saynotobald.com Open in urlscan Pro
161.35.48.155 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://saynotobald.com/0.12939311076354953
Effective URL:
https://saynotobald.com/presentation
Submission: On July 13 via api (July 13th 2024, 11:21:21 pm UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 25 domains to perform 74 HTTP transactions. The main IP is 161.35.48.155, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is saynotobald.com.
TLS certificate: Issued by R3 on May 23rd 2024. Valid for: 3 months.

This is the only time saynotobald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	161.35.48.155 161.35.48.155	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.163.248.4 3.163.248.4	16509 (AMAZON-02) (AMAZON-02)
1	13.32.23.43 13.32.23.43	16509 (AMAZON-02) (AMAZON-02)
1	34.107.199.247 34.107.199.247	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
3	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2.18.64.15 2.18.64.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	108.156.61.24 108.156.61.24	16509 (AMAZON-02) (AMAZON-02)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	134.209.162.206 134.209.162.206	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
74	33

6 161.35.48.155 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: saynotobald.com

saynotobald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-43.fra56.r.cloudfront.net

d9i5ve8f04qxt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.199.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com

www.ibph4trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.64.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-15.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

14028140.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12217290.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.156.61.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-61-24.ams1.r.cloudfront.net

d1pqvb2h9xgm7r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

service3.purehealthresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 69 14028140.fls.doubleclick.net — Cisco Umbrella Rank: 742035 ad.doubleclick.net — Cisco Umbrella Rank: 169 12217290.fls.doubleclick.net — Cisco Umbrella Rank: 656330 stats.g.doubleclick.net — Cisco Umbrella Rank: 133	2 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 679 o.clarity.ms — Cisco Umbrella Rank: 11423 c.clarity.ms — Cisco Umbrella Rank: 1314	30 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 794 psb.taboola.com — Cisco Umbrella Rank: 5960 trc.taboola.com — Cisco Umbrella Rank: 721 trc-events.taboola.com — Cisco Umbrella Rank: 2069	24 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	533 KB
6	saynotobald.com 1 redirects saynotobald.com	357 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 895 tr6.snapchat.com — Cisco Umbrella Rank: 1128	978 B
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 732	141 KB
4	cloudfront.net d9i5ve8f04qxt.cloudfront.net d1pqvb2h9xgm7r.cloudfront.net	22 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 326 c.bing.com — Cisco Umbrella Rank: 187	17 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 3541	24 B
4	criteo.com dynamic.criteo.com — Cisco Umbrella Rank: 3481 gum.criteo.com — Cisco Umbrella Rank: 460 widget.us.criteo.com Failed	64 KB
2	gstatic.com fonts.gstatic.com	48 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	3 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 98	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	83 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	3 KB
1	purehealthresearch.com service3.purehealthresearch.com — Cisco Umbrella Rank: 366640
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 876	722 B
1	t.co t.co — Cisco Umbrella Rank: 767	376 B
1	google.de www.google.de — Cisco Umbrella Rank: 9452	63 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 839	15 KB
1	ibph4trk.com www.ibph4trk.com	19 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1117	21 KB
1	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 3895
0	regrowhairformula.com Failed secure.regrowhairformula.com Failed
74	25

	Domain	Requested by
6	www.googletagmanager.com	saynotobald.com www.googletagmanager.com
6	saynotobald.com	1 redirects saynotobald.com
5	analytics.tiktok.com	saynotobald.com analytics.tiktok.com
4	trc-events.taboola.com	analytics.tiktok.com
4	tr.snapchat.com	sc-static.net saynotobald.com
3	d1pqvb2h9xgm7r.cloudfront.net	d9i5ve8f04qxt.cloudfront.net analytics.tiktok.com
3	region1.analytics.google.com	www.googletagmanager.com analytics.tiktok.com
3	www.clarity.ms	saynotobald.com bat.bing.com www.clarity.ms
3	bat.bing.com	www.googletagmanager.com bat.bing.com saynotobald.com
3	dynamic.criteo.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	c.clarity.ms	1 redirects
2	o.clarity.ms	analytics.tiktok.com
2	www.facebook.com	saynotobald.com
2	12217290.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	ad.doubleclick.net	saynotobald.com
2	14028140.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.youtube.com	saynotobald.com www.youtube.com
2	connect.facebook.net	saynotobald.com connect.facebook.net
2	fonts.googleapis.com	saynotobald.com
1	c.bing.com	1 redirects
1	service3.purehealthresearch.com	analytics.tiktok.com
1	tr6.snapchat.com	sc-static.net
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	cdn.taboola.com
1	analytics.twitter.com	saynotobald.com
1	t.co	saynotobald.com
1	gum.criteo.com	dynamic.criteo.com
1	www.google.de	saynotobald.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.ads-twitter.com	saynotobald.com
1	www.ibph4trk.com	www.googletagmanager.com
1	d9i5ve8f04qxt.cloudfront.net	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	saynotobald.com
1	www.google.com	1 redirects
1	www.youtube-nocookie.com	saynotobald.com
0	widget.us.criteo.com Failed
0	secure.regrowhairformula.com Failed	saynotobald.com
74	40

This site contains no links.

Subject Issuer	Validity	Valid
saynotobald.com R3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-22` - `2024-07-21`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
p8btrk.com Starfield Secure Certificate Authority - G2	`2023-11-30` - `2024-12-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
service3.purehealthresearch.com R3	`2024-06-04` - `2024-09-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://saynotobald.com/presentation
Frame ID: 691D953754ACA50F2E5880CFAF5415E4
Requests: 66 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/W2v6kmNiZhU?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: F168C5E7CDDAE0A02A040D4C25BBE461
Requests: 1 HTTP requests in this frame

Frame: https://14028140.fls.doubleclick.net/activityi;dc_pre=CKr_wYWUpYcDFU9ZHgIduOsGNg;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=2206555051322;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=1855242691;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: 804B903CE5CC14F3557A65F0E73BBFCC
Requests: 1 HTTP requests in this frame

Frame: https://12217290.fls.doubleclick.net/activityi;dc_pre=CNbQwoWUpYcDFYtnHgIdp0wI7Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3116509141888;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=2092254846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: CFD19D02D97CAFE2FD4C8E965A347001
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_scsid=641aae1e-2dd6-44f0-bbf0-7c340309e18a&u_sclid=e6982227-3fe4-4cfb-8a4f-e49dde336978
Frame ID: 389B3B946E1878425F2C71714E0E56ED
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag
Frame ID: CD759BAD95E593D02A9F674FF539A1CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ReGrow

Page URL History Show full URLs

http://saynotobald.com/0.12939311076354953 HTTP 307
https://saynotobald.com/0.12939311076354953 HTTP 302
https://saynotobald.com/presentation Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

