urlscan.io logo urlscan.io
SecurityTrails logo

saynotobald.com Open in urlscan Pro
161.35.48.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://saynotobald.com/0.020513894044262404
Effective URL: https://saynotobald.com/presentation
Submission: On April 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 6 countries across 25 domains to perform 67 HTTP transactions. The main IP is 161.35.48.155, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is saynotobald.com.
TLS certificate: Issued by R3 on March 23rd 2024. Valid for: 3 months.
This is the only time saynotobald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 161.35.48.155 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 34.192.168.123 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::e 44788 (ASN-CRITE...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.65.44 54113 (FASTLY)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 143.204.207.250 16509 (AMAZON-02)
1 13.32.23.228 16509 (AMAZON-02)
1 34.107.199.247 396982 (GOOGLE-CL...)
1 146.75.120.157 54113 (FASTLY)
3 2620:1ec:46::45 8075 (MICROSOFT...)
5 104.126.37.129 20940 (AKAMAI-ASN1)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 4 142.250.184.198 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
3 143.204.205.26 16509 (AMAZON-02)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
5 35.190.43.134 15169 (GOOGLE)
2 52.182.214.99 8075 (MICROSOFT...)
1 134.209.162.206 14061 (DIGITALOC...)
1 2 68.219.88.97 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 141.226.228.48 200478 (TABOOLA-AS)
67 31
6    161.35.48.155 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: saynotobald.com
saynotobald.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    34.192.168.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-168-123.compute-1.amazonaws.com
secure.regrowhairformula.com
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
www.youtube.com
2    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
4    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net
1    13.32.23.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-228.fra56.r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
1    34.107.199.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com
www.ibph4trk.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    104.126.37.129 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-129.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
14028140.fls.doubleclick.net
12217290.fls.doubleclick.net
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    143.204.205.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-26.fra53.r.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
2    52.182.214.99 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
g.clarity.ms
1    134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
service3.purehealthresearch.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
g.clarity.ms — Cisco Umbrella Rank: 41805
c.clarity.ms — Cisco Umbrella Rank: 1371
30 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
14028140.fls.doubleclick.net — Cisco Umbrella Rank: 532736
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
12217290.fls.doubleclick.net — Cisco Umbrella Rank: 484398
1 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
498 KB
6 saynotobald.com
saynotobald.com
357 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 892
tr6.snapchat.com — Cisco Umbrella Rank: 1341
1 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 709
155 KB
4 cloudfront.net
d9i5ve8f04qxt.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
21 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 337
c.bing.com — Cisco Umbrella Rank: 228
16 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 981
trc.taboola.com — Cisco Umbrella Rank: 732
trc-events.taboola.com — Cisco Umbrella Rank: 2504
24 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2941
386 B
3 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3701
gum.criteo.com — Cisco Umbrella Rank: 453
41 KB
2 gstatic.com
fonts.gstatic.com
48 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 66
69 KB
2 regrowhairformula.com
secure.regrowhairformula.com
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
84 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
3 KB
1 purehealthresearch.com
service3.purehealthresearch.com — Cisco Umbrella Rank: 312826
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 825
725 B
1 t.co
t.co — Cisco Umbrella Rank: 678
375 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7278
63 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
274 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 795
15 KB
1 ibph4trk.com
www.ibph4trk.com — Cisco Umbrella Rank: 833300
19 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1153
19 KB
1 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 3396
67 25
Domain Requested by
6 www.googletagmanager.com saynotobald.com
www.googletagmanager.com
6 saynotobald.com 1 redirects saynotobald.com
5 analytics.tiktok.com saynotobald.com
analytics.tiktok.com
4 tr.snapchat.com sc-static.net
saynotobald.com
3 d1pqvb2h9xgm7r.cloudfront.net d9i5ve8f04qxt.cloudfront.net
3 region1.analytics.google.com www.googletagmanager.com
3 www.clarity.ms saynotobald.com
www.clarity.ms
bat.bing.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
saynotobald.com
2 trc-events.taboola.com cdn.taboola.com
2 fonts.gstatic.com fonts.googleapis.com
2 c.clarity.ms 1 redirects
2 g.clarity.ms www.clarity.ms
2 12217290.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 14028140.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 dynamic.criteo.com www.googletagmanager.com
2 www.youtube.com saynotobald.com
www.youtube.com
2 secure.regrowhairformula.com saynotobald.com
secure.regrowhairformula.com
2 connect.facebook.net saynotobald.com
connect.facebook.net
2 fonts.googleapis.com saynotobald.com
1 tr6.snapchat.com sc-static.net
1 c.bing.com 1 redirects
1 service3.purehealthresearch.com saynotobald.com
1 gum.criteo.com dynamic.criteo.com
1 trc.taboola.com cdn.taboola.com
1 analytics.twitter.com saynotobald.com
1 t.co saynotobald.com
1 www.google.de saynotobald.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.facebook.com saynotobald.com
1 static.ads-twitter.com saynotobald.com
1 www.ibph4trk.com www.googletagmanager.com
1 d9i5ve8f04qxt.cloudfront.net www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 cdn.taboola.com www.googletagmanager.com
1 googleads.g.doubleclick.net saynotobald.com
1 www.google.com 1 redirects
1 www.youtube-nocookie.com saynotobald.com
67 37

This site contains no links.

