsider.com/v2/ 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3NheXMuY29tL215L2xpZmVzdHlsZS90aGVyZS1zLWEtcmFnZS1yb29tLWluLXRoZS1oZWFydC1vZi1rbC13aGVyZS15b3UtY2FuLXNtYXNoLXRoaW5ncy1mb3ItZnVuP2ZiY2xpZD1Jd0FSMHZBbFA2Vk5hSEFJaGlucEpQQXhiSFFLcEZ4Z3hpejR0bGxzb25kNVU2VV9ud1luT2piYVFRSWE4IiwicmVmZXJlciI6Imh0dHBzOi8vc2F5cy5jb20vbXkvbGlmZXN0eWxlL3RoZXJlLXMtYS1yYWdlLXJvb20taW4tdGhlLWhlYXJ0LW9mLWtsLXdoZXJlLXlvdS1jYW4tc21hc2gtdGhpbmdzLWZvci1mdW4%2FZmJjbGlkPUl3QVIwdkFsUDZWTmFIQUloaW5wSlBBeGJIUUtwRnhneGl6NHRsbHNvbmQ1VTZVX253WW5PamJhUVFJYTgiLCJ1c2VySWQiOiIxNjQxNTMyNzg4NjM4M2QzNDU3NmE2Ni5lZDgzMzBjNiIsInBsYXRmb3JtIjoid2ViIiwib3JpZ2luYWxQcmljZSI6MCwib3JpZ2luYWxDdXJyZW5jeSI6Ik1ZUiIsImNvbnZlcnRlZEN1cnJlbmN5IjoiTVlSIiwiY29udmVydGVkUHJpY2UiOjAsInNlc3Npb25JZCI6ImVYSnpjemh4YUdZdFpqZHZheTF1Y1dwbExXd3pOM2t0T0dKaGMyVTJPSFZrYjJNMFh6RTJOREUxTXpJM09Eaz0iLCJzYWxlc1Nlc0lkIjoiIiwic2FsZXNTZXNUaW1lIjoidW5kZWZpbmVkLTE2NDE1MzI3ODkiLCJvcmRlcklkIjoiIiwicGFpZFByb2R1Y3RzIjoiW10iLCJjYW1wSWQiOiJjODciLCJ0eXBlIjoiaW1wcmVzc2lvbiIsIm90aGVyIjoiIiwiY3VzdG9tU3ViSWQiOiJOL0EiLCJwcm9kdWN0VHlwZSI6ImN1c3RvbSJ9&t=cu&pn=says
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
6c9abbb959e1e8fb-MXP
content-length
42
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1163640478&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&ul=en-us&de=UTF-8&dt=There%27s%20A%20Rage%20Room%20In%20The%20Heart%20Of%20KL%20Where%20You%20Can%20Smash%20Things%20For%20Fun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=INSIDER&ea=NST%20Suggested%20Articles%20Track-impressions-custom&el=(builder%20ID%3A%20438)%20-%20Variation%20Ratio%3A%2095%25&_u=aCjAiAABBAQCAG~&jid=&gjid=&cid=333989470.1641532787&tid=UA-27970811-1&_gid=262133666.1641532787&gtm=2wg1505WNLRMX&z=856285979
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jan 2022 18:12:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40021
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
622.json
id5-sync.com/g/v2/ 		213 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/622.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.10 , France, ASN16276 (OVH, FR),
Reverse DNS
p31.id5-sync.com
Software
/
Resource Hash
ddb21881d011fd815977b131e7c6d7edb6e146f1146c5266124df1736396c417
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://says.com
Date
Fri, 07 Jan 2022 05:19:48 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		44 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://says.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ 		63 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
997c6b742b0e78bbad9fc6198c09e453e5ef09145a23a2febcd37f51382c13de

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:48 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://says.com
cache-control
no-cache
x-server
10.45.11.46
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		109 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/121793/1376/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
cd9cb9c903df5fde875a4cfee310d781cc37d5c6bfda0b1eaa8e699ffd65a172

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Jan 2022 05:19:48 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://says.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 06 Feb 2022 05:19:48 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27970811-1&cid=333989470.1641532787&jid=708530494&_u=aCjAiAABBAQCAG~&z=2103726583
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27970811-1&cid=333989470.1641532787&jid=708530494&_u=aCjAiAABBAQCAG~&z=2103726583
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B943 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLXv-xIkgS7Rehzfv9fTsQMoJUtA-KEZYbE92T0hINGhctM1tXSyQYzG1WxrIF887VmS7JMd_QpCbECrfpsPocr8qk5SZaw_xwHgoExyExngymogiU_A&sai=AMfl-YRFkhvj4jvBjezskEJRTzNnT5FfQ1L-Ke_IUkiEOORI1YZpiIep3lKTTThHsFzW0ffmqnlaKDylMr1UMSEYnoHfSV01YHetcLwSICBFgLIg1q5dWf4XIGN19YhgyMs&sig=Cg0ArKJSzL66S1ofPvZ0EAE&cid=CAASPeRoP_np7NkNw9nM9nqc_kmKslou-pKQRPug0i7q6HBaLxehf9YpEZCfmRxcuUByZ0OKjEI1CxRzkjOTfhM&id=lidar2&mcvt=1014&p=60,315,314,1285&mtos=0,1014,1014,1014,1014&tos=0,1014,0,0,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3455604261&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641532787291&rpt=516&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hit