74
Requests

95 %
HTTPS

36 %
IPv6

25
Domains

40
Subdomains

33
IPs

7
Countries

1395 kB
Transfer

3612 kB
Size

40
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://saynotobald.com/0.12939311076354953 HTTP 307
https://saynotobald.com/0.12939311076354953 HTTP 302
https://saynotobald.com/presentation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1351085331.1720912876&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45He4790n81TDFXFQXv850445531za200&auid=1681258462.1720912876 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1351085331.1720912876&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45He4790n81TDFXFQXv850445531za200&auid=1681258462.1720912876

Request Chain 29

https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=2206555051322;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=1855242691;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation HTTP 302
https://14028140.fls.doubleclick.net/activityi;dc_pre=CKr_wYWUpYcDFU9ZHgIduOsGNg;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=2206555051322;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=1855242691;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation

Request Chain 31

https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3116509141888;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=2092254846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation HTTP 302
https://12217290.fls.doubleclick.net/activityi;dc_pre=CNbQwoWUpYcDFYtnHgIdp0wI7Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3116509141888;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=2092254846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation

Request Chain 62

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6356C543D8F044BCAF68EBB598E35A01&RedC=c.clarity.ms&MXFR=24DC468004D06127214F523B00D06FBC HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6356C543D8F044BCAF68EBB598E35A01&MUID=2D4546DCD3A4650D34AC5267D22F64D6

Request Chain 72

https://sslwidget.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=pSPaj19BT0xyNjJBM0UlMkZJSlJ5ZWlGbXc4TXhucnRQYzNzcVpmMGt4R2tHbCUyQiUyRlclMkJuYndib2t4JTJGTlBZVW1CZnZOJTJGNWFqcjBJbWMwUUxDM1hDS3Ixb0x1NnZrcG5sdGNYaHlWODU5U1VMZlRnSVQ0dUI4bFBzT1ZxQW9xQndzaWdQNWxkNk5aWVRPbyUyRkplOGxDZ1JjWmc3UjhJUSUyQjI4Q1BZY1FIUkh0RTRabzIyanprJTNE&sc=%7B%22fbp%22%3A%22fb.1.1720912876429.90518553965895600%22%2C%22ttp%22%3A%22VeO8Z44T57WMDkggOjxwrp4VIFg%22%7D&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation&ceid=29d32db0-84fe-43e1-a6ff-8dfb9f752b1d HTTP 302
https://widget.us.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=pSPaj19BT0xyNjJBM0UlMkZJSlJ5ZWlGbXc4TXhucnRQYzNzcVpmMGt4R2tHbCUyQiUyRlclMkJuYndib2t4JTJGTlBZVW1CZnZOJTJGNWFqcjBJbWMwUUxDM1hDS3Ixb0x1NnZrcG5sdGNYaHlWODU5U1VMZlRnSVQ0dUI4bFBzT1ZxQW9xQndzaWdQNWxkNk5aWVRPbyUyRkplOGxDZ1JjWmc3UjhJUSUyQjI4Q1BZY1FIUkh0RTRabzIyanprJTNE&sc=%7B%22fbp%22%3A%22fb.1.1720912876429.90518553965895600%22%2C%22ttp%22%3A%22VeO8Z44T57WMDkggOjxwrp4VIFg%22%7D&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation&ceid=29d32db0-84fe-43e1-a6ff-8dfb9f752b1d

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request presentation Show response
saynotobald.com/
Redirect Chain

http://saynotobald.com/0.12939311076354953
https://saynotobald.com/0.12939311076354953
https://saynotobald.com/presentation

51 KB
14 KB

232ms
232ms

Document
text/html

161.35.48.155
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://saynotobald.com/presentation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: saynotobald.com
Software: nginx / Express
Resource Hash: 1cb6c54f7fb2cbb987bd5b2731aedef67ae08c5e40a31c693ce71b7ad78b2037

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sat, 13 Jul 2024 23:21:15 GMT
ETag: W/"cabf-N4iAJBvT43ZX6KoJJsAdpbMEp3A"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

Redirect headers

Connection: keep-alive
Content-Length: 70
Content-Type: text/html; charset=utf-8
Date: Sat, 13 Jul 2024 23:21:15 GMT
Location: /presentation
Server: nginx
Vary: Accept
X-Powered-By: Express
pageNotFound: true

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
1 KB 139ms
50ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jul 2024 23:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 21:40:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jul 2024 23:21:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
1 KB 137ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jul 2024 23:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 21:50:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jul 2024 23:21:15 GMT

GET
H/1.1 200
OK play-img-d.gif
saynotobald.com/img/video/ 302 KB
302 KB 118ms
117ms Image
image/gif 161.35.48.155
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saynotobald.com/img/video/play-img-d.gif
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: saynotobald.com
Software: nginx / Express
Resource Hash: 92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0

Request headers

Referer: https://saynotobald.com/presentation
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 23:21:15 GMT
Last-Modified: Wed, 30 Aug 2023 07:18:00 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"4b87a-18a454e656e"
Content-Type: image/gif
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 309370

GET UCAffiliateNetworkPixel
secure.regrowhairformula.com/cgi-bin/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 412 KB
119 KB 201ms
60ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

661cfda85ad984229ae21b7dae5b0703127c6feedd302d5d461610145699c3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121047
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 23:21:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 188ms
45ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Jul 2024 23:21:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=12, mss=1297, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: Omw+/P5i/3bqRLcFRPUYN42YB6Mzu9ZRRynu/L0EmnIIRPbHJlE1rhXFlCgX7CT1eLixRxA9nlTdj8VtGiIWAw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 W2v6kmNiZhU
www.youtube-nocookie.com/embed/ Frame F168 0
0 281ms
96ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/W2v6kmNiZhU?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 23:21:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 200ms
58ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e7957d2930152fe815b50b888553d1052e6f08f33a46c970a8b2adce6bf1aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sat, 13 Jul 2024 23:21:15 GMT

GET
H/1.1 200
OK dr-holly.png
saynotobald.com/img/featured-on/holly/ 15 KB
15 KB 474ms
228ms Image
image/png 161.35.48.155
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saynotobald.com/img/featured-on/holly/dr-holly.png
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: saynotobald.com
Software: nginx / Express
Resource Hash: b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6

Request headers

Referer: https://saynotobald.com/presentation
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 23:21:16 GMT
Last-Modified: Wed, 30 Aug 2023 07:18:00 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"3a1c-18a454e64f6"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14876

GET
H/1.1 200
OK featured-logo.svg
saynotobald.com/img/featured-on/holly/ 65 KB
25 KB 487ms
241ms Image
image/svg+xml 161.35.48.155
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saynotobald.com/img/featured-on/holly/featured-logo.svg
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: saynotobald.com
Software: nginx / Express
Resource Hash: 4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855

