urlscan.io logo urlscan.io
SecurityTrails logo

saynotobald.com Open in urlscan Pro
161.35.48.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://saynotobald.com/0.36084777017030256
Effective URL: https://saynotobald.com/presentation
Submission: On June 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 7 countries across 25 domains to perform 84 HTTP transactions. The main IP is 161.35.48.155, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is saynotobald.com.
TLS certificate: Issued by R3 on May 23rd 2024. Valid for: 3 months.
This is the only time saynotobald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 161.35.48.155 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638:3::e 44788 (ASN-CRITE...)
1 1 172.217.18.4 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
3 151.101.1.44 54113 (FASTLY)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 18.239.98.245 16509 (AMAZON-02)
1 13.32.23.43 16509 (AMAZON-02)
1 34.107.199.247 396982 (GOOGLE-CL...)
1 146.75.120.157 54113 (FASTLY)
3 2620:1ec:29:1... 8075 (MICROSOFT...)
14 2.16.1.139 20940 (AKAMAI-ASN1)
5 35.190.43.134 15169 (GOOGLE)
3 143.204.205.89 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
2 6 142.250.186.134 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
1 93.184.221.165 15133 (EDGECAST)
1 104.244.42.131 13414 (TWITTER)
3 20.231.53.73 8075 (MICROSOFT...)
1 134.209.162.206 14061 (DIGITALOC...)
1 2 68.219.88.97 8075 (MICROSOFT...)
4 141.226.228.48 200478 (TABOOLA-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 74.119.117.16 ()
1 2a02:2638:3::19 ()
84 33
6    161.35.48.155 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: saynotobald.com
saynotobald.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
www.youtube.com
3    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
1    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net
www.google.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads.g.doubleclick.net
3    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
psb.taboola.com
trc.taboola.com
4    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    18.239.98.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-98-245.ams1.r.cloudfront.net
sc-static.net
1    13.32.23.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-43.fra56.r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
1    34.107.199.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com
www.ibph4trk.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
14    2.16.1.139 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-139.deploy.static.akamaitechnologies.com
analytics.tiktok.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
3    143.204.205.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-89.fra53.r.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
12217290.fls.doubleclick.net
ad.doubleclick.net
14028140.fls.doubleclick.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
1    93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
1    134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
service3.purehealthresearch.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    74.119.117.16 (None, )

ASN- ()
widget.us.criteo.com
1    2a02:2638:3::19 (None, )