hit.api.useinsider.com/ 		16 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hit.api.useinsider.com/hit
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ab72 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 07 Jan 2022 05:19:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
request-id
20bc0c12-4f52-4284-a6fd-915265fb7169
cf-ray
6c9abbba8abc3747-MXP
content-length
16
hit
hit.api.useinsider.com/ 		16 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hit.api.useinsider.com/hit
Requested by
Host: says.api.useinsider.com
URL: https://says.api.useinsider.com/ins.js?id=10002153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ab72 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 07 Jan 2022 05:19:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
request-id
ef0f0618-609b-4de1-8c14-1dcfca37c025
cf-ray
6c9abbba9aca3747-MXP
content-length
16
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220106-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
3518
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
uF4xmWQ+DEw5Nng1R8u5b3c/+3aoQw58B/cvMI4J30iWyWDf7OEkNvG4eviAWD23HVTphQs3WnI=
x-served-by
cache-hhn4065-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1641532789.181405,VS0,VE0
date
Fri, 07 Jan 2022 05:19:49 GMT
vary
Accept-Encoding
x-amz-request-id
590GG252X3NTS17J
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
53
x-cache-hits
1647
/
pips.taboola.com/ 		64 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
a0c725cfec2850cb8cb8064889f23f84fa8a80f260b82b28ea38d58c47ec8c05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:49 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6976-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://says.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
log_event
www.youtube.com/youtubei/v1/ Frame BF1F 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/fXYZg81P83c
X-YouTube-Client-Version
1.20220104.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtHbXVMYkctLVFnVSjymt-OBg%3D%3D
X-YouTube-Ad-Signals
dt=1641532786907&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C208&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 07 Jan 2022 05:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 07 Jan 2022 05:19:49 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 8558 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/iPHNspcFyow
X-YouTube-Client-Version
1.20220104.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtxZGNwQmlVLTBKVSjymt-OBg%3D%3D
X-YouTube-Ad-Signals
dt=1641532786875&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C370%2C208&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 07 Jan 2022 05:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 07 Jan 2022 05:19:49 GMT
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2&uad=2dbb904282fe1867a9e3906e8930afd4caa646bdb5199d653b3c899a24918d2d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://says.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 07 Jan 2022 05:19:49 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
www.facebook.com/tr/ Frame BB86 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1394602727253794&ev=Microdata&dl=https%3A%2F%2Fbcp.crwdcntrl.net%2Fpixels%3Fs%3D61%252C12%252C8%252C2%26b%3D797747%252C1769168%26c%3D11139&rl=https%3A%2F%2Ftags.crwdcntrl.net%2F&if=true&ts=1641532789396&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&it=1641532787777&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 05:19:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Fri, 07 Jan 2022 05:19:49 GMT
data
bcp.crwdcntrl.net/6/ 		172 B
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/11139/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