Request headers

Referer: https://saynotobald.com/presentation
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 23:21:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 07:18:00 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"104e7-18a454e64f6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Connection: keep-alive

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/8d9f6215/www-widgetapi.vflset/ 31 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d9f6215/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb34150905a3d5ae56c7b9d66a658a0ed0de85b1e9a41282e2e82c326831aec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 18:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10405
x-xss-protection: 0
last-modified: Wed, 10 Jul 2024 04:14:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 13 Jul 2025 18:11:59 GMT

GET
H2 200 810524130072458 Show response
connect.facebook.net/signals/config/ 118 KB
24 KB 356ms
356ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/810524130072458?v=2.9.161&r=stable&domain=saynotobald.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aec4b73e2968e4c5dc38946313b49e535636b98675252ee526eb58d73d49bbdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Jul 2024 23:21:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=63, mss=1297, tbw=64158, tp=-1, tpl=-1, uplat=311, ullat=1
pragma: public
x-fb-debug: Jd/FvN9xQ7mzNyR7vl/OZ/SL/MzyFpG08WARLDOY9ul65rijF5o2cPyyy0m6CSkJGCUp6mHuB1NSPArGPDA+Nw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 50 KB
22 KB 157ms
46ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=91644

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a6b013c85873a3c03eaf24a04dc6043c8b390d9bd0dee4f0c1423a1d075bb42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 50 KB
21 KB 218ms
107ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=92347

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6de8b8ecf06ae431e0aaa48646d237c3d91e7855ffbb3281e58a034f4d72b26a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 50 KB
21 KB 240ms
130ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=113117

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4cb1d2e8005383d8bb7353ea253c64401b3f565d026d59a910499d2387606b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1351085331.1720912876&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45He4790n81TDFXFQX...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1351085331.1720912876&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45He4...

42 B
65 B

142ms
51ms

Ping
image/gif

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1351085331.1720912876&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45He4790n81TDFXFQXv850445531za200&auid=1681258462.1720912876

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 23:21:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jul 2024 23:21:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1351085331.1720912876&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45He4790n81TDFXFQXv850445531za200&auid=1681258462.1720912876
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 330 KB
107 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1eacd12f38b5d14257f48f6e513714ee0ed76a56bdc5c2eac3ca1aaf199dac78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109907
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jul 2024 23:21:16 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1423196/ 70 KB
22 KB 339ms
234ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959802ecd585446526ac35462dde5e3bf431a34d4a7543a25fb8d3ea6cb785cb

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: DOvWDVBCLNeQOUqQZwmHe_4cpqrMV1zy
content-encoding: gzip
via: 1.1 varnish
date: Sat, 13 Jul 2024 23:21:16 GMT
x-amz-request-id: CMXKJ1EPKTN37E24
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21724
x-amz-id-2: nUb16YtSn+Nqmgm51DGLt1RpwGNxiCDC/FTU5LUjc8UG8SoXhpgEIUixygIt9YpAk6Gx2E0UYGk=
x-served-by: cache-fra-etou8220088-FRA
last-modified: Sun, 07 Jul 2024 11:11:37 GMT
server: AmazonS3
x-timer: S1720912876.216526,VS0,VE195
etag: "7a2f2b4b29134ed55e3f8cae6bf7bfba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 32
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 213 KB
77 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02018a7173df638dfae7ac583a14176ea536b9c98cb0f2305cb9fbf13a3a4145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78391
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 23:21:16 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 227ms
67ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 13 Jul 2024 23:21:15 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CDB47C2A2E943BA8F83E75B7358518A Ref B: FRA31EDGE0514 Ref C: 2024-07-13T23:21:16Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14184

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 213 KB
77 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d565d92fb12fe8625a3c3363359a88162fb7904dfed7c58157a8ef59d5f242fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78394
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 23:21:16 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 50 KB
21 KB 143ms
74ms Script
application/javascript 3.163.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c119b77049ecf0c07ee46fa8e3b5b84251c36b526c33ca095ac0e463ac120558

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: gzip
via: 1.1 136293f2894c59a2f91cf08997c7140a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 21456
x-amz-cf-id: ewAhj-UoVkVdaZL_DE0K1ULy5JT8D7SigvqbjHQA3GjkPeS0XrXJkw==

GET
H2 200 collect-g.js Show response
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 105 KB
20 KB 159ms
48ms Script
application/x-javascript 13.32.23.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-43.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 12:32:58 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 125299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 20382
last-modified: Fri, 12 Jul 2024 12:32:30 GMT
server: AmazonS3
etag: "c8164200b1af114ca9af998ceedb1fc2"
content-type: application/x-javascript; charset=UTF-8
cache-control: max-age=604800,s-maxage=604800
accept-ranges: bytes
x-amz-cf-id: QltyVJ4mdLloXMBNcsZ5O6ShpsZlidmNs-pwD6fMW2Ym1fflMA4zqA==

GET
H2 200 everflow.js Show response
www.ibph4trk.com/scripts/sdk/ 60 KB
19 KB 308ms
150ms Script
text/javascript 34.107.199.247
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ibph4trk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.199.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 247.199.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1b593a3379b6ba352db1a3c7d7285544e796ff62e63bffc5dc42513e6a45577b

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 39c0660e-899f-42bd-8f27-18923120f0eb
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 153ms
43ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220025-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
77 KB 81ms
81ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12217290

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

487e27f7809351da82f29b188280a56bd3beaca4e2fe1d9826266734d0d3f9be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78475
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 23:21:16 GMT

GET
H2 200 gnsm8am7co Show response
www.clarity.ms/tag/ 1004 B
1 KB 372ms
220ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gnsm8am7co?ref=gtm2
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ea205edf02b207ff445b7b75251f60ae36552a7f69c627587162a2f1a39614e

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Sat, 13 Jul 2024 23:21:16 GMT
x-azure-ref: 20240713T232116Z-17c86fbf54dt9hnp8n2nknrdt8000000019g000000009vz1
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1004
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 291ms
140ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a2e0c74d63cc45bb42de1c2bc74dcb0765f05b4fe4df506244d6efbaafcba84b

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 5774ec5f
date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407132321162DBAD569A4B39D6E9B55-74BF23427A6C87F0-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=97
content-length: 2003
pragma: no-cache
server: nginx
x-tt-logid: 202407132321162DBAD569A4B39D6E9B55
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 97,2.20.179.79
x-tt-trace-host: 01734eee815fc8d31c5beea22a1f4e47bc3cf0218bb9b33f37ef426dcae9860bd92b11f359aa76bccdf127294e13d52c3e581412a5a24308cbe374f67f6b14fc47795dcef997e4f936d5f2627a172b99174fb39b1cc54a30b63d621c0d06b550e8
expires: Sat, 13 Jul 2024 23:21:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
77 KB 92ms
92ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-14028140

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd82855a8c381f05139971a540de326ef16c4183d63ff1eb795829cd0ef193ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78478
x-xss-protection: 0
last-modified: Sat, 13 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jul 2024 23:21:16 GMT

GET
H2

200

activityi;dc_pre=CKr_wYWUpYcDFU9ZHgIduOsGNg;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=2206555051322;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=1855242691;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
14028140.fls.doubleclick.net/ Frame 804B
Redirect Chain

https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=2206555051322;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=1855242691;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
https://14028140.fls.doubleclick.net/activityi;dc_pre=CKr_wYWUpYcDFU9ZHgIduOsGNg;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=2206555051322;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=185524269...