Subject Issuer Validity Valid
saynotobald.com
R3		 2024-03-23 -
2024-06-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-09 -
2024-05-08		 3 months crt.sh
secure.regrowhairformula.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-11 -
2024-09-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-15 -
2024-07-10		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2024-04-30 -
2024-06-27		 2 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
p8btrk.com
Starfield Secure Certificate Authority - G2		 2023-11-30 -
2024-12-31		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-21 -
2025-02-20		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
service3.purehealthresearch.com
R3		 2024-04-05 -
2024-07-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://saynotobald.com/presentation
Frame ID: 307FE581EA3DB9DB3DC4AE18880327A4
Requests: 61 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: 96EE97D081B9DF36104A4A675A1D579E
Requests: 1 HTTP requests in this frame

Frame: https://14028140.fls.doubleclick.net/activityi;dc_pre=CMzb76f96oUDFTRwQQIdg1cNmw;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=3415634206370;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0z8850445531za201;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: AF32B8E2355C77115EC8E95B690DA87B
Requests: 1 HTTP requests in this frame

Frame: https://12217290.fls.doubleclick.net/activityi;dc_pre=CLft8Kf96oUDFfd1QQIdnnAAlw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2126860895127;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0z8850445531za201;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: 692E42BD98CF23D94CF394CAEDFF41C5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag
Frame ID: BA9ED87195CF65577378ECCB0594B7AC
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=ff96b3fa-4748-48ac-b1c5-1170f53eb9df&u_sclid=0e9f1452-21b8-4991-8552-8345f24229a5
Frame ID: E057DE2D789033CB72EB24A952C34263
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ReGrow

Page URL History Show full URLs

  1. http://saynotobald.com/0.020513894044262404 HTTP 307
    https://saynotobald.com/0.020513894044262404 HTTP 302
    https://saynotobald.com/presentation Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

67
Requests

97 %
HTTPS

47 %
IPv6

25
Domains

37
Subdomains

31
IPs

6
Countries

1403 kB
Transfer

3697 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://saynotobald.com/0.020513894044262404 HTTP 307
    https://saynotobald.com/0.020513894044262404 HTTP 302
    https://saynotobald.com/presentation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5&rnd=911763955.1714515863&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He44t0n81TDFXFQXv850445531za200&auid=812822607.1714515863 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&rnd=911763955.1714515863&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He44t0n81TDFXFQXv850445531za200&auid=812822607.1714515863
Request Chain 30
  • https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=3415634206370;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0z8850445531za201;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation HTTP 302
  • https://14028140.fls.doubleclick.net/activityi;dc_pre=CMzb76f96oUDFTRwQQIdg1cNmw;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=3415634206370;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0z8850445531za201;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Request Chain 34
  • https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2126860895127;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0z8850445531za201;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation HTTP 302
  • https://12217290.fls.doubleclick.net/activityi;dc_pre=CLft8Kf96oUDFfd1QQIdnnAAlw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2126860895127;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0z8850445531za201;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Request Chain 55
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E9CC9E3EB9E6425181AA9AC6641B930E&RedC=c.clarity.ms&MXFR=2A556821A16A69BA117A7C50A56A678D HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9CC9E3EB9E6425181AA9AC6641B930E&MUID=3F72AB8C216B65ED3735BFFD20B96483

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request presentation
saynotobald.com/
Redirect Chain
  • http://saynotobald.com/0.020513894044262404
  • https://saynotobald.com/0.020513894044262404
  • https://saynotobald.com/presentation
51 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
92e6be092ffeba16fdac9086a0d94d7bbadf8b7dcfa88d515491607c96cdbe1b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Apr 2024 22:24:22 GMT
ETag
W/"ca22-Qb59cBar4hLcxu2Od2d+pXumEEU"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express