94c73dcc7849de4b1f2181ade84c68dc8d3ade5f1d66f73b6e21fe1f687e79ad

Request headers

Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 07 Jan 2022 05:19:49 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://says.com
cache-control
no-cache
x-server
10.45.19.182
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
172
expires
0
collect
f.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
application/x-clarity-gzip
Referer
https://says.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://says.com
date
Fri, 07 Jan 2022 05:19:49 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

400 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onsecuritypolicyviolation object| onslotchange object| __cfQR object| __cfBeacon number| _sf_startpt string| envTargeting string| env object| dfpTargetingParams object| PWT object| googletag object| lotame_11139 function| fbq function| _fbq object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state function| Popper object| cookieConsent function| LazyLoad function| buildPrivatePub function| loadNextStory function| premiumHeader function| reCalcAffix function| validateImage function| popupCenter object| PrivatePub boolean| scrollLock object| resizeTimer object| Says object| isMobile boolean| searching function| $ function| jQuery object| jQuery112409553906092015771 function| autosize function| _ object| NProgress function| EventEmitter object| eventie function| imagesLoaded function| CoverImageCropper function| swal function| sweetAlert function| Instafeed object| bootstrap object| _taboola object| dataLayer function| fbAsyncInit object| _comscore object| defaultParams object| cookieMain object| wrapper object| setting object| settingContent object| acceptBtn string| seurl function| showFlash boolean| __cfRLUnblockHandlers string| $attrib object| $hits object| SaysDevice object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| lotameIsCompatible function| lt11139_ba function| lt11139_b undefined| lt11139_c undefined| lt11139_ca undefined| lt11139_da function| lt11139_ea object| lt11139_fa function| lt11139_ga function| lt11139_ha object| lt11139_ object| lt11139_6 function| lt11139_aa function| lt11139_a function| lt11139_d function| lt11139_e function| lt11139_f function| lt11139_g function| lt11139_h function| lt11139_i function| lt11139_j function| lt11139_ja function| lt11139_ia function| lt11139_k function| lt11139_l function| lt11139_ka function| lt11139_m function| lt11139_n function| lt11139_o function| lt11139_p function| lt11139_q function| lt11139_oa function| lt11139_la function| lt11139_ma function| lt11139_s function| lt11139_na function| lt11139_t function| lt11139_u function| lt11139_v function| lt11139_r function| lt11139_w function| lt11139_x function| lt11139_y function| lt11139_z function| lt11139_pa function| lt11139_A function| lt11139_B function| lt11139_qa function| lt11139_C function| lt11139_D function| lt11139_E function| lt11139_ra function| lt11139_G function| lt11139_H function| lt11139_F function| lt11139_sa function| lt11139_I function| lt11139_J function| lt11139_ta function| lt11139_ua function| lt11139_K function| lt11139_va function| lt11139_wa function| lt11139_xa function| lt11139_Ba function| lt11139_ya function| lt11139_za function| lt11139_Aa function| lt11139_Ca function| lt11139_Ea function| lt11139_Da function| lt11139_L function| lt11139_Fa function| lt11139_Ga function| lt11139_Ha function| lt11139_Ia function| lt11139_Ja function| lt11139_Ka function| lt11139_La function| lt11139_Ma function| lt11139_Na function| lt11139_M function| lt11139_N function| lt11139_O function| lt11139_P function| lt11139_Q function| lt11139_R function| lt11139_S function| lt11139_T function| lt11139_U function| lt11139_V function| lt11139_W function| lt11139_X function| lt11139_Y function| lt11139_Z function| lt11139__ function| lt11139_0 function| lt11139_2 function| lt11139_Oa function| lt11139_Qa function| lt11139_Pa function| lt11139_3 