ASN- ()
measurement-api.criteo.com
Apex Domain
Subdomains		 Transfer
14 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787
151 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 776
q.clarity.ms — Cisco Umbrella Rank: 7755
c.clarity.ms — Cisco Umbrella Rank: 1472
30 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
12217290.fls.doubleclick.net — Cisco Umbrella Rank: 624864
ad.doubleclick.net — Cisco Umbrella Rank: 164
stats.g.doubleclick.net — Cisco Umbrella Rank: 132
14028140.fls.doubleclick.net — Cisco Umbrella Rank: 633739
2 KB
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 885
psb.taboola.com — Cisco Umbrella Rank: 7969
trc.taboola.com — Cisco Umbrella Rank: 702
trc-events.taboola.com — Cisco Umbrella Rank: 2321
24 KB
7 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3808
gum.criteo.com — Cisco Umbrella Rank: 501
sslwidget.criteo.com — Cisco Umbrella Rank: 2182
widget.us.criteo.com
measurement-api.criteo.com
64 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
525 KB
6 saynotobald.com
saynotobald.com
357 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 937
tr6.snapchat.com — Cisco Umbrella Rank: 1271
1 KB
4 cloudfront.net
d9i5ve8f04qxt.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
21 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 357
c.bing.com — Cisco Umbrella Rank: 226
16 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
region1.analytics.google.com — Cisco Umbrella Rank: 3078
323 B
2 gstatic.com
fonts.gstatic.com
48 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 90
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
86 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
3 KB
1 purehealthresearch.com
service3.purehealthresearch.com — Cisco Umbrella Rank: 397347
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 938
725 B
1 t.co
t.co — Cisco Umbrella Rank: 711
377 B
1 google.de
www.google.de — Cisco Umbrella Rank: 8196
63 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 881
15 KB
1 ibph4trk.com
www.ibph4trk.com
19 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1286
21 KB
1 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 3862
0 regrowhairformula.com Failed
secure.regrowhairformula.com Failed
84 25
Domain Requested by
14 analytics.tiktok.com saynotobald.com
analytics.tiktok.com
6 www.googletagmanager.com saynotobald.com
www.googletagmanager.com
6 saynotobald.com 1 redirects saynotobald.com
4 trc-events.taboola.com analytics.tiktok.com
4 tr.snapchat.com sc-static.net
saynotobald.com
3 q.clarity.ms analytics.tiktok.com
3 d1pqvb2h9xgm7r.cloudfront.net d9i5ve8f04qxt.cloudfront.net
analytics.tiktok.com
3 www.clarity.ms saynotobald.com
www.clarity.ms
bat.bing.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
saynotobald.com
3 dynamic.criteo.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 c.clarity.ms 1 redirects
2 14028140.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 ad.doubleclick.net saynotobald.com
2 12217290.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.facebook.com saynotobald.com
2 www.youtube.com saynotobald.com
www.youtube.com
2 connect.facebook.net saynotobald.com
connect.facebook.net
2 fonts.googleapis.com saynotobald.com
1 measurement-api.criteo.com analytics.tiktok.com
1 widget.us.criteo.com
1 sslwidget.criteo.com 1 redirects
1 c.bing.com 1 redirects
1 service3.purehealthresearch.com analytics.tiktok.com
1 tr6.snapchat.com sc-static.net
1 analytics.twitter.com saynotobald.com
1 t.co saynotobald.com
1 www.google.de saynotobald.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 gum.criteo.com dynamic.criteo.com
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com cdn.taboola.com
1 static.ads-twitter.com saynotobald.com
1 www.ibph4trk.com www.googletagmanager.com
1 d9i5ve8f04qxt.cloudfront.net www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 cdn.taboola.com www.googletagmanager.com
1 googleads.g.doubleclick.net saynotobald.com
1 www.google.com 1 redirects
1 www.youtube-nocookie.com saynotobald.com
0 secure.regrowhairformula.com Failed saynotobald.com
84 42

This site contains no links.

Subject Issuer Validity Valid
saynotobald.com
R3		 2024-05-23 -
2024-08-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-15 -
2024-07-10		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-05-01 -
2024-06-27		 2 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
p8btrk.com
Starfield Secure Certificate Authority - G2		 2023-11-30 -
2024-12-31		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-21 -
2025-02-20		 a year crt.sh
*.doubleclick.net
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.de
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
service3.purehealthresearch.com
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://saynotobald.com/presentation
Frame ID: FE54165C3EDB6CF5CDE3DCF128F0E010
Requests: 76 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: 9E0BD1FFE9E62F80A267FAD232A1EF51
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_scsid=6d6239ad-a564-4ce5-9ae2-96ab35275917&u_sclid=808f4efb-b75a-4129-bfa0-05f244113a8c
Frame ID: F516B54BD12AF31305AED183A7D7C704
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag
Frame ID: 1DE05114FDB2FACC4EE22072E31AE8B2
Requests: 1 HTTP requests in this frame

Frame: https://12217290.fls.doubleclick.net/activityi;dc_pre=COfprc_s2IYDFfJjHgIdLK0KoQ;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2421645777097;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1616457165;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: DC5F16C70070CA8956E76C1B06B6940B
Requests: 1 HTTP requests in this frame

Frame: https://14028140.fls.doubleclick.net/activityi;dc_pre=CMfxuM_s2IYDFQaqGQodv_cAGA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=9651891563115;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1231660778;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: 456511825D58514FE9C60FB32D5B8523
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ReGrow

Page URL History Show full URLs

  1. http://saynotobald.com/0.36084777017030256 HTTP 307
    https://saynotobald.com/0.36084777017030256 HTTP 302
    https://saynotobald.com/presentation Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