Redirect headers

Connection
keep-alive
Content-Length
70
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Apr 2024 22:24:21 GMT
Location
/presentation
Server
nginx
Vary
Accept
X-Powered-By
Express
pageNotFound
true
css2
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 21:00:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Apr 2024 22:24:22 GMT
css2
fonts.googleapis.com/ 		32 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 20:57:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Apr 2024 22:24:22 GMT
gtm.js
www.googletagmanager.com/ 		363 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d27cfcc84fba5973405a634ee6da304d84e57744582a6e101b86e7cfcfe2ae74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109605
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 21:16:50 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 22:24:22 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
713601c1e3e76d39801d007a718d2b536a7a081e31a51f22e99ff96d58e988e2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Apr 2024 22:24:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57855
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1326, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
0zO0TS05cIAnL+cQqxou540vgoOra73+o0M8wpPHloNc+WxEvpVZLIjNP87u/P1e8C5PJVOaPY+RwB1IsEdRFA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
play-img-d.gif
saynotobald.com/img/video/ 		302 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/video/play-img-d.gif
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/presentation
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 22:24:22 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"4b87a-18a454e656e"
Content-Type
image/gif
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
309370
UCAffiliateNetworkPixel
secure.regrowhairformula.com/cgi-bin/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.168.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-168-123.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bde2472a76e01f194919d637e205051b6e966692237a60d113e3bd7c130bf25b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
857
UVHnhOaw7F0
www.youtube-nocookie.com/embed/ Frame 96EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 22:24:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iframe_api
www.youtube.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ed3604f56f1342bcd501dcbdee76a08c719f6d0f1dc2d3b11f0dcc2786eaba3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 30 Apr 2024 22:24:22 GMT
dr-holly.png
saynotobald.com/img/featured-on/holly/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/featured-on/holly/dr-holly.png
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/presentation
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 22:24:22 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"3a1c-18a454e64f6"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14876
featured-logo.svg
saynotobald.com/img/featured-on/holly/ 		65 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/featured-on/holly/featured-logo.svg
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/presentation
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 22:24:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"104e7-18a454e64f6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
www-widgetapi.js
www.youtube.com/s/player/5d0dbf62/www-widgetapi.vflset/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5d0dbf62/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fab1dbe30e8ff5b2b88f3175638cee6011f8c5ec952a555216436ca3045cd5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 16:07:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
22611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68202
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 04:21:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Apr 2025 16:07:31 GMT
810524130072458
connect.facebook.net/signals/config/ 		131 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/810524130072458?v=2.9.154&r=stable&domain=saynotobald.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d9b027c4eda90bfc485cfbb1fd2269a25e049510b2ee40d2af18128ec3275bd2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Apr 2024 22:24:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=6, c=46, mss=1326, tbw=63240, tp=-1, tpl=-1, uplat=226, ullat=0
pragma
public
x-fb-debug
Hxvu4yxIEY9oaUBhN0zE0EpDqFkIybmsk9w9oKFFzYzj5hc8R9CxhxlAvjAQd4FVGRw33a8WQRFK13ASeE4SOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ld.js
dynamic.criteo.com/js/ld/ 		47 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=91644
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fc9735897fa31a7a6894132760617fcadb6a8cc47ac860e7e6d92a1aa0a5119a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ld.js
dynamic.criteo.com/js/ld/ 		47 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=92347
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aaad9cdbda8cca98466dd82cf2654ae8cb05cf4dad11faabfb2ffd777e1f37f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5&rnd=911763955.1714515863&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He44t0n81TDFXFQXv850445531za...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&rnd=911763955.1714515863&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He44t0n81TDFXFQ...
42 B
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&rnd=911763955.1714515863&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He44t0n81TDFXFQXv850445531za200&auid=812822607.1714515863
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 22:24:23 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Apr 2024 22:24:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&rnd=911763955.1714515863&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He44t0n81TDFXFQXv850445531za200&auid=812822607.1714515863
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		320 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db8f2e225a032bb3b6e964e9dfe4b63752a8aee7d416eef78a8d379d56882528
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106816
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Apr 2024 22:24:22 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1423196/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b95405d3b5edc1f03fc3bf63aa85cd490a394c7a1273b318c885a1b181a6feb6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ECL1O6lLN672C0qwusQDCO.WdbY4fm8W
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Apr 2024 22:24:22 GMT
x-amz-request-id
EVJZXVV69PDNHG3J
age
113
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21524
x-amz-id-2
6cc8aMbSHCEARsNEvO1oxaGglrggG6nfKYtcjhX3AWicFGZW3oMVKWIkFlRL1t15y3tGae5Nj50=
x-served-by
cache-fra-etou8220153-FRA
last-modified
Sun, 28 Apr 2024 11:03:33 GMT
server
AmazonS3
x-timer
S1714515863.975486,VS0,VE1
etag
"a1903718d36f6b10ce98686fa801d051"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
75
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
destination
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b47cd90e221d63f941ddee790e511af834b2d041e43e4ff8544544fb3809a922
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73019
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 22:24:22 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 30 Apr 2024 22:24:22 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 45FAFC98B0C644BC8E6E7A26B54A9630 Ref B: FRAEDGE1215 Ref C: 2024-04-30T22:24:22Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
scevent.min.js
sc-static.net/ 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
dac99c71e943d58b4fac29e7bed45da2fc55ceec4d6627ecce863dec95a520aa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
gzip
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
19396
x-amz-cf-id
dSDjvCiFuicZ7PSiqOGHVatwFdGV7frccOoqXwW_SxQ-15M6rWcXbA==
destination
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52dafce67c64d7f461ab63eb02f4e92c8282940ba64b7523f6d101484e4e30b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73018
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 22:24:22 GMT
collect-g.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 		104 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-228.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fb3750248c24cf121b03396975be700ccbb285975ca23e963ba841f43c9e7d9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 05:47:11 GMT
content-encoding
gzip
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
491832
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
20193
last-modified
Tue, 16 Apr 2024 12:57:02 GMT
server
AmazonS3
etag
"f25aded1a2c0dc3e4131354d7a639683"
content-type
application/x-javascript; charset=UTF-8
cache-control
max-age=604800,s-maxage=604800
accept-ranges
bytes
x-amz-cf-id
kH6mvXkw3MTSjS8MaOd7vy0co5e72dRl5ZmDISlLHBlMxlEdwK9OXA==
everflow.js
www.ibph4trk.com/scripts/sdk/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibph4trk.com/scripts/sdk/everflow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.199.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.199.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ee5b11761bd4ac602a13816b6d26cef5323ccf591f80b06a44273b7c6ae0a6b5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:23 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server
nginx
vary
Origin
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
e618521b-f1ff-4c66-9654-7f98b019a499
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220067-FRA
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-12217290
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3cf1f0e6af39d597e60148644cca7ab32bde23d0cf590926bc68aca784dd2ae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73062
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 22:24:22 GMT
gnsm8am7co
www.clarity.ms/tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/gnsm8am7co?ref=gtm2
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
66eca83e20680621377ece780d242d87aeef35c390fbbae7474766d27c5af346