function| lt11139_Ra function| lt11139_1 function| lt11139_Sa function| lt11139_Ta function| lt11139_Ua function| lt11139_Va function| lt11139_Wa function| lt11139_Xa function| lt11139_4 function| lt11139_5 function| lt11139_Ya function| lt11139_Za function| lt11139__a function| lt11139_0a function| lt11139_1a function| lt11139_2a function| lt11139_3a function| lt11139_4a function| lt11139_5a function| lt11139_7 function| lt11139_8 function| lt11139_8a function| lt11139_9a function| lt11139_7a function| lt11139_6a function| lt11139_ab function| lt11139_$a function| lt11139_cb function| lt11139_bb function| lt11139_db function| lt11139_eb function| lt11139_fb function| lt11139_gb function| lt11139_hb function| lt11139_ib function| lt11139_kb function| lt11139_nb function| lt11139_mb function| lt11139_jb function| lt11139_qb function| lt11139_lb function| lt11139_ob function| lt11139_sb function| lt11139_rb function| lt11139_tb function| lt11139_pb function| lt11139_ub function| lt11139_vb function| lt11139_wb function| lt11139_9 function| lt11139_xb function| lt11139_yb function| lt11139_zb function| lt11139_Ab function| lt11139_Bb function| lt11139_$ function| lt11139_Cb function| lt11139_Db function| lt11139_Eb function| lt11139_Fb function| lt11139_Gb function| lt11139_Ib function| lt11139_Jb function| lt11139_Kb function| lt11139_Hb function| AlgoliaSearch function| AlgoliaSearchHelper function| AlgoliaExplainResults object| ALGOLIA_MIGRATION_LAYER object| __algolia function| algoliasearch function| algoliasearchHelper function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| mnet object| ucTag object| OWT string| partnerName string| key object| GoogleGcLKhOms object| google_tag_manager function| postscribe object| google_tag_manager_external object| FB function| udm_ object| ns_p object| COMSCORE object| google_tag_data string| GoogleAnalyticsObject function| ga object| _sf_async_config string| fetchKeyword string| str object| patt boolean| res function| twq function| clarity object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| gaplugins object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _cb_shared object| _cbv function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id string| prop string| __INSIDER_SCRIPT_VERSION_says__ object| _cbm object| gaData function| _UA-27970811-1_sendHitTask function| pm function| sQuery object| spApi object| Insider object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies function| onYouTubeIframeAPIReady boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| placementData object| ampInaboxIframes object| ampInaboxPendingMessages string| nam function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| image boolean| _tb_vd_pg object| tbopt object| _tfa object| cmTag object| msgData object| _cm_wfCounters object| google_image_requests string| originalTitle

53 Cookies

Domain/Path Name / Value
says.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.says.com/ Name: pbjs-pubCommonId
Value: 89dac2c2-2425-4c7d-9c7b-00d1aec0e14f
.youtube.com/ Name: YSC
Value: coIue_jJmJw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: qdcpBiU-0JU
.scorecardresearch.com/ Name: UID
Value: 14384TMIUG4HL6LU0D7YGMg1641532787
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_domain
Value: .cc.says.com
.crwdcntrl.net/ Name: _cc_id
Value: 6005f46faaa2c3a6e7d3929ef4ebe851
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDMwME0zMUtLTEw0SjZONEs1TzG2NLJMTTNJTUq1MDVkAILE62eLQDQE8Bx5vUWE8YkFw39GRoabs1p1Yezjm6awMDaHg8U%2FfraEMZ8tngMXXv6nECZ8%2FOghZhh7977LAjD2YSTl00%2Bow4TfLUGYMuPaJR2YOADyfzx5"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIvH62CEhBABMD442lICbLUU4gCQBW1ATK"
.says.com/ Name: _cc_id
Value: 6005f46faaa2c3a6e7d3929ef4ebe851
.says.com/ Name: _cc_cc
Value: ACZ4XmNQMDMwME0zMUtLTEw0SjZONEs1TzG2NLJMTTNJTUq1MDVkAILE62eLQDQE8Bx5vUWE8YkFw39GRoabs1p1Yezjm6awMDaHg8U%2FfraEMZ8tngMXXv6nECZ8%2FOghZhh7977LAjD2YSTl00%2Bow4TfLUGYMuPaJR2YOADyfzx5
.says.com/ Name: _cc_aud