0
0

82ms
81ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14028140.fls.doubleclick.net/activityi;dc_pre=CKr_wYWUpYcDFU9ZHgIduOsGNg;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=2206555051322;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=1855242691;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 612
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 23:21:16 GMT
expires: Sat, 13 Jul 2024 23:21:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 23:21:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14028140.fls.doubleclick.net/activityi;dc_pre=CKr_wYWUpYcDFU9ZHgIduOsGNg;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=2206555051322;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=1855242691;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=2206555051322;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=1855242691;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ps...
ad.doubleclick.net/ 0
23 B 128ms
76ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=2206555051322;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=1855242691;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 23:21:16 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"10702870564746750725"}],"aggregatable_trigger_data":[{"filters":[{"14":["49526215"]}],"key_piece":"0x516572cc830c1d68","source_keys":["12","13","14","15","16","17","18","19","20","21","15113760","15113761","15113762","15113763","628842984","628842985","628842986","628842987","900147912","900147913","900147914","900147915"]},{"key_piece":"0x53ff238ab9339094","not_filters":{"14":["49526215"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15113760","15113761","15113762","15113763","628842984","628842985","628842986","628842987","900147912","900147913","900147914","900147915"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15113760":81,"15113761":81,"15113762":81,"15113763":7946,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628842984":54,"628842985":54,"628842986":54,"628842987":5297,"900147912":50,"900147913":50,"900147914":50,"900147915":4889},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"16590359183262301763","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10702870564746750725","filters":[{"14":["49526215"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"10702870564746750725","filters":[{"14":["49526215"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"10702870564746750725","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"10702870564746750725","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14028140"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CNbQwoWUpYcDFYtnHgIdp0wI7Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3116509141888;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=2092254846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
12217290.fls.doubleclick.net/ Frame CFD1
Redirect Chain

https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3116509141888;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=2092254846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
https://12217290.fls.doubleclick.net/activityi;dc_pre=CNbQwoWUpYcDFYtnHgIdp0wI7Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3116509141888;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=2092254846;...

0
0

80ms
79ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12217290.fls.doubleclick.net/activityi;dc_pre=CNbQwoWUpYcDFYtnHgIdp0wI7Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3116509141888;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=2092254846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 361
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 23:21:16 GMT
expires: Sat, 13 Jul 2024 23:21:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 23:21:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12217290.fls.doubleclick.net/activityi;dc_pre=CNbQwoWUpYcDFYtnHgIdp0wI7Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3116509141888;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=2092254846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3116509141888;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=2092254846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ 0
23 B 269ms
226ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3116509141888;npa=0;auiddc=1681258462.1720912876;ps=1;pcor=2092254846;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 23:21:16 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"10504544485164154161"}],"aggregatable_trigger_data":[{"filters":[{"14":["13301863"]}],"key_piece":"0x8a40cf9a7c89c911","source_keys":["12","13","14","15","16","17","18","19","20","21","634895880","634895881","634895882","634895883","634911120","634911121","634911122","634911123","900110928","900110929","900110930","900110931"]},{"key_piece":"0x6168c433d3cdbb84","not_filters":{"14":["13301863"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","634895880","634895881","634895882","634895883","634911120","634911121","634911122","634911123","900110928","900110929","900110930","900110931"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"634895880":93,"634895881":93,"634895882":93,"634895883":9081,"634911120":93,"634911121":93,"634911122":93,"634911123":9081,"900110928":109,"900110929":109,"900110930":109,"900110931":10594},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"5376307324191474383","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10504544485164154161","filters":[{"14":["13301863"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"10504544485164154161","filters":[{"14":["13301863"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"10504544485164154161","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"10504544485164154161","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12217290"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 135ms
46ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je4790v9176637411z8850445531za200zb850445531&_p=1720912875627&_gaz=1&gcs=G111&gcd=13v3v3v2v5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1262368279.1720912876&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720912876&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1325&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 23:21:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://saynotobald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 149ms
48ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-19QC860WB0&cid=1262368279.1720912876&gtm=45je4790v9176637411z8850445531za200zb850445531&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 23:21:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://saynotobald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 105ms
53ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-19QC860WB0&cid=1262368279.1720912876&gtm=45je4790v9176637411z8850445531za200zb850445531&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5&npa=0&frm=0&z=305398507

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 23:21:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 117ms
46ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je4790v9176637411z8850445531za200zb850445531&_p=1720912875627&gcs=G111&gcd=13v3v3v2v5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1262368279.1720912876&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1720912876&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=RG-VSL-variation1&_et=3&tfd=1344&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 23:21:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://saynotobald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c61ad1ca-f59a-4219-990e-b8a5d1118ab6.json Show response
tr.snapchat.com/config/com/ 117 B
401 B 281ms
146ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/c61ad1ca-f59a-4219-990e-b8a5d1118ab6.json?v=3.22.0-2407112346

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept: application/json
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://saynotobald.com
x-envoy-upstream-service-time: 94
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117

GET
H2 200 i
tr.snapchat.com/cm/ Frame 389B 0
0 182ms
49ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_scsid=641aae1e-2dd6-44f0-bbf0-7c340309e18a&u_sclid=e6982227-3fe4-4cfb-8a4f-e49dde336978

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://saynotobald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 Jul 2024 23:21:16 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
444 B 141ms
52ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&ev=PAGE_VIEW&intg=gtm&pids=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_c1=2dc06cad-742e-4edc-8e59-d034586df4c7&cdid=%40-dce13d70-1866-4178-ac51-c42537cd1959&u_sclid=e6982227-3fe4-4cfb-8a4f-e49dde336978&u_scsid=641aae1e-2dd6-44f0-bbf0-7c340309e18a&bg=false&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=755&m_fcps=775&m_pi=754&m_pl=0&m_pv=2&m_rd=1359&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&trackId=f33bb601-5a65-4bd3-942a-42a922021834&ts=1720912876369&v=3.22.0-2407112346

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 syncframe
gum.criteo.com/ Frame CD75 0
0 135ms
42ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=91644