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Tue, 30 Apr 2024 22:24:23 GMT
x-azure-ref
20240430T222422Z-15ff4544644p48ncw8t17m2sfc0000000h70000000004hbe
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1034
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b12d0736732b7112f0286999653f1bbf491b1bf35e4ed2459baf477fa22d8d3d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
26fd43f5.309df1cd
date
Tue, 30 Apr 2024 22:24:23 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2404302224234372EAE371659CC53010-1F7622179A2492B4-00
x-cache
TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time
97,104.126.37.125
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=8, inner; dur=4
content-length
1836
pragma
no-cache
server
nginx
x-tt-logid
202404302224234372EAE371659CC53010
x-cache-remote
TCP_MISS from a23-220-106-197.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.220.106.197
x-tt-trace-host
01fff9f511e5dd0600ae990b07761ca2581c839f21e1be54630cfd0581cdeb7a9df8087db92e3d1556aa0a693bb0d199b3335e12b840db75bd48e7fa3f6267482b018a12f86c2d28529210a61481194aefdc4abd85ba8d0f4c167eac61664144bdf8d91b04873ed6466afbba484336932c
expires
Tue, 30 Apr 2024 22:24:23 GMT
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14028140
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c25c59f2dd16b6ba07fc883a07bd70be8f5c90f0fb1d245b74ff8b426b81676a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73065
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 22:24:22 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fsaynotobald.com&rl=&if=false&ts=1714515862913&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4124&fbp=fb.1.1714515862910.1952671432&pm=1&hrl=f9556c&ler=empty&cdl=API_unavailable&it=1714515862584&coo=false&cs_cc=1&cas=8012597892088465%2C7617628734960318%2C7776626955734231%2C7377693012315080%2C7614754538545034%2C7510813242314237%2C7835956749783920%2C6945292395551325%2C7553474568045692%2C7421018521278531%2C7458278260953465%2C7584915014861402%2C7112737342092811%2C6763574803742773%2C7339467549439646%2C7894091980641460%2C7544712445564313%2C6317318171714328%2C7601387073256533%2C7662419700483096%2C25916332654632115%2C9519302044810334%2C5781673425258056%2C8032076670139991%2C7039146506197689%2C7609299599122216%2C9934289436642028%2C5735284416492337&rqm=GET
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1326, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Apr 2024 22:24:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
UCAffiliateNetworkPixel
secure.regrowhairformula.com/cgi-bin/ 		0
377 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel?t=0.7728749908020942&r=&u=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Requested by
Host: secure.regrowhairformula.com
URL: https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.192.168.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-168-123.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:23 GMT
content-length
0
server
Apache
activityi;dc_pre=CMzb76f96oUDFTRwQQIdg1cNmw;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=3415634206370;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%25...
14028140.fls.doubleclick.net/ Frame AF32
Redirect Chain
  • https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=3415634206370;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle...
  • https://14028140.fls.doubleclick.net/activityi;dc_pre=CMzb76f96oUDFTRwQQIdg1cNmw;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=3415634206370;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14028140.fls.doubleclick.net/activityi;dc_pre=CMzb76f96oUDFTRwQQIdg1cNmw;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=3415634206370;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0z8850445531za201;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
633
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 22:24:23 GMT
expires
Tue, 30 Apr 2024 22:24:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 22:24:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://14028140.fls.doubleclick.net/activityi;dc_pre=CMzb76f96oUDFTRwQQIdg1cNmw;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=3415634206370;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0z8850445531za201;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je44t0v9176637411z8850445531za200&_p=1714515862190&_gaz=1&gcs=G111&gcd=13v3v3v2v5&npa=0&dma_cps=sypham&dma=1&cid=1329155966.1714515863&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714515863&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1484
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 22:24:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-19QC860WB0&cid=1329155966.1714515863&gtm=45je44t0v9176637411z8850445531za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13v3v3v2v5&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 22:24:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-19QC860WB0&cid=1329155966.1714515863&gtm=45je44t0v9176637411z8850445531za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13v3v3v2v5&npa=0&z=1511124719
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 22:24:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CLft8Kf96oUDFfd1QQIdnnAAlw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2126860895127;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520...
12217290.fls.doubleclick.net/ Frame 692E
Redirect Chain
  • https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2126860895127;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2...
  • https://12217290.fls.doubleclick.net/activityi;dc_pre=CLft8Kf96oUDFfd1QQIdnnAAlw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2126860895127;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=C...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12217290.fls.doubleclick.net/activityi;dc_pre=CLft8Kf96oUDFfd1QQIdnnAAlw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2126860895127;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0z8850445531za201;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
391
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 22:24:23 GMT
expires
Tue, 30 Apr 2024 22:24:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 22:24:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12217290.fls.doubleclick.net/activityi;dc_pre=CLft8Kf96oUDFfd1QQIdnnAAlw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2126860895127;npa=0;auiddc=812822607.1714515863;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0z8850445531za201;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je44t0v9176637411z8850445531za200&_p=1714515862190&gcs=G111&gcd=13v3v3v2v5&npa=0&dma_cps=sypham&dma=1&cid=1329155966.1714515863&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1714515863&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=RG-VSL-control&_et=2&tfd=1564
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 22:24:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/1/i/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=d4f579f2-0d04-4a00-ade0-7c767384c02e&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6687b037-4752-458e-8c91-e28ad26de2e9&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.30
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
103
date
Tue, 30 Apr 2024 22:24:22 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
4b0627015582dc8a
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
f8bda2bde2651171dfc3de611207b77c97b57092773a9b8e50a2c95616701fa0
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=d4f579f2-0d04-4a00-ade0-7c767384c02e&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6687b037-4752-458e-8c91-e28ad26de2e9&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.30
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
168
date
Tue, 30 Apr 2024 22:24:23 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
f89796ebcd0bd2ae
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
fb044614c4a865306ab3fc6568460d060985af01616d5ed7507f10188e3b11cc
content-length
43
json
trc.taboola.com/1423196/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1423196/trc/3/json?tim=1714515863192&data=%7B%22id%22%3A730%2C%22ii%22%3A%22%2Fpresentation%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1714515863180%2C%22cv%22%3A%2220240425-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpurehealthresearch-sc-regrowhair-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1714515863191%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%22%2C%22tos%22%3A9%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e67bbd2757fb2d59a2a14db400333dc35a38524995516b28d52f3d6a780f602