Value: ABR4XmNgYGBIvH62CEhBABMD442lICbLUU4gCQBW1ATK
.facebook.com/ Name: fr
Value: 0whMlEx28hmiD5ryH..Bh181y...1.0.Bh181y.
says.com/ Name: _cb_ls
Value: 1
www.clarity.ms/ Name: CLID
Value: 0156f6b69b7f46f4bf39430b42e68e59.20220107.20230107
says.com/ Name: cto_bidid
Value: 5-EGR19ORTQlMkJzZDFJWnhhS0N1QVNOaGhSTmVVS1lCOUdKUGFkSzhsUXVmJTJGV043V25MVTREZzR1SSUyRkJheG94eVNMJTJGaXdhTDhpbFpzQ1JvU0dmUloyOXh5UXVBJTNEJTNE
says.com/ Name: cto_bundle
Value: HSeWTF9WTU52MXJmZ0JRa20lMkJyNmFXcE52dmc0V1FJQTNPJTJGY1JQdmM0VWZnMGo3SVNTNVRDcDVLUFBWYkJnb3VaYTE5cUFYQ3RMNnVzMzhJaGd0N3VxS2l1T0NsQ1UlMkZXSVh1ZXJmJTJCbjZqY2Jsb0luVWc3dUQ2azVPY0tOd0RqbUFtNjVv
.twitter.com/ Name: personalization_id
Value: "v1_AfptqwdWIcwJEjK4RiHeUw=="
.says.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.says.com/ Name: _ga
Value: GA1.2.333989470.1641532787
.says.com/ Name: _gid
Value: GA1.2.262133666.1641532787
.says.com/ Name: _gat_UA-27970811-1
Value: 1
says.com/ Name: _cb
Value: 7GJlvB38co8hLaZs
says.com/ Name: _chartbeat2
Value: .1641532787124.1641532787124.1.B31KoyD2mCFeBwl__9BWNRblBScWFQ.1
says.com/ Name: _cb_svref
Value: null
.says.com/ Name: _fbc
Value: fb.1.1641532787149.IwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
.says.com/ Name: _fbp
Value: fb.1.1641532787150.844378079
says.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D904ff858-9e7f-4c3e-a91b-5ba4e398ae55-tuct8d152f2
.says.com/ Name: __gads
Value: ID=3ecefdb648fb8d08-22c9626e17cd0053:T=1641532786:S=ALNI_MYWhfjiPGvFsB7RPZxIe6yOQgK-9w
.c.bing.com/ Name: SRM_B
Value: 33E9A24229E4664F14F0B367288F67EA
says.com/ Name: _tb_sess_r
Value:
says.com/ Name: _tb_t_ppg
Value: https%3A//says.com/my/lifestyle/there-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 33E9A24229E4664F14F0B367288F67EA
.c.clarity.ms/ Name: ANONCHK
Value: 0
.agkn.com/ Name: ab
Value: 0001%3AAs%2BLg8%2BZdR3tGIhHdhlTXCS%2FVgg5l3PJ
.adnxs.com/ Name: uuid2
Value: 5001737321893040841
.says.com/ Name: _clck
Value: 13xcbls|1|exx|0
.doubleclick.net/ Name: IDE
Value: AHWqTUkP7H0OgOgcm1bkLQu78AVQpeKziUvIqdZgE4x_l4xMAszVfPGfpQY54HSi
.says.com/ Name: _clsk
Value: 1j63tul|1641532787828|1|1|f.clarity.ms/collect
.yahoo.com/ Name: A3
Value: d=AQABBHTN12ECENw2G2QwGHcYn5a39Ws5PnEFEgEBAQEe2WHhYQAAAAAA_eMAAA&S=AQAAAvuGC5VwGN2Bg6pIP-BnrR0
.analytics.yahoo.com/ Name: IDSYNC
Value: 195y~22it
.spotxchange.com/ Name: audience
Value: 6eb3abd3-6f79-11ec-9125-1bf9ad920206
.taboola.com/ Name: t_gid
Value: 48e875be-37d5-4c67-a8b9-4e50ae46f9dc-tuct8d152f4
.says.api.useinsider.com/ Name: insdrPushCookieStatus
Value: true
.says.com/ Name: _dc_gtm_UA-27970811-1
Value: 1
says.com/ Name: _lr_retry_request
Value: true
says.com/ Name: _lr_env_src_ats
Value: false
says.com/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-01-07T05%3A19%3A48.721181Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.adsrvr.org/ Name: TDID
Value: 298b9020-3c83-4db9-9541-055f3e2575b7
says.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%22298b9020-3c83-4db9-9541-055f3e2575b7%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-07T05%3A19%3A48%22%7D
.says.com/ Name: panoramaId_expiry
Value: 1641619188719

5 Console Messages

Source Level URL
Text
network error URL: https://themalaysianreserve.com/wp-content/uploads/2022/01/000_9VL2UU-1024x684.jpg
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://themalaysianreserve.com/wp-content/uploads/2022/01/Banjir.jpg
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1blg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=35af9c1f-7041-430e-a30e-a4862937d667&tw_document_href=https%3A%2F%2Fsays.com%2Fmy%2Flifestyle%2Fthere-s-a-rage-room-in-the-heart-of-kl-where-you-can-smash-things-for-fun%3Ffbclid%3DIwAR0vAlP6VNaHAIhinpJPAxbHQKpFxgxiz4tllsond5U6U_nwYnOjbaQQIa8&tpx_cb=twttr.conversion.loadPixels
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c16d-35-240-187-111.ngrok.io/pcto.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
42f767e64061f1068ed5466942dcecbb.safeframe.googlesyndication.com