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://saynotobald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 23:21:16 GMT
server: Kestrel
server-processing-duration-in-ticks: 356330
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 id Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 30 B
369 B 547ms
420ms XHR
text/plain 108.156.61.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.regrowhairformula.com
Requested by: Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-24.ams1.r.cloudfront.net
Software: /
Resource Hash: e6f69ea3ac0361c35852ce22258c954b47bd9297a6138f328923326864057abb

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
via: 1.1 7b80fdb7de25e1eb41eb907750147f34.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
alt-svc: h3=":443"; ma=86400
content-length: 30
apigw-requestid: a37NCgqjIAMEbng=
x-amz-cf-id: t4KiRvJQ07N68SwA6wRvEnAMN-0Dw6cCbwq2W7tK7_54nshpsu6buw==

GET
H2 200 137023477.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 68ms
68ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137023477.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b118f2d4b830c0175100311f130e16739b746a93b4be3e92f475b09f9ca857e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 13 Jul 2024 23:21:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CFE2E976FFF240CFA36975592E084E3C Ref B: FRA31EDGE0514 Ref C: 2024-07-13T23:21:16Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 300ms
160ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=895cacfe-a407-4369-a90f-24fbe62716c1&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=625365c3-0765-4f0b-81e5-2d60b33df1eb&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.30

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 117
date: Sat, 13 Jul 2024 23:21:16 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e0e8c364344fbdef
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: deeb13ad2c310880ce50238344ed3abaeeae2f4b1b5644a66274079744ff8858
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
722 B 357ms
232ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=895cacfe-a407-4369-a90f-24fbe62716c1&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=625365c3-0765-4f0b-81e5-2d60b33df1eb&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.30

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 190
date: Sat, 13 Jul 2024 23:21:16 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0207827a95a4038f
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 310fe131639ddd4883d4b13e91ab205d11f32beb4687a3871b59084636f3f581
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 126ms
39ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fsaynotobald.com&rl=&if=false&ts=1720912876430&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4124&fbp=fb.1.1720912876429.90518553965895600&pm=1&hrl=f9556c&ler=empty&cdl=API_unavailable&it=1720912876052&coo=false&cs_cc=1&cas=7881967401882351%2C7517427561716084%2C8443922588968707%2C26034578199519331%2C8141434192645646%2C7579772582137965%2C7380041312118141%2C5904082956382190%2C8012597892088465%2C7617628734960318%2C7776626955734231%2C7383496225079023%2C7377693012315080%2C7614754538545034%2C7510813242314237%2C6945292395551325%2C7553474568045692%2C7470405063049324%2C7421018521278531%2C7458278260953465%2C25405276682421135%2C7584915014861402%2C7112737342092811%2C6763574803742773%2C7339467549439646%2C7894091980641460%2C7544712445564313%2C6317318171714328%2C7662419700483096%2C25916332654632115%2C9519302044810334%2C5781673425258056%2C8032076670139991%2C7039146506197689%2C7609299599122216%2C9934289436642028%2C5735284416492337&rqm=GET

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2826, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Jul 2024 23:21:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 285ms
202ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fsaynotobald.com&rl=&if=false&ts=1720912876430&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4124&fbp=fb.1.1720912876429.90518553965895600&pm=1&hrl=f9556c&ler=empty&cdl=API_unavailable&it=1720912876052&coo=false&cs_cc=1&cas=7881967401882351%2C7517427561716084%2C8443922588968707%2C26034578199519331%2C8141434192645646%2C7579772582137965%2C7380041312118141%2C5904082956382190%2C8012597892088465%2C7617628734960318%2C7776626955734231%2C7383496225079023%2C7377693012315080%2C7614754538545034%2C7510813242314237%2C6945292395551325%2C7553474568045692%2C7470405063049324%2C7421018521278531%2C7458278260953465%2C25405276682421135%2C7584915014861402%2C7112737342092811%2C6763574803742773%2C7339467549439646%2C7894091980641460%2C7544712445564313%2C6317318171714328%2C7662419700483096%2C25916332654632115%2C9519302044810334%2C5781673425258056%2C8032076670139991%2C7039146506197689%2C7609299599122216%2C9934289436642028%2C5735284416492337&rqm=FGET

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x133f6278956a6805","source_keys":["1","2"]},{"key_piece":"0x4a420b46c48ed338","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 13 Jul 2024 23:21:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391264522989638518", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=15, mss=1297, tbw=3144, tp=-1, tpl=-1, uplat=159, ullat=0
pragma: no-cache
x-fb-debug: dNTOR4jbcxM0gqWWenA+/ISP0eJoMMlYxxS6PybHg7kPbjCVJ+61CpwZV6q3s57Ubn6blZLZnpY4uBIJP3OO+w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391264522989638518"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
284 B 121ms
39ms Fetch
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220121-FRA
date: Sat, 13 Jul 2024 23:21:16 GMT
via: 1.1 varnish
server: Varnish
observe-browsing-topics: ?1
x-timer: S1720912877.559452,VS0,VE0
x-cache: HIT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=2592000
accept-ranges: bytes
content-length: 65
retry-after: 0
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1423196/trc/3/ 2 KB
2 KB 64ms
54ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1423196/trc/3/json?tim=1720912876474&data=%7B%22id%22%3A400%2C%22ii%22%3A%22%2Fpresentation%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1720912876459%2C%22cv%22%3A%2220240704-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpurehealthresearch-sc-regrowhair-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1720912876474%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%22%2C%22tos%22%3A13%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d49dec104fd6d2d6240661b6dda155fc813136eaff5827fa353a1ce59433863

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms: 15
date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.0995
x-fastly-to-nlb-rtt: 7369
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220088-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1720912877.503088,VS0,VE15
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 137023477 Show response
www.clarity.ms/tag/uet/ 816 B
1 KB 128ms
127ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/137023477
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/137023477.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2646a4ca0d97dbe847401af3217144d362b45ae731a620a7d28863af5d33e594

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Sat, 13 Jul 2024 23:21:16 GMT
x-azure-ref: 20240713T232116Z-17c86fbf54dt9hnp8n2nknrdt8000000019g000000009vz2
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 816
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 204 0
bat.bing.com/action/ 0
178 B 63ms
63ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137023477&tm=gtm002&Ver=2&mid=ce1a56c4-9c12-4c9e-82a8-85187971bdc0&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=ReGrow&p=https%3A%2F%2Fsaynotobald.com%2Fpresentation&r=&lt=755&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=562251

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jul 2024 23:21:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F020E7980904EA7AA5B3F9C68A994FA Ref B: FRA31EDGE0514 Ref C: 2024-07-13T23:21:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWY4NzUyNDJiMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 342 KB
98 KB 41ms
41ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7524d3814c73c9f38883170328cc9be33ff3dc66fefcafeadabbb1fdbe4a5c33