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
17
date
Tue, 30 Apr 2024 22:24:23 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.16075
x-fastly-to-nlb-rtt
7465
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220153-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1714515863.214592,VS0,VE17
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
id
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		30 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.regrowhairformula.com
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-26.fra53.r.cloudfront.net
Software
/
Resource Hash
0217666eb00dbf61204f1b64340ead9f9388a15f1ea46252e33feb1bb8371050

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:23 GMT
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
content-length
30
apigw-requestid
XD5fuhnIoAMEa8A=
x-amz-cf-id
TFVXI24DhZkW4Ndv5_JBngqORof7Zd1cmiBO3V_hZnJL5mgo1HKU2Q==
syncframe
gum.criteo.com/ Frame BA9E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=91644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 30 Apr 2024 22:24:22 GMT
server
Kestrel
server-processing-duration-in-ticks
380375
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
137023477.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137023477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
13f3ee954b3c1d3371bccff14f8c7cb5917a4b273204da1da60270922f8929a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Tue, 30 Apr 2024 22:24:22 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 57313198E67C4F128D47E2A319C408FE Ref B: FRAEDGE1215 Ref C: 2024-04-30T22:24:23Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137023477&tm=gtm002&Ver=2&mid=874e45e2-6e74-4dd1-8456-db4639640b93&sid=656552f0074011efb0a2614b7dea52a2&vid=65656a50074011ef960993769f29c689&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=ReGrow&p=https%3A%2F%2Fsaynotobald.com%2Fpresentation&r=&lt=783&evt=pageLoad&sv=1&rn=154947
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Apr 2024 22:24:22 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6CA54B0FDB12491ABD89CA6F02432F1B Ref B: FRAEDGE1215 Ref C: 2024-04-30T22:24:23Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
21444b75-45eb-4207-bb22-dc5f286db86b.js
tr.snapchat.com/config/com/ 		191 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/21444b75-45eb-4207-bb22-dc5f286db86b.js?v=3.16.0-2404242003
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
54c860425376e024f620c98640ebf9012b8542df33a5e482eb618bc9d6fa8bee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Origin
https://saynotobald.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://saynotobald.com
x-envoy-upstream-service-time
93
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
i
tr.snapchat.com/cm/ Frame E057 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=ff96b3fa-4748-48ac-b1c5-1170f53eb9df&u_sclid=0e9f1452-21b8-4991-8552-8345f24229a5
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 30 Apr 2024 22:24:23 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
p
tr.snapchat.com/ 		68 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=21444b75-45eb-4207-bb22-dc5f286db86b&ev=PAGE_VIEW&intg=gtm&pids=21444b75-45eb-4207-bb22-dc5f286db86b&u_c1=cce850ae-5061-4d19-8ebd-54d59579d912&u_sclid=0e9f1452-21b8-4991-8552-8345f24229a5&u_scsid=ff96b3fa-4748-48ac-b1c5-1170f53eb9df&bt=1d53c387&d_a=x86&d_bvs=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.78%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.78%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&d_os=10.0.0&d_ot=Win32&df=true&huah=true&m_dcl=783&m_fcps=835&m_pi=783&m_pl=0&m_pv=2&m_rd=1652&m_sh=1200&m_sl=1&m_sw=1600&pl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&trackId=24d18bc8-fe64-4e74-9c36-f2d8c2179165&ts=1714515863235&v=3.16.0-2404242003
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gnsm8am7co?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 22:24:23 GMT
content-encoding
br
last-modified
Tue, 30 Apr 2024 06:11:34 GMT
etag
W/"0x8DC68DC630B7AEC"
vary
Accept-Encoding
x-azure-ref
20240430T222423Z-15ff4544644p48ncw8t17m2sfc0000000h70000000004hcu
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d56441e1-601e-0050-3612-9bec8b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
main.MTIyYzc3NzllMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		431 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
309df4a5
date
Tue, 30 Apr 2024 22:24:23 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202404190410088E00BF63830C7BA728C8
x-tt-trace-id
00-2404190410088E00BF63830C7BA728C8-0E91932628B856AE-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0148ea8f6469076c148a25409a9f9e4ae9b245c035b8fb8535ab414287ba0c22d193a38e7cf122606f7ec813b4f481a18a1121898862eef058e5e27c8a281a09203a903010a85a197f085ac3f7e2062958d427fa5f02fac0675e453cc7efb9c1bd
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
116133
137023477
www.clarity.ms/tag/uet/ 		896 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/137023477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/137023477.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2ab7d36b48d3071eacc2e7e54825e1f524b0eab50e4a352b021dfceef2cfa25