aa.agkn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
analytics.twitter.com
api.rlcdn.com
assets.nst.com.my
bcp.crwdcntrl.net
c.bing.com
c.clarity.ms
c16d-35-240-187-111.ngrok.io
cdn-cf-east.streamable.com
cdn.embed.ly
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
connect.facebook.net
eus.rubiconproject.com
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hit.api.useinsider.com
i.ytimg.com
id.crwdcntrl.net
id5-sync.com
images.says.com
images.taboola.com
imprammp.taboola.com
location.api.useinsider.com
log.api.useinsider.com
mab.chartbeat.com
match.adsrvr.org
ml314.com
mug.criteo.com
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel.rubiconproject.com
policy.revasia.com
s0.2mdn.net
says.api.useinsider.com
says.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
static.ads-twitter.com
static.chartbeat.com
static.cloudflareinsights.com
static.doubleclick.net
statics.streamable.com
stats.g.doubleclick.net
streamable.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.search.spotxchange.com
sync.taboola.com
t.co
taboola-supply-partners.tremorhub.com
tags.bluekai.com
tags.crwdcntrl.net
themalaysianreserve.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
use.typekit.net
v.embed-cdn.com
vidstat.taboola.com
widget.perfectmarket.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.109.78.125
104.111.215.191
104.16.89.50
104.244.42.197
104.244.42.3
141.226.224.32
141.226.228.48
141.95.3.10
142.250.185.130
142.250.185.98
142.250.186.162
143.204.98.111
143.204.98.87
143.204.98.93
151.101.1.44
151.101.129.63
151.101.193.181
178.250.0.157
18.156.0.31
18.193.198.58
18.208.50.180
185.33.220.145
185.94.180.125
199.232.136.157
2.18.233.180
2.19.35.65
20.84.22.197
2600:1f16:d83:1201::6e:1
2600:1f18:612b:4232:5007:e458:edcf:dd38
2600:9000:2156:200:18:1fcd:34f:cdc1
2606:4700:3035::6815:273b
2606:4700::6810:125e
2606:4700::6810:5814
2606:4700::6810:5f41
2606:4700::6811:aa72
2606:4700::6811:ab72
2606:4700::6812:13ee
2606:4700::6812:d50
2606:4700::6812:eec
2620:1ec:27::cafe:1861
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:809::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2016
2a00:1450:4001:813::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9c
2a02:2638::1c
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba0a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::300
2a04:4e42:400::714
3.121.249.198
34.120.133.55
34.247.104.176
52.142.114.2
52.223.40.198
52.30.140.199
69.173.144.165
89.187.169.47
0382a06b8e3ec31595098573a3dbfd2d17b458498c1aa3b485741b0413777a9c
07fc9dd1870bfe6cd45f9a6dda809cf8ac5f1bc42dca32da1c0de766c7796506
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0f93cbff208f3aecc4a2d63cd0a20b4c086d0fccdc26ffb84568ca8fcb08b594
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111f87080fb69c259c2b88f2ce8f7d0ed2a3741ac39c3ffd25ce43326eb35125
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135e77ab4be0b20ab0b9fde23a78826f8fef7634e8f65139ee3e0e3c60dce136
1608980c6f4deb0e238ce9af217e69059535d627e4d9fa8adc9908661912b3a1
16adf8c0cf6ed747ee0358358062223296e7285af48e189f7de282698528ea07
17cad871214c208c7e4bf8dcfd512d10b053fa93fc0693cb3882e287011034a2
1bea71d07ca30415d598ea3dfbe6641f5aa63fe0414d3c27ed6bd0e89c603439
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e7617410fe978cf5cd50e9429ea9de95eb1c2cbc7f5ba8316284ae48f3085d8
1fecaf8fcb78c537e1c1e6cee00ec28b8f2e6c5b2799df77986f82d71b5d1409
226fc7898f6ff88dcef4fd920484039471618de0c2da72c07f7218a23f38b00f
25b314ac4845e3a76ae529cf77396ce9d370cfc95885d7d4e1cca3e8814dccd7
2a0d2f74a554c2d0677d75d7fec2440622c7f110cd2c7c64a16f060e7e18e27e
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fc7dbabfc005fcc46abffb82e1a2023d7ab0ca0755e01d2c47c9d378e35a527
307bca04abfc4054d09811c7d6aa3d6876fd5a1ec4c718f56f05ad774e4b3fe6
31d9c853c708b76c66157ca9d90951cfd523478ad12b1354ad7f70eaaa8802f2
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
366ce2ce7a1919c556fd1faa65b91beb29de78739191dbf238b0195435652504