84
Requests

95 %
HTTPS

38 %
IPv6

25
Domains

42
Subdomains

33
IPs

7
Countries

1398 kB
Transfer

3596 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://saynotobald.com/0.36084777017030256 HTTP 307
    https://saynotobald.com/0.36084777017030256 HTTP 302
    https://saynotobald.com/presentation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=2101027071.1718290953&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He46c0n81TDFXFQXv850445531za200&auid=1254109126.1718290953 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=2101027071.1718290953&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He46c0n81TDFXFQXv850445531za200&auid=1254109126.1718290953
Request Chain 38
  • https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2421645777097;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1616457165;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation HTTP 302
  • https://12217290.fls.doubleclick.net/activityi;dc_pre=COfprc_s2IYDFfJjHgIdLK0KoQ;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2421645777097;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1616457165;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Request Chain 43
  • https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=9651891563115;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1231660778;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation HTTP 302
  • https://14028140.fls.doubleclick.net/activityi;dc_pre=CMfxuM_s2IYDFQaqGQodv_cAGA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=9651891563115;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1231660778;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Request Chain 70
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E3E82060DF214A6A96C895548AB5EBBA&RedC=c.clarity.ms&MXFR=0D02A40AE43A646C04A1B097E03A6A76 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E3E82060DF214A6A96C895548AB5EBBA&MUID=1BAB0FD79AE865B337E51B4A9B63644D
Request Chain 80
  • https://sslwidget.criteo.com/event?a=91644&v=5.25.0&otl=1&p0=e%3Dvpg&adce=1&bundle=sT8Rxl8yakVhZzNiTDRNQWs4RGpUbW1vSE1BR2ZhS1VLc2VlVjRyeHVxVHBOVkhMNTcwblc1QkhZNjJCZ0Z5MW5qaGgwMDFGZ1pFUlc5cTViJTJCNGslMkZIeVBRV2I1WnEyMmhtRnkxRkVXYUl2em5JbUM3NXZsYnU3cVlhMmFYWXRzR1g3bm5Db2pIQ0tZelpEanFVN2d0RERYUU84WUFwcVZYJTJGNE4yOWc4RlN6QUhVJTJGTSUzRA&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation&ceid=2acd238c-4158-40e5-95de-d6071c965a7f HTTP 302
  • https://widget.us.criteo.com/event?a=91644&v=5.25.0&otl=1&p0=e%3Dvpg&adce=1&bundle=sT8Rxl8yakVhZzNiTDRNQWs4RGpUbW1vSE1BR2ZhS1VLc2VlVjRyeHVxVHBOVkhMNTcwblc1QkhZNjJCZ0Z5MW5qaGgwMDFGZ1pFUlc5cTViJTJCNGslMkZIeVBRV2I1WnEyMmhtRnkxRkVXYUl2em5JbUM3NXZsYnU3cVlhMmFYWXRzR1g3bm5Db2pIQ0tZelpEanFVN2d0RERYUU84WUFwcVZYJTJGNE4yOWc4RlN6QUhVJTJGTSUzRA&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation&ceid=2acd238c-4158-40e5-95de-d6071c965a7f

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request presentation
saynotobald.com/
Redirect Chain
  • http://saynotobald.com/0.36084777017030256
  • https://saynotobald.com/0.36084777017030256
  • https://saynotobald.com/presentation
51 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
69711e16fff54adab001489ef3256f39365b0311bac51e7d32e94722bf4a82bc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jun 2024 15:02:31 GMT
ETag
W/"ca10-Ghv+Tvh6wxOgOedB3ZG1JlHXRuM"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express