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 5774ef4a
date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024071114285919B1C23CC364BE6B6419
x-tt-trace-id: 00-24071114285919B1C23CC364BE6B6419-048BC800730CAF7F-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0109e09e0e46cb881f6acc5dc7df275ecbcf582c82e264442a151a8a433b998e7db615c4d60a293452c4fbaa6a9fe8553cd050dd079cd68e808dcb06b9fee65330f4af9ef3b75ebab7913c44b0d9494e19bfcf091fbf0833eb0f92aff1f9f810bf
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=21
content-length: 99770

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 82ms
80ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/137023477
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240713T232116Z-17c86fbf54dt9hnp8n2nknrdt8000000019g000000009vz5
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: e688d2c9-101e-0065-0cb1-d2809f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 identify_a19ff03d.js Show response
analytics.tiktok.com/i18n/pixel/static/ 147 KB
39 KB 50ms
49ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_a19ff03d.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 075218352b10c9bbed538be75caf73f1011075caed59512ee8749889376a78ab

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 5774f235
date: Sat, 13 Jul 2024 23:21:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240711142901DDABBFEB802A70610116
x-tt-trace-id: 00-240711142901DDABBFEB802A70610116-3C6CA281AF325543-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ddc62799f4772ef1f34a272be44df8d7d031f8d05ded722c27879abb0f1120e6f3912675fb9b9392cd7e08fc5638eb652d843dec6438bd5e711fe07d05d3b66bad2f4fe8dc661fd0856aeba9c31bae27f6f515cad4fa893413fa23a094e76803
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 39581

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
698 B 173ms
172ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5774f24c
date: Sat, 13 Jul 2024 23:21:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240713232116FDC409C0277B066DCD71-48C5AA3FA7813EF8-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
server-timing: inner; dur=34, cdn-cache; desc=MISS, edge; dur=5, origin; dur=126
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240713232116FDC409C0277B066DCD71
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 126,2.20.179.79
x-tt-trace-host: 01734eee815fc8d31c5beea22a1f4e47bc3cf0218bb9b33f37ef426dcae9860bd99f1674ba39f2a951b9543a8e6ca1415d24130dbc8a6e6b19b7628d4f5ba81d6782d5c7d20e42d9855d3ab12764acdb6e7a202ba10aad6fa0b82a9ded6a9f8d31
access-control-allow-headers: Authorization,*
expires: Sat, 13 Jul 2024 23:21:16 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
44 B 227ms
185ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
279 B 384ms
127ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://saynotobald.com
Date: Sat, 13 Jul 2024 23:21:17 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 200 rt Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 514 B
885 B 296ms
296ms XHR
text/xml 108.156.61.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-24.ams1.r.cloudfront.net
Software: /
Resource Hash: 81a883d158e2e4ba7084bba2e994db2369689e2fc17b9ec889ec487fd0598941

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

date: Sat, 13 Jul 2024 23:21:17 GMT
via: 1.1 7b80fdb7de25e1eb41eb907750147f34.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amzn-requestid: 3a5cd935-b174-5059-9fd4-8638bf5963e4
x-cache: Miss from cloudfront
content-type: text/xml
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
alt-svc: h3=":443"; ma=86400
content-length: 514
apigw-requestid: a37NGgHpoAMEV2g=
x-amz-cf-id: HZPdZ5XD-HW4OFg_PcKZXdKxw8j_Be4Fu5QgsHITLNl1XscNqLK4hQ==

OPTIONS
H2 204 rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 0
0 47ms
43ms Preflight 108.156.61.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-24.ams1.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://saynotobald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 300
age: 67029
alt-svc: h3=":443"; ma=86400
apigw-requestid: a1XjxguiIAMES-Q=
date: Sat, 13 Jul 2024 04:44:07 GMT
via: 1.1 7b80fdb7de25e1eb41eb907750147f34.cloudfront.net (CloudFront)
x-amz-cf-id: 54un4U03kv2KCD0ZHAonnElCo5J8Hvr9gJ8AFxLQSnWDLUjKekhz4g==
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront

POST
H2 200 p
tr.snapchat.com/ 0
89 B 54ms
52ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Jul 2024 23:21:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://saynotobald.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
839 B 252ms
251ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2503119f.5774f66e
date: Sat, 13 Jul 2024 23:21:17 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407132321179EAD64D1B704896F37B8-385C9DA76E72DB43-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
x-parent-response-time: 205,2.20.179.79
server-timing: cdn-cache; desc=MISS, edge; dur=139, origin; dur=71, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202407132321179EAD64D1B704896F37B8
x-cache-remote: TCP_MISS from a23-32-16-93.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 71,23.32.16.93
x-tt-trace-host: 01734eee815fc8d31c5beea22a1f4e47bc9ced038ebb7d9f9af647569ea67420c21b1e36d2f8ddc462b351dcd1c4ea9a992092f14ec942097bb3d9fa0ce99200283aba1a1e77cf744b50a5f489527aa98d9998ee8a5238c5c07eafdb832b2c7429b1d5485b9229a4d1282001d693cd558d
access-control-allow-headers: Authorization,*
expires: Sat, 13 Jul 2024 23:21:17 GMT

GET
H/1.1 201
Created adnypeu
service3.purehealthresearch.com/ 0
0 346ms
113ms Fetch 134.209.162.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://service3.purehealthresearch.com/adnypeu
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Jul 2024 23:21:17 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Methods: GET

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6356C543D8F044BCAF68EBB598E35A01&RedC=c.clarity.ms&MXFR=24DC468004D06127214F523B00D06FBC
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6356C543D8F044BCAF68EBB598E35A01&MUID=2D4546DCD3A4650D34AC5267D22F64D6

42 B
441 B

59ms
59ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6356C543D8F044BCAF68EBB598E35A01&MUID=2D4546DCD3A4650D34AC5267D22F64D6
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 23:21:16 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 13 Jul 2024 23:21:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AFF9299249804E9299E972192A866043 Ref B: FRA31EDGE0514 Ref C: 2024-07-13T23:21:17Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6356C543D8F044BCAF68EBB598E35A01&MUID=2D4546DCD3A4650D34AC5267D22F64D6
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK favicon.png
saynotobald.com/img/ 547 B
840 B 115ms
115ms Other
image/png 161.35.48.155
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://saynotobald.com/img/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: saynotobald.com
Software: nginx / Express
Resource Hash: a47e8dfabfb472192c82c8d03cb2e526fd5c2cc53778c5460c7e6e25ee81b8c2

Request headers

Referer: https://saynotobald.com/presentation
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 23:21:17 GMT
Last-Modified: Wed, 30 Aug 2023 07:18:00 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"223-18a454e64f6"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 547