3769516affac69e2a8b1a14f9ae4572464ce4ffbf798449d989ca6fc36c1acae
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
3a237686b34ddd9d412e86a71c4d69d9100707d49d5d5d3eff2f668683d2ee94
3d8693cddca8ef95b6b06ab98ad4ae68d7c7a30aa8d781e418c28b84bfcca7cd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4135194f800aa5b4de42429b70544dd6ff029f68838009c49f8d131344f923ef
4206c25c7a42acaec37bfb5b5c4144aebdea6204697cf42a7728ecee4e60a605
42358034ab02462b6a97d66ff3cbf51673c8af6d7a3426f68b7e222299fc28e8
45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512
48380751e4255e690edaca91a26bca24ad484679ace0c99eee67836cc6a13784
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4975ab1e8aae859d9cf81521895c37620b1443a5cc76f2a97414f995883d524a
4c096cb9e2a680bbe541241b4716b27ce4af896decd959c2ee02f6b2ca476040
4d03ca7f3ce7f1698643944490152dd091759abaae48a654dcb8c0e1fff69094
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d72b2f9e475db594a80a1031c986d964e50ed55b6380aeff6f2d735001639ff
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4f4ff89df39878abed803b8aaeb83768b3a15e393793d1f8bd555d6df18bbb10
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5134228adcaa0fc32236684795bca9b368864e9374fbd49757c71d9d8e707e2c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5539208e2eac41830b45b93b3a6c50eb872b5e72f872f12969d7a8d6cc06f670
557cfd4746bcfc0abc05cca7cf4faa59823641b93b3c3deb87e9c7f844ca99f0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4447ef4df513c0f5bc6dff8232177b177b1655ec4e9023ed0d0e4f2fe22da
57a4bb5c5fad1da04cf1d43c824c9117e6ae12d5fca469fd4e525e216fb37761
57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078
58647f228fe008f1e08d5dcceff6e40d4f5df7097cdb8a2cb8964158ef482055
5a014be48ad2d69469e55c2f6ef8f0a37b844bb92c4b0c690fc198e70e075410
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d8f40a505e00b1ff67ee6d75dcd350526031887ca30058f8f494d926894b726
5e379b820d523eb341fa24c9e45799ac185bf589364f69ed73995c8c9a1f65c0
5ee5c52e7f3e4ade63370d2962b8860f64c8c85c359415a3e287f5451a4b8d84
614746b52a14c73782d6bebd9bf0c4ff0466d1a1a652882ee2c7b75eb680bfc9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
66447cfc636542b4acdb280f4d41993dd18718ba71c208ef9b74f24ca508353d
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c7c6809766ceecd97d6e5b8957469fc0c31f432ca5f3dab7181b84f8e114b90
6f63977a77d21a2faf01899cc776ee6164e9742602b92936c8a49270c7097601
70ea4d281899906164d43782c7ef2212a415bed7753013e3777caecc303470b8
7309c2816ced7684c96489063634978e35b7cc458a31fd580de8e6aa978a7fed
76d2322d49a00d326f0f1a895eff4041618a76d0973d09c1576bf929bd4f4b25
776f6bdeb7bb14a6e4a36b2b97ef7d9f01410a4359e4ef17555d8f8db348647b
7aef5e5dce9fc35f98a00aa174b9206cbb23460ee62c0bd446e3175dab4aece9
7ca79b17283dd424f6e491d2effc14b0a4861b5c8ea6580950551ba8e49b948a
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83aa6b310cdcebbb3c40efd2dceaccfc2b13e494e22574835bbbbd0108cef70b
84b1e12cac11b21464e7486780a0b6f75b70ad46d81c714b50a82cb59b46fc73
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f390c5a067fdeed9ba1e736ff02f8e97220a37d13fb28a910007c1f958b6ca
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e22cb4e66e648370b980132b699183bd83db43648b6a901394b428c8cede89a
9020e29a8803a9cc10a82a813d4090471b2c58c07af89d70d4362fb71e073ea4
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
94c73dcc7849de4b1f2181ade84c68dc8d3ade5f1d66f73b6e21fe1f687e79ad
9745e14f3400b312c5493f11bd87465ca464bbdd8d12bb76d2df64f6c25ecabf
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d
98e20fed1ad95e3f47ff63d1307887cbbf59d4d8d87b59001e5e24545caff46b
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
997c6b742b0e78bbad9fc6198c09e453e5ef09145a23a2febcd37f51382c13de
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d931209f713690a349cddbb7035dd0afb8c29ebd739b10abd85371981bace31
9e717e471d327f2f1a02cfa359c544598afde16f0c35ad0b08554901db413b07
a01e2f2217509abd05a352895fdcaac4415371443349446e4a74b663377326d6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c725cfec2850cb8cb8064889f23f84fa8a80f260b82b28ea38d58c47ec8c05