Redirect headers

Connection
keep-alive
Content-Length
70
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jun 2024 15:02:31 GMT
Location
/presentation
Server
nginx
Vary
Accept
X-Powered-By
Express
pageNotFound
true
css2
fonts.googleapis.com/ 		28 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jun 2024 15:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jun 2024 13:26:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jun 2024 15:02:32 GMT
css2
fonts.googleapis.com/ 		32 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jun 2024 15:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jun 2024 14:12:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jun 2024 15:02:32 GMT
play-img-d.gif
saynotobald.com/img/video/ 		302 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/video/play-img-d.gif
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/presentation
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 15:02:32 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"4b87a-18a454e656e"
Content-Type
image/gif
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
309370
UCAffiliateNetworkPixel
secure.regrowhairformula.com/cgi-bin/ 		0
0
gtm.js
www.googletagmanager.com/ 		383 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50bbef3b0717dd7f3e44094d6da8a5c634ca127a292cea36d0ba5f5035ee5bf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
115558
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jun 2024 15:02:32 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jun 2024 15:02:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=14, mss=1297, tbw=2794, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
ZDojiql4q60woAhbPMOoqYuku6nrp166+Opf7t942B+f46CAJXqKHJcV87Cr7KYl7huj6HnX/69aTQJ0KgoerQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
UVHnhOaw7F0
www.youtube-nocookie.com/embed/ Frame 9E0B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 15:02:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
03b8970524212903ed5e8da72d99351e9ac4510cf8e898f94c8b8191a96014da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 13 Jun 2024 15:02:32 GMT
dr-holly.png
saynotobald.com/img/featured-on/holly/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/featured-on/holly/dr-holly.png
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/presentation
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 15:02:32 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"3a1c-18a454e64f6"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14876
featured-logo.svg
saynotobald.com/img/featured-on/holly/ 		65 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/featured-on/holly/featured-logo.svg
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/presentation
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 15:02:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"104e7-18a454e64f6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
810524130072458
connect.facebook.net/signals/config/ 		140 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/810524130072458?v=2.9.158&r=stable&domain=saynotobald.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c40ba0fef9934e31f2cf69644ea7c6ebe3b8d69868a92d6a31eab7211610caa
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jun 2024 15:02:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=58, mss=1297, tbw=63554, tp=-1, tpl=-1, uplat=280, ullat=1
pragma
public
x-fb-debug
oj0mlrRKN9auneBXgArMqLgWPLG6cjYG0SfZPFtcwNVRwM2/zA7/CP18hOV/HfhuJdZSlJo+ieYmg7C/ML21yw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ld.js
dynamic.criteo.com/js/ld/ 		47 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=91644
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a63358af0ecf02a4b1fba442cbb8ce4d5924c5bf406fefa9983160bcd31285a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ld.js
dynamic.criteo.com/js/ld/ 		47 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=92347
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b9750931421c5b6b4d52d29718f0942f7e9d6c369b91e5e07555112d872ff42e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ld.js
dynamic.criteo.com/js/ld/ 		47 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=113117
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1fd1660bfa96525b1e1edceb128244dba187cfee4af097c8decc3012d61507dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=2101027071.1718290953&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He46c0n81TDFXFQXv...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=2101027071.1718290953&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He46...
42 B
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=2101027071.1718290953&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He46c0n81TDFXFQXv850445531za200&auid=1254109126.1718290953
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 15:02:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jun 2024 15:02:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=2101027071.1718290953&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=sypham&dma=1&npa=0&gtm=45He46c0n81TDFXFQXv850445531za200&auid=1254109126.1718290953
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		328 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6be9c2b4b586338acb4905892d5330c51e109f1da0e7a0d6bc7478cce89cf84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
109704
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jun 2024 15:02:32 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1423196/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c564265302b1530dca2bb76828ac428462c996f2f5e77f10bab8f58aba29a464

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
w4YtkN0vTBojcUZCiErQcmaDe7AH2ZuE
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Jun 2024 15:02:33 GMT
x-amz-request-id
23D0S39DYAS4CHMG
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21856
x-amz-id-2
YBBgiK6XUo9rsekCxtM+2+OoqszqbHDxw5lDE+i0kZbL0p+BPcuxdcE/clnFmzGGV+iR6L93O1I=
x-served-by
cache-fra-etou8220055-FRA
last-modified
Sun, 09 Jun 2024 11:31:08 GMT
server
AmazonS3
x-timer
S1718290953.016384,VS0,VE110
etag
"bbfe805a74140829846991e34aa2deb5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
destination
www.googletagmanager.com/gtag/ 		212 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5d3c6093132b31505e8736c771bdbdb3ff52fe0c1a7f913894f6d8a209945a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77619
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jun 2024 15:02:32 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 13 Jun 2024 15:02:33 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3D6BE03B47FD481D85C8408C58EDB4A9 Ref B: FRA31EDGE0516 Ref C: 2024-06-13T15:02:33Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13280
destination
www.googletagmanager.com/gtag/ 		212 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e83de4a9969104f402f7fb1ca8c9eb09633efe5049e443d4aea0b9467643582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77755
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jun 2024 15:02:32 GMT
scevent.min.js
sc-static.net/ 		47 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.98.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-98-245.ams1.r.cloudfront.net
Software
CloudFront /
Resource Hash
4805ef81fe77acaa28e334ceaf5b9e2773cfffaf6d53f0b01811c57f19fe4802

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:33 GMT
content-encoding
gzip
via
1.1 cf3f18e8f11a6f190c72103c7a43aac2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
20523
x-amz-cf-id
OkTjSLxcB3OaC17B-ujl8-zRKPBv6nsHjgCgSCpVxtZkbVGdM349AQ==
collect-g.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 		105 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02660f9cd38ea499474d8ead6fd8657654ecea09aab69ebb18a33da225532b59