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 139ms
50ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saynotobald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:35:22 GMT
x-content-type-options: nosniff
age: 395155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:35:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://saynotobald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:41:41 GMT
x-content-type-options: nosniff
age: 394776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:41:41 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1423196/log/3/ 0
247 B 126ms
43ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=1564&scd=0&ssd=1&est=1720912876461&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1720912878024&vi=1720912876459&ri=3759f0aa14646ef91f84da4651694afb&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saynotobald.com/
Attribution-Reporting-Eligible: trigger
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://saynotobald.com
pragma: no-cache
date: Sat, 13 Jul 2024 23:21:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1423196/log/3/ Frame 0
0 177ms
42ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=1564&scd=0&ssd=1&est=1720912876461&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1720912878024&vi=1720912876459&ri=3759f0aa14646ef91f84da4651694afb&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://saynotobald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://saynotobald.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Sat, 13 Jul 2024 23:21:18 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
279 B 125ms
123ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://saynotobald.com
Date: Sat, 13 Jul 2024 23:21:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

OPTIONS
H2 200 unip
trc-events.taboola.com/1423196/log/3/ Frame 0
0 42ms
42ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=4564&scd=0&ssd=1&est=1720912876461&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1720912881025&vi=1720912876459&ri=3759f0aa14646ef91f84da4651694afb&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://saynotobald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://saynotobald.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Sat, 13 Jul 2024 23:21:21 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 204 unip Show response
trc-events.taboola.com/1423196/log/3/ 0
246 B 43ms
43ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=4564&scd=0&ssd=1&est=1720912876461&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1720912881025&vi=1720912876459&ri=3759f0aa14646ef91f84da4651694afb&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saynotobald.com/
Attribution-Reporting-Eligible: trigger
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://saynotobald.com
pragma: no-cache
date: Sat, 13 Jul 2024 23:21:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 49ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je4790v9176637411za200zb850445531&_p=1720912875627&gcs=G111&gcd=13v3v3v2v5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1262368279.1720912876&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1720912876&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=scroll&epn.percent_scrolled=90&_et=10&tfd=6344&_z=fetch
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY4NzUyNDJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 23:21:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://saynotobald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

event
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=pSPaj19BT0xyNjJBM0UlMkZJSlJ5ZWlGbXc4TXhucnRQYzNzcVpmMGt4R2tHbCUyQiUyRlclMkJuYndib2t4JTJGTlBZVW1CZnZOJTJGNWFqcjBJbW...
https://widget.us.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=pSPaj19BT0xyNjJBM0UlMkZJSlJ5ZWlGbXc4TXhucnRQYzNzcVpmMGt4R2tHbCUyQiUyRlclMkJuYndib2t4JTJGTlBZVW1CZnZOJTJGNWFqcjBJbW...

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.regrowhairformula.com
URL: https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel

Domain: widget.us.criteo.com
URL: https://widget.us.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=pSPaj19BT0xyNjJBM0UlMkZJSlJ5ZWlGbXc4TXhucnRQYzNzcVpmMGt4R2tHbCUyQiUyRlclMkJuYndib2t4JTJGTlBZVW1CZnZOJTJGNWFqcjBJbWMwUUxDM1hDS3Ixb0x1NnZrcG5sdGNYaHlWODU5U1VMZlRnSVQ0dUI4bFBzT1ZxQW9xQndzaWdQNWxkNk5aWVRPbyUyRkplOGxDZ1JjWmc3UjhJUSUyQjI4Q1BZY1FIUkh0RTRabzIyanprJTNE&sc=%7B%22fbp%22%3A%22fb.1.1720912876429.90518553965895600%22%2C%22ttp%22%3A%22VeO8Z44T57WMDkggOjxwrp4VIFg%22%7D&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation&ceid=29d32db0-84fe-43e1-a6ff-8dfb9f752b1d