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2f6fec90f9b0079aad59d497fa75796162208996aa12a56b65ad4dc2cb07053
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8e3cca7afe137169ab0dded5678ac0213c615c4f0c2f2a5cf99a5a5b3b4c449
aa81d8e25752bc894740691e4213a0d98a9d7575b9ac3f70e15f02dcebff4550
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad609f7412bd864afe19e2e3f5046e0aca37045723940a4c84697b9d0e8c491c
aed38d21380146b4eb1ac909b5f00340bba89d8f8cff4696b2b3811627fc26e9
b0aee772eaa1637138fed7052154f2ff52abff10c1f187dc10cfed2f05c40355
b134fde89ebfa43641375b03db908871b6d1934afe94d6a952fe630fa43a07da
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d
b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47
b232175bba8b59afcf0155e10ae542f673b956f47847078ea4e32b99803669d7
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
bcb364b14c29acf55f1f6bd167a0aa6705ef92b7eb9139ba50b3ae121acdb372
bd41db2e1e96f28eee9a1eec9333b8b8810b685ae4e304624b74e1a10b0167fa
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d
beae42806e60f21603cbc9db1e973109db8378eaafc669ca420defae32c774b9
c1c8e331f9e57876bc58b18eafb957a7863b7fe164b059ad294fe87c908ce939
c35206600477a314038bc3fa5729b93ac651a8ba4b950395b05031fc91dabdd0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca73a7d0d047beb4309308bb58c6626df780d5bb839340b70a4c6c070c466654
cab00a8f38173aff30818685677f81e3ddf45484135d3fca00906400c625ade6
cac672fdf704db4efb8a9094c8f88118de2d86868e493eb2fce425688c989911
cbc403a4f6c5a164e25c45b7be438e1e369b7029b285fd71941d08ecc7bd99e0
cbccbe0e6a648c7f70bbb904016388798338882e7a4966047a5a15832b27173d
cc4b0c0e3f6bef7a65aed715e26ccbbb24f99a9730485c56d61c63c4dba00918
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd6f210fa553b422963c25ce83a397ba24dd73fce5f2839901afc1ca94d28c48
cd9cb9c903df5fde875a4cfee310d781cc37d5c6bfda0b1eaa8e699ffd65a172
cea595e621b7a79d4ef54024001c5340d0132b7ec31cdbc5f01f12c552683f40
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe8e5168d661e94ef9fc3ae9d3f2a5b7a02093231694e1ae0573b5be6c4215a
d0fe6ce7488686c1a15f87904e4a273e7957af779aa583a6894a195b4bb9bd04
d2325b5f948304800cab112345163a82d61b24194d858c807f35b52f64a09276
d4310e56d4f24aebaedcd972bbb25ec84f414fa5b9be2766749b518f4a920ba5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
d8ee7ce0597064f4648640ffba96ce5fc6954acad1d948313b8be809b7aeb3d1
d9257d2fc0f1e501035e17ed8dc09cd180dcd03642978c1112602372e8d5ad56
d9ba3eadef12ba520749fbd669c1e116c4e61f28a3aaa099200d36b4d9ab9190
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db8b8f19571f163d2f9504803c854aa5cefc29a7f7dee67eda68c00518a1bb14
ddb21881d011fd815977b131e7c6d7edb6e146f1146c5266124df1736396c417
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dad81ae9e89995623b89e9c6f7c5c926a098f0882f66dfeb6a7bf99926c1f2
e63e150802cb6521f1082f50e27a68b516c2afe27832d5cec6be1d2027339083
e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
eac4247ef2c5f2b263a8514cb7582559bb4315a359c60c2b86726384d47e90cc
eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e
ebab854ae968fde78b7b4cc8240e4580bda5f1d99bef539b2a2769d3b075b0e8
ec3163cce183e601cd03d439a7120880c421cef0cadc8313256de78486441a10
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eeacc99d7476446ea4f2e74bd12e75b11195c0a0e2ff89951046d5a5052f5661
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48
f3ad368d600f9971b1c837949f532cb9244daac10b98e56154a7ede8906d99af
f496b4544f491ae23fe1b2d7ce5aa997627e0bc8c10e778c159591e1c5482b54
f5637e894416c18c52bb252e1fd209512fe83dd0058e3eb69299e83579902812
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8113516e6b700f80eabe1c960dcf901ab9d3854f192eead8b8d635a4dbfba5a
fc751631b01d707fbf9d49d2cb3852260ca0973defc31630c43df334872b3a45
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe33962c08f4f69eb88198b8a56b570a3b019fe10fea937c44da872d1b165eb5
feb474414d4762c8c1ab35647ecc8da901fdd8e971eb6384a58c5a6fe2355efa
ff188de42b762f54e925bad99e6e860d386ad25af83434af2e55dc3231296176