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 13:03:53 GMT
content-encoding
gzip
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
525520
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
20267
last-modified
Fri, 07 Jun 2024 12:33:01 GMT
server
AmazonS3
etag
"44e5d70201f94ea2f3efea5821f4c161"
content-type
application/x-javascript; charset=UTF-8
cache-control
max-age=604800,s-maxage=604800
accept-ranges
bytes
x-amz-cf-id
mdNdpshZN38zGDgGc8reA_K6YzfANOXkr7hfsy42tWKBV8QqwMBZZA==
everflow.js
www.ibph4trk.com/scripts/sdk/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibph4trk.com/scripts/sdk/everflow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.199.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.199.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1b593a3379b6ba352db1a3c7d7285544e796ff62e63bffc5dc42513e6a45577b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:33 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server
nginx
vary
Origin
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
c508d4be-958b-4f0a-b2e6-6bb52d683838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:33 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220123-FRA
js
www.googletagmanager.com/gtag/ 		212 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-12217290
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be555ccfab96036d222543b8b031a81a9e76eba9d7c7d1342709f64b9a8c1f24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77757
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jun 2024 15:02:32 GMT
gnsm8am7co
www.clarity.ms/tag/ 		1004 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/gnsm8am7co?ref=gtm2
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6b1dbd70a461a34e78b3d65c8a0cffc911c282a8c2ade167e8ccdd8a3704d7ae

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Thu, 13 Jun 2024 15:02:33 GMT
x-azure-ref
20240613T150233Z-15f57b858d4q7kwd3z1q50ap740000000ghg000000007682
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1004
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cdbc052ae1fd704bb743a8949c760d6b687f51045a0a92d1926ca9b1d69ee750

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d13ab1
date
Thu, 13 Jun 2024 15:02:33 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24061315023314A9699C75345D6A2A16-2D9192A59C1AAD59-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=91
content-length
2006
pragma
no-cache
server
nginx
x-tt-logid
2024061315023314A9699C75345D6A2A16
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
92,2.16.1.135
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b95932d81844100265c126d1e64e8d418acf7a73e7531e0149d95802a1956bf7e8694f06b836a6fd3c90523864cf22e37667194b5e0f48b650d214c2641ae77ce06713cdb62ab81665b0b4ca0b19900afd8
expires
Thu, 13 Jun 2024 15:02:33 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14028140
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cba9cd2c287b2fc51ce3e24b34f74bced15bcbed77bf7f21152a3bac98042e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77759
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jun 2024 15:02:32 GMT
c61ad1ca-f59a-4219-990e-b8a5d1118ab6.js
tr.snapchat.com/config/com/ 		200 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/c61ad1ca-f59a-4219-990e-b8a5d1118ab6.js?v=3.19.1-2406112356
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e49dd57fd6b3336e35d411e47ffe455d93a5f65e2b2ba9bffe5500f869a52e83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Origin
https://saynotobald.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://saynotobald.com
x-envoy-upstream-service-time
96
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200
i
tr.snapchat.com/cm/ Frame F516 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_scsid=6d6239ad-a564-4ce5-9ae2-96ab35275917&u_sclid=808f4efb-b75a-4129-bfa0-05f244113a8c
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 13 Jun 2024 15:02:33 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
p
tr.snapchat.com/ 		68 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&ev=PAGE_VIEW&intg=gtm&pids=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_c1=d7a7ccc5-05e7-4d0c-9140-c8fd67b19b08&u_sclid=808f4efb-b75a-4129-bfa0-05f244113a8c&u_scsid=6d6239ad-a564-4ce5-9ae2-96ab35275917&bg=false&bt=1d53c387&d_a=x86&d_bvs=%5B%7B%22brand%22%3A%22Not%2FA)Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126.0.6478.55%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126.0.6478.55%22%7D%5D&d_os=10.0.0&d_ot=Win32&df=true&huah=true&m_dcl=877&m_fcps=1073&m_pi=877&m_pl=0&m_pv=2&m_rd=1675&m_sh=1200&m_sl=1&m_sw=1600&pl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&trackId=c5f45edb-955c-4beb-ad76-d817bb937672&ts=1718290953226&v=3.19.1-2406112356
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
www-widgetapi.js
www.youtube.com/s/player/f9c66401/www-widgetapi.vflset/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f9c66401/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 13:35:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
5231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12617
x-xss-protection
0
last-modified
Tue, 11 Jun 2024 04:28:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 13 Jun 2025 13:35:22 GMT
topics_api
psb.taboola.com/ 		65 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-etou8220023-FRA
date
Thu, 13 Jun 2024 15:02:33 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1718290954.609638,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-cache-hits
0
json
trc.taboola.com/1423196/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1423196/trc/3/json?tim=1718290953256&data=%7B%22id%22%3A320%2C%22ii%22%3A%22%2Fpresentation%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1718290953244%2C%22cv%22%3A%2220240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpurehealthresearch-sc-regrowhair-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1718290953256%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%22%2C%22tos%22%3A10%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8bb7ae3585c4509d4b880f0f0f6b21095db4bdd36dc891866a2b22635eb0c919