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 22:03:19	Name: X-AB Value: 36dd05d2bc294b9fb123423652b78758
saynotobald.com/	1970-01-20 22:45:04	Name: variation_ab_t Value: RG-VSL-variation1_saynotobald.com_presentation_795
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: vGtFde1Nj5s
.youtube.com/	1970-01-21 02:21:04	Name: VISITOR_INFO1_LIVE Value: cqEvmcgwMHg
.youtube.com/	1970-01-21 02:21:04	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgZA%3D%3D
.saynotobald.com/	1970-01-21 00:11:28	Name: _gcl_au Value: 1.1.1681258462.1720912876
secure.regrowhairformula.com/	1970-01-20 22:11:57	Name: AWSALBCORS Value: IzXR6d55SkNXYo5AbNP4dW3y4I4dd0nPP5CvewBOMpWfg8+51T9msOqEBXx+TOBB+gKWkNCSGf9FsfloRULntzsQo7sgNniJrAboRTfh+uzCu/Frs11hwVFAN3do
.saynotobald.com/	1970-01-21 07:37:52	Name: _ga Value: GA1.1.1262368279.1720912876
.saynotobald.com/	1970-01-21 07:37:52	Name: _ga_19QC860WB0 Value: GS1.1.1720912876.1.0.1720912876.60.0.0
.saynotobald.com/	1970-01-21 07:31:39	Name: _scid Value: 2dc06cad-742e-4edc-8e59-d034586df4c7
.saynotobald.com/	1970-01-21 07:31:39	Name: _scid_r Value: 2dc06cad-742e-4edc-8e59-d034586df4c7
.saynotobald.com/	1970-01-21 00:11:28	Name: _fbp Value: fb.1.1720912876429.90518553965895600
.doubleclick.net/	1970-01-20 22:45:04	Name: ar_debug Value: 1
.criteo.com/	1970-01-21 07:23:28	Name: uid Value: 246cdb9c-c492-4a55-9120-37113e076bac
.criteo.com/	1970-01-21 07:23:28	Name: receive-cookie-deprecation Value: 1
.snapchat.com/	1970-01-21 07:23:28	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIAOfUc0DDFRxvSyVv8YljbMFUSAZS7D5iVlk4um25HvO92PoBjhZDpDIAAAA=
.doubleclick.net/	1970-01-21 02:21:04	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 07:23:28	Name: IDE Value: AHWqTUnBK5Z6ABjYePqdQWtVctKHaHnyYOkknkJJmGNnA6vI4Siw0bYSPe5zR6sOITE
.tiktok.com/	1970-01-21 07:23:28	Name: _ttp Value: 2jDDhuMMop4DQT59X0wHIHlao3D
.saynotobald.com/	1970-01-21 07:31:16	Name: cto_bundle Value: pSPaj19BT0xyNjJBM0UlMkZJSlJ5ZWlGbXc4TXhucnRQYzNzcVpmMGt4R2tHbCUyQiUyRlclMkJuYndib2t4JTJGTlBZVW1CZnZOJTJGNWFqcjBJbWMwUUxDM1hDS3Ixb0x1NnZrcG5sdGNYaHlWODU5U1VMZlRnSVQ0dUI4bFBzT1ZxQW9xQndzaWdQNWxkNk5aWVRPbyUyRkplOGxDZ1JjWmc3UjhJUSUyQjI4Q1BZY1FIUkh0RTRabzIyanprJTNE
www.clarity.ms/	1970-01-21 06:47:28	Name: CLID Value: 854632cbc7974f219d8275ab8527c6c5.20240713.20250713
.t.co/	1970-01-21 07:37:52	Name: muc_ads Value: f3cb8f24-d7c3-4784-9b42-4979832daf3c
.saynotobald.com/	1970-01-20 22:11:57	Name: _ScCbts Value: %5B%5D
.saynotobald.com/	1970-01-21 07:23:28	Name: _tt_enable_cookie Value: 1
.saynotobald.com/	1970-01-21 07:23:28	Name: _ttp Value: VeO8Z44T57WMDkggOjxwrp4VIFg
.twitter.com/	1970-01-21 07:37:52	Name: guest_id_marketing Value: v1%3A172091287662127162
.twitter.com/	1970-01-21 07:37:52	Name: guest_id_ads Value: v1%3A172091287662127162
.twitter.com/	1970-01-21 07:37:52	Name: personalization_id Value: "v1_Qe2U+vxc4tjcCTVHrPeqSg=="
.twitter.com/	1970-01-21 07:37:52	Name: guest_id Value: v1%3A172091287662127162
.saynotobald.com/	1970-01-21 06:47:28	Name: _clck Value: 1w70kzk%7C2%7Cfnf%7C0%7C1655
.saynotobald.com/	1970-01-21 06:47:28	Name: ucacid Value: 2099322654.750256
.saynotobald.com/	1970-01-20 22:03:19	Name: _clsk Value: vs5fj%7C1720912877269%7C1%7C1%7Co.clarity.ms%2Fcollect
.bing.com/	1970-01-21 07:23:28	Name: MUID Value: 2D4546DCD3A4650D34AC5267D22F64D6
.c.bing.com/	1970-01-20 22:11:57	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:23:28	Name: SRM_B Value: 2D4546DCD3A4650D34AC5267D22F64D6
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:23:28	Name: MUID Value: 2D4546DCD3A4650D34AC5267D22F64D6
.c.clarity.ms/	1970-01-20 22:11:57	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:01:53	Name: ANONCHK Value: 0
saynotobald.com/	1969-12-31 23:59:59	Name: /presentation:watchVideoTime:W2v6kmNiZhU Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12217290.fls.doubleclick.net
14028140.fls.doubleclick.net
ad.doubleclick.net
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.taboola.com
connect.facebook.net
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
o.clarity.ms
psb.taboola.com
region1.analytics.google.com
saynotobald.com
sc-static.net
secure.regrowhairformula.com
service3.purehealthresearch.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
tr6.snapchat.com
trc-events.taboola.com
trc.taboola.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.ibph4trk.com
www.youtube-nocookie.com
www.youtube.com
secure.regrowhairformula.com
widget.us.criteo.com
104.244.42.3
108.156.61.24
13.32.23.43
13.74.129.1
134.209.162.206
141.226.228.48
142.250.181.230
142.250.185.194
142.250.186.134
142.250.186.67
146.75.120.157
151.101.1.44
151.101.65.44
161.35.48.155
172.217.16.196
2.18.64.15
2001:4860:4802:32::36
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:806::200a
2a00:1450:4001:810::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c06::9b
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.163.248.4
34.107.199.247
35.190.43.134
52.152.143.207
93.184.221.165
02018a7173df638dfae7ac583a14176ea536b9c98cb0f2305cb9fbf13a3a4145
075218352b10c9bbed538be75caf73f1011075caed59512ee8749889376a78ab
1b593a3379b6ba352db1a3c7d7285544e796ff62e63bffc5dc42513e6a45577b
1cb6c54f7fb2cbb987bd5b2731aedef67ae08c5e40a31c693ce71b7ad78b2037
1eacd12f38b5d14257f48f6e513714ee0ed76a56bdc5c2eac3ca1aaf199dac78
2646a4ca0d97dbe847401af3217144d362b45ae731a620a7d28863af5d33e594
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
3ea205edf02b207ff445b7b75251f60ae36552a7f69c627587162a2f1a39614e
487e27f7809351da82f29b188280a56bd3beaca4e2fe1d9826266734d0d3f9be
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855
4cb1d2e8005383d8bb7353ea253c64401b3f565d026d59a910499d2387606b56
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
661cfda85ad984229ae21b7dae5b0703127c6feedd302d5d461610145699c3bc
6de8b8ecf06ae431e0aaa48646d237c3d91e7855ffbb3281e58a034f4d72b26a
7524d3814c73c9f38883170328cc9be33ff3dc66fefcafeadabbb1fdbe4a5c33
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
81a883d158e2e4ba7084bba2e994db2369689e2fc17b9ec889ec487fd0598941
8d49dec104fd6d2d6240661b6dda155fc813136eaff5827fa353a1ce59433863
8e7957d2930152fe815b50b888553d1052e6f08f33a46c970a8b2adce6bf1aa5
92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0
959802ecd585446526ac35462dde5e3bf431a34d4a7543a25fb8d3ea6cb785cb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2e0c74d63cc45bb42de1c2bc74dcb0765f05b4fe4df506244d6efbaafcba84b
a47e8dfabfb472192c82c8d03cb2e526fd5c2cc53778c5460c7e6e25ee81b8c2
a6b013c85873a3c03eaf24a04dc6043c8b390d9bd0dee4f0c1423a1d075bb42e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec4b73e2968e4c5dc38946313b49e535636b98675252ee526eb58d73d49bbdd
b118f2d4b830c0175100311f130e16739b746a93b4be3e92f475b09f9ca857e8
b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c119b77049ecf0c07ee46fa8e3b5b84251c36b526c33ca095ac0e463ac120558
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
cb34150905a3d5ae56c7b9d66a658a0ed0de85b1e9a41282e2e82c326831aec0
cd82855a8c381f05139971a540de326ef16c4183d63ff1eb795829cd0ef193ce
d565d92fb12fe8625a3c3363359a88162fb7904dfed7c58157a8ef59d5f242fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f69ea3ac0361c35852ce22258c954b47bd9297a6138f328923326864057abb
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd
fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0

saynotobald.com Open in urlscan Pro 161.35.48.155 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

95 %HTTPS

36 %IPv6

25 Domains

40 Subdomains

33 IPs

7 Countries

1395 kBTransfer

3612 kBSize

40 Cookies

0 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

saynotobald.com Open in urlscan Pro
161.35.48.155 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

95 %
HTTPS

36 %
IPv6

25
Domains

40
Subdomains

33
IPs

7
Countries

1395 kB
Transfer

3612 kB
Size

40
Cookies

74 HTTP transactions
0 data transactions