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Tue, 30 Apr 2024 22:24:23 GMT
x-azure-ref
20240430T222423Z-15ff4544644p48ncw8t17m2sfc0000000h70000000004hcv
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
896
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
g.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://saynotobald.com
Date
Tue, 30 Apr 2024 22:24:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
identify_c26a2.js
analytics.tiktok.com/i18n/pixel/static/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_c26a2.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
309df83e
date
Tue, 30 Apr 2024 22:24:23 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202404190410088E00BF63830C7BA728D9
x-tt-trace-id
00-2404190410088E00BF63830C7BA728D9-0E91932628B859BE-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0148ea8f6469076c148a25409a9f9e4ae9b245c035b8fb8535ab414287ba0c22d193a38e7cf122606f7ec813b4f481a18a1121898862eef058e5e27c8a281a09203a903010a85a197f085ac3f7e20629585931eb661dd27e912e1461d79547a42d
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
37305
pixel
analytics.tiktok.com/api/v2/ 		0
705 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
309df8f2
date
Tue, 30 Apr 2024 22:24:23 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2404302224233B41D49C81CABFBCFB81-16B2B423852FCD5E-00
x-cache
TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing
inner; dur=33, cdn-cache; desc=MISS, edge; dur=9, origin; dur=120
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202404302224233B41D49C81CABFBCFB81
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
121,104.126.37.125
x-tt-trace-host
01fff9f511e5dd0600ae990b07761ca2581c839f21e1be54630cfd0581cdeb7a9d1a9d43cd6844de7c588c9a2feb123f7762921b0e8d134f9f53983b499e4049e17c82625d8517d1137c1b758c86bf3fb93535def696f54359959cf0a7c969b13f
access-control-allow-headers
Authorization,*
expires
Tue, 30 Apr 2024 22:24:23 GMT
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-26.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://saynotobald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
61733
alt-svc
h3=":443"; ma=86400
apigw-requestid
XBix5hgPoAMEVUA=
date
Tue, 30 Apr 2024 05:15:30 GMT
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
0ANOPO5WOepVgpZgbAtPBBtRAhrcACfd_TmHRxE_idhiJY6iWihjpQ==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		512 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-26.fra53.r.cloudfront.net
Software
/
Resource Hash
210dc0fe32fc0fccdeea9800606b445ff34c3a2511380f6d1f648704fbf548cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 30 Apr 2024 22:24:24 GMT
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
4f89671c-19a7-5e0a-96b8-39b7687f5a09
x-cache
Miss from cloudfront
content-type
text/xml
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
content-length
512
apigw-requestid
XD5f0ixPIAMEaDg=
x-amz-cf-id
BP99jvX2G7MoSXYNyP2C41WoO5KTaNs9CgP1fSCHLspRxG1upWFGzA==
adnypeu
service3.purehealthresearch.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service3.purehealthresearch.com/adnypeu
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 30 Apr 2024 22:24:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Access-Control-Allow-Methods
GET
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E9CC9E3EB9E6425181AA9AC6641B930E&RedC=c.clarity.ms&MXFR=2A556821A16A69BA117A7C50A56A678D
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9CC9E3EB9E6425181AA9AC6641B930E&MUID=3F72AB8C216B65ED3735BFFD20B96483
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9CC9E3EB9E6425181AA9AC6641B930E&MUID=3F72AB8C216B65ED3735BFFD20B96483
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 22:24:23 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 30 Apr 2024 22:24:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BCC542BB4A43414FA95B3AE152179281 Ref B: FRAEDGE1215 Ref C: 2024-04-30T22:24:24Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9CC9E3EB9E6425181AA9AC6641B930E&MUID=3F72AB8C216B65ED3735BFFD20B96483
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.png
saynotobald.com/img/ 		547 B
840 B 		Other
General
Check archive.org
Download Go to
Full URL
https://saynotobald.com/img/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
a47e8dfabfb472192c82c8d03cb2e526fd5c2cc53778c5460c7e6e25ee81b8c2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/presentation
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 22:24:23 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"223-18a454e64f6"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
547
p
tr6.snapchat.com/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 30 Apr 2024 22:24:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
via
1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
act
analytics.tiktok.com/api/v2/pixel/ 		0
842 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
38eaf39.309dfb4e
date
Tue, 30 Apr 2024 22:24:24 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2404302224244CA821F8B08CF3C059B2-2BE7D8AB9E111D9A-00
x-cache
TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time
121,104.126.37.125
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=36, inner; dur=33
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202404302224244CA821F8B08CF3C059B2
x-cache-remote
TCP_MISS from a23-52-15-112.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
36,23.52.15.112
x-tt-trace-host
01fff9f511e5dd0600ae990b07761ca2581c839f21e1be54630cfd0581cdeb7a9de4d1789375ede7f4c9f31102def1e509b5bf543ade21a4708db931797205f0af253b165e301bd580a4115743826b3bd8d93f1eb1852355e4074df5c85010937317275dbb059e8c8b05669e0329d9003c
access-control-allow-headers
Authorization,*
expires
Tue, 30 Apr 2024 22:24:24 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://saynotobald.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 17:34:04 GMT
x-content-type-options
nosniff
age
103820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Apr 2025 17:34:04 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://saynotobald.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:28:14 GMT
x-content-type-options
nosniff
age
50170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 08:28:14 GMT
p
tr.snapchat.com/ 		0
89 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 30 Apr 2024 22:24:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://saynotobald.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
g.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://saynotobald.com
Date
Tue, 30 Apr 2024 22:24:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
unip
trc-events.taboola.com/1423196/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=1636&scd=0&ssd=1&est=1714515863182&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1714515864817&vi=1714515863180&ri=a77571694e0070b5151de073d083fab8&ref=null&cv=20240425-11-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://saynotobald.com
pragma
no-cache
date
Tue, 30 Apr 2024 22:24:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1423196/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=4637&scd=0&ssd=1&est=1714515863182&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1714515867819&vi=1714515863180&ri=a77571694e0070b5151de073d083fab8&ref=null&cv=20240425-11-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://saynotobald.com
pragma
no-cache
date
Tue, 30 Apr 2024 22:24:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je44t0v9176637411za200&_p=1714515862190&gcs=G111&gcd=13v3v3v2v5&npa=0&dma_cps=sypham&dma=1&cid=1329155966.1714515863&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=3&sid=1714515863&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=scroll&epn.percent_scrolled=90&_et=50&tfd=6565
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 22:24:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| dataLayer function| fbq function| _fbq object| lazySizesConfig object| lazySizes function| init function| adjustVideoPlayerSize function| onYouTubeIframeAPIReady function| getVideoStartTime function| onProgress function| updateTime function| setTapImageSource function| showTapImage function| hideTapImage function| showNextStepButton function| videoChangeGo function| handleKeyboardEvent function| isFacebookApp function| smoothScrollTo function| calculateScrollTopPosition function| showCookiesBanner function| acceptCookies function| setCookie function| getCookie function| toOrderForm object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableIframeDefaultReferrerPolicy function| onYTReady object| google_tag_manager object| google_tag_data object| __tfa_pixel_init object| _tfa function| snaptr function| twq function| clarity string| TiktokAnalyticsObject object| ttq object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| ucAnpFailback function| ucRemoveBadMacros function| ucAnpCallback object| gaGlobal object| Criteo object| criteo_q object| regeneratorRuntime object| twttr function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| UET function| UET_init function| UET_push object| TimeMe boolean| _ucaloaded string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent object| _uca number| c_start function| ucaEvent boolean| ucaInit object| _scPxHelper object| _scPxTeller object| ueto_d91fe56fc6 object| uetq object| EF function| gtag object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| clarityuetq