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
21
date
Thu, 13 Jun 2024 15:02:33 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.23925000000000002
x-fastly-to-nlb-rtt
7264
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-fra-etou8220055-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1718290954.609479,VS0,VE21
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
id
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		29 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.regrowhairformula.com
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-89.fra53.r.cloudfront.net
Software
/
Resource Hash
fbf3694b1a78e336d653887b16068fa28a900c63274582b454de3692e59ad4bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:34 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
content-length
29
apigw-requestid
ZT6Bmg22IAMEMYg=
x-amz-cf-id
d7gixxPaaPOuQiMIaQV5hA5GCSNiN6ltrtV5-li8gNa2DAQa8f8RdQ==
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fsaynotobald.com&rl=&if=false&ts=1718290953349&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718290953345.610158367375696501&pm=1&hrl=f9556c&ler=empty&cdl=API_unavailable&it=1718290952783&coo=false&cs_cc=1&cas=26034578199519331%2C8141434192645646%2C7579772582137965%2C7380041312118141%2C5904082956382190%2C8012597892088465%2C7617628734960318%2C7776626955734231%2C7383496225079023%2C7377693012315080%2C7614754538545034%2C7510813242314237%2C7835956749783920%2C6945292395551325%2C7553474568045692%2C7470405063049324%2C7421018521278531%2C7458278260953465%2C25405276682421135%2C7584915014861402%2C7112737342092811%2C6763574803742773%2C7339467549439646%2C7894091980641460%2C7544712445564313%2C6317318171714328%2C7601387073256533%2C7662419700483096%2C25916332654632115%2C9519302044810334%2C5781673425258056%2C8032076670139991%2C7039146506197689%2C7609299599122216%2C9934289436642028%2C5735284416492337&rqm=GET
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=10, mss=1297, tbw=2822, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Jun 2024 15:02:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fsaynotobald.com&rl=&if=false&ts=1718290953349&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718290953345.610158367375696501&pm=1&hrl=f9556c&ler=empty&cdl=API_unavailable&it=1718290952783&coo=false&cs_cc=1&cas=26034578199519331%2C8141434192645646%2C7579772582137965%2C7380041312118141%2C5904082956382190%2C8012597892088465%2C7617628734960318%2C7776626955734231%2C7383496225079023%2C7377693012315080%2C7614754538545034%2C7510813242314237%2C7835956749783920%2C6945292395551325%2C7553474568045692%2C7470405063049324%2C7421018521278531%2C7458278260953465%2C25405276682421135%2C7584915014861402%2C7112737342092811%2C6763574803742773%2C7339467549439646%2C7894091980641460%2C7544712445564313%2C6317318171714328%2C7601387073256533%2C7662419700483096%2C25916332654632115%2C9519302044810334%2C5781673425258056%2C8032076670139991%2C7039146506197689%2C7609299599122216%2C9934289436642028%2C5735284416492337&rqm=FGET
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x133f6278956a6805","source_keys":["1","2"]},{"key_piece":"0x4a420b46c48ed338","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 13 Jun 2024 15:02:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=10, mss=1297, tbw=3140, tp=-1, tpl=-1, uplat=232, ullat=0
pragma
no-cache
x-fb-debug
j4tN8HMtR/J2YgU6nNSXbDLrmPpxjn1E9Xn/mGIawqYyPcu7MU2U4WdNwzF+P0VqwfLiSaIekFGILfzuZcIe2g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 1DE0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=91644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 15:02:32 GMT
server
Kestrel
server-processing-duration-in-ticks
331953
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
activityi;dc_pre=COfprc_s2IYDFfJjHgIdLK0KoQ;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2421645777097;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1616457165;uaa=x86;uab=64;uafvl=Not%252FA)Brand%...
12217290.fls.doubleclick.net/ Frame DC5F
Redirect Chain
  • https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2421645777097;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1616457165;uaa=x86;uab=64;uafvl=Not%252FA)Bra...
  • https://12217290.fls.doubleclick.net/activityi;dc_pre=COfprc_s2IYDFfJjHgIdLK0KoQ;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2421645777097;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1616457165;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12217290.fls.doubleclick.net/activityi;dc_pre=COfprc_s2IYDFfJjHgIdLK0KoQ;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2421645777097;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1616457165;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