40 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 24b5be485c2747719f2dadcc8288a94b
saynotobald.com/ Name: variation_ab_t
Value: RG-VSL-control_saynotobald.com_presentation_728
.youtube.com/ Name: YSC
Value: DL_RdE1J_P0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: J1i6oBedVng
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgRg%3D%3D
.saynotobald.com/ Name: _gcl_au
Value: 1.1.812822607.1714515863
.saynotobald.com/ Name: _fbp
Value: fb.1.1714515862910.1952671432
.saynotobald.com/ Name: _ga
Value: GA1.1.1329155966.1714515863
secure.regrowhairformula.com/ Name: AWSALBCORS
Value: Ing1Iw0gi4XkJolJIp6d/4D88VVODEtMZUCPuAgKpiEwDTJ4Bb7nz3z1AER8F3ohk8QZhmW3ggPH/w3ynxQuMPHUO+52NEhVqiS7AxuG3d5hTykMPOhUpFja4zuQ
.saynotobald.com/ Name: _ga_19QC860WB0
Value: GS1.1.1714515863.1.0.1714515863.60.0.0
www.clarity.ms/ Name: CLID
Value: 16ad877b775f4b0a8c26b1c27d6bc199.20240430.20250430
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.saynotobald.com/ Name: _scid
Value: cce850ae-5061-4d19-8ebd-54d59579d912
.saynotobald.com/ Name: _scid_r
Value: cce850ae-5061-4d19-8ebd-54d59579d912
.tiktok.com/ Name: _ttp
Value: 2fq5eayX2axsLBisVWtgk7COBCW
.doubleclick.net/ Name: IDE
Value: AHWqTUk6arFlo0ubWiR84lnt2S6MwF-QvuAXRqmPZRhkyHPUnMO8zFG3ovDb9GUZoeM
.saynotobald.com/ Name: _uetsid
Value: 656552f0074011efb0a2614b7dea52a2
.saynotobald.com/ Name: _uetvid
Value: 65656a50074011ef960993769f29c689
.bing.com/ Name: MUID
Value: 3F72AB8C216B65ED3735BFFD20B96483
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQyEJK3pnUcQXHz/ac6a9veOQocsJ8KsTblUq8g100SpAPN39UMNcnMgAAAA==
.saynotobald.com/ Name: _clck
Value: 1jyclk6%7C2%7Cfld%7C0%7C1581
.t.co/ Name: muc_ads
Value: da13dc04-37a3-4514-8540-e63119910bd0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: fdd754a1-64ad-46dd-8bfe-6877b94efe45
.twitter.com/ Name: guest_id_marketing
Value: v1%3A171451586339823573
.twitter.com/ Name: guest_id_ads
Value: v1%3A171451586339823573
.twitter.com/ Name: personalization_id
Value: "v1_lL9qMjYoS2bY9jNNzFKSgg=="
.twitter.com/ Name: guest_id
Value: v1%3A171451586339823573
.saynotobald.com/ Name: _tt_enable_cookie
Value: 1
.saynotobald.com/ Name: _ttp
Value: R6LmY6aUHOgQx99mfEtfYuk-uSe
.saynotobald.com/ Name: cto_bundle
Value: 4DT7o19VRSUyQmhXbVRhb3BheGV3VUJCYzd3T3Nmb3c4aGRoRGJlMzhib2x0WTM4OTdpVW9DQVlwQVM3cEs5Qm1UWTY3RzQxWkdUUGJyemo3clFUVGtnRnRKQnJ2WW0yMkV3VWdVazNaZWtXdkNVdEtDTkJNUUNCdER1c3ZZbmpsc1JEUW5HcWlrZTIlMkJDblg2aU1oejlTaERkemh3JTNEJTNE
.saynotobald.com/ Name: ucacid
Value: 1679875436.833610
.saynotobald.com/ Name: _clsk
Value: j6lwcf%7C1714515864031%7C1%7C1%7Cg.clarity.ms%2Fcollect
saynotobald.com/ Name: /presentation:watchVideoTime:UVHnhOaw7F0
Value: 0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 3F72AB8C216B65ED3735BFFD20B96483
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3F72AB8C216B65ED3735BFFD20B96483
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

49 Console Messages

Source Level URL
Text
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/810524130072458?v=2.9.154&r=stable&domain=saynotobald.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://saynotobald.com/presentation
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12217290.fls.doubleclick.net
14028140.fls.doubleclick.net
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.taboola.com
connect.facebook.net
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
g.clarity.ms
googleads.g.doubleclick.net
gum.criteo.com
region1.analytics.google.com
saynotobald.com
sc-static.net
secure.regrowhairformula.com
service3.purehealthresearch.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
tr6.snapchat.com
trc-events.taboola.com
trc.taboola.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.ibph4trk.com
www.youtube-nocookie.com
www.youtube.com
104.126.37.129
104.244.42.67
104.244.42.69
13.32.23.228
134.209.162.206
141.226.228.48
142.250.184.198
143.204.205.26
143.204.207.250
146.75.120.157
151.101.65.44
161.35.48.155
2001:4860:4802:32::36
2620:1ec:46::45
2620:1ec:c11::237
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9c
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.107.199.247
34.192.168.123
35.190.43.134
52.182.214.99
68.219.88.97
0217666eb00dbf61204f1b64340ead9f9388a15f1ea46252e33feb1bb8371050
13f3ee954b3c1d3371bccff14f8c7cb5917a4b273204da1da60270922f8929a2
19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d
1e67bbd2757fb2d59a2a14db400333dc35a38524995516b28d52f3d6a780f602
210dc0fe32fc0fccdeea9800606b445ff34c3a2511380f6d1f648704fbf548cd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ed3604f56f1342bcd501dcbdee76a08c719f6d0f1dc2d3b11f0dcc2786eaba3
3cf1f0e6af39d597e60148644cca7ab32bde23d0cf590926bc68aca784dd2ae5
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4fab1dbe30e8ff5b2b88f3175638cee6011f8c5ec952a555216436ca3045cd5b
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
52dafce67c64d7f461ab63eb02f4e92c8282940ba64b7523f6d101484e4e30b6
54c860425376e024f620c98640ebf9012b8542df33a5e482eb618bc9d6fa8bee
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5fb3750248c24cf121b03396975be700ccbb285975ca23e963ba841f43c9e7d9
66eca83e20680621377ece780d242d87aeef35c390fbbae7474766d27c5af346
713601c1e3e76d39801d007a718d2b536a7a081e31a51f22e99ff96d58e988e2
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0
92e6be092ffeba16fdac9086a0d94d7bbadf8b7dcfa88d515491607c96cdbe1b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a47e8dfabfb472192c82c8d03cb2e526fd5c2cc53778c5460c7e6e25ee81b8c2
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
aaad9cdbda8cca98466dd82cf2654ae8cb05cf4dad11faabfb2ffd777e1f37f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b12d0736732b7112f0286999653f1bbf491b1bf35e4ed2459baf477fa22d8d3d
b2ab7d36b48d3071eacc2e7e54825e1f524b0eab50e4a352b021dfceef2cfa25
b47cd90e221d63f941ddee790e511af834b2d041e43e4ff8544544fb3809a922
b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6
b95405d3b5edc1f03fc3bf63aa85cd490a394c7a1273b318c885a1b181a6feb6
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bde2472a76e01f194919d637e205051b6e966692237a60d113e3bd7c130bf25b
c25c59f2dd16b6ba07fc883a07bd70be8f5c90f0fb1d245b74ff8b426b81676a
d27cfcc84fba5973405a634ee6da304d84e57744582a6e101b86e7cfcfe2ae74
d9b027c4eda90bfc485cfbb1fd2269a25e049510b2ee40d2af18128ec3275bd2
dac99c71e943d58b4fac29e7bed45da2fc55ceec4d6627ecce863dec95a520aa
db8f2e225a032bb3b6e964e9dfe4b63752a8aee7d416eef78a8d379d56882528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee5b11761bd4ac602a13816b6d26cef5323ccf591f80b06a44273b7c6ae0a6b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc9735897fa31a7a6894132760617fcadb6a8cc47ac860e7e6d92a1aa0a5119a