428
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 15:02:33 GMT
expires
Thu, 13 Jun 2024 15:02:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 15:02:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12217290.fls.doubleclick.net/activityi;dc_pre=COfprc_s2IYDFfJjHgIdLK0KoQ;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2421645777097;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1616457165;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2421645777097;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1616457165;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CC...
ad.doubleclick.net/ 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2421645777097;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1616457165;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:33 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"16587608075682554626"}],"aggregatable_trigger_data":[{"filters":[{"14":["13301863"]}],"key_piece":"0xd0924f2052542de","source_keys":["12","13","14","15","16","17","18","19","20","21","628728060","628728061","628728062","628728063","628754712","628754713","628754714","628754715","634895880","634895881","634895882","634895883","634911120","634911121","634911122","634911123"]},{"key_piece":"0x761ec1a55dff07e8","not_filters":{"14":["13301863"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628728060","628728061","628728062","628728063","628754712","628754713","628754714","628754715","634895880","634895881","634895882","634895883","634911120","634911121","634911122","634911123"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628728060":81,"628728061":81,"628728062":81,"628728063":7946,"628754712":81,"628754713":81,"628754714":81,"628754715":7946,"634895880":93,"634895881":93,"634895882":93,"634895883":9081,"634911120":93,"634911121":93,"634911122":93,"634911123":9081},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"12888774126266054366","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"16587608075682554626","filters":[{"14":["13301863"],"source_type":["event"]},{"14":["13301863"],"24":["13301863"],"source_type":["navigation"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"16587608075682554626","filters":[{"14":["13301863"],"23":["13301863"],"source_type":["navigation"]}],"priority":"10","trigger_data":"0"},{"deduplication_key":"16587608075682554626","filters":[{"14":["13301863"],"25":["13301863"],"source_type":["navigation"]}],"priority":"10","trigger_data":"2"},{"deduplication_key":"16587608075682554626","filters":[{"14":["13301863"],"26":["13301863"],"source_type":["navigation"]}],"priority":"10","trigger_data":"3"},{"deduplication_key":"16587608075682554626","filters":[{"14":["13301863"],"27":["13301863"],"source_type":["navigation"]}],"priority":"10","trigger_data":"4"},{"deduplication_key":"16587608075682554626","filters":[{"14":["13301863"],"28":["13301863"],"source_type":["navigation"]}],"priority":"10","trigger_data":"5"},{"deduplication_key":"16587608075682554626","filters":[{"14":["13301863"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"16587608075682554626","filters":[{"source_type":["event"]},{"23":["13301863"],"source_type":["navigation"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"16587608075682554626","filters":[{"24":["13301863"],"source_type":["navigation"]}],"priority":"0","trigger_data":"1"},{"deduplication_key":"16587608075682554626","filters":[{"25":["13301863"],"source_type":["navigation"]}],"priority":"0","trigger_data":"2"},{"deduplication_key":"16587608075682554626","filters":[{"26":["13301863"],"source_type":["navigation"]}],"priority":"0","trigger_data":"3"},{"deduplication_key":"16587608075682554626","filters":[{"27":["13301863"],"source_type":["navigation"]}],"priority":"0","trigger_data":"4"},{"deduplication_key":"16587608075682554626","filters":[{"28":["13301863"],"source_type":["navigation"]}],"priority":"0","trigger_data":"5"},{"deduplication_key":"16587608075682554626","filters":[{"29":["13301863"],"source_type":["navigation"]}],"priority":"0","trigger_data":"6"},{"deduplication_key":"16587608075682554626","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12217290"]}}
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
attribution-reporting-info
preferred-platform=os
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je46c0v9176637411z8850445531za200zb850445531&_p=1718290952193&_gaz=1&gcs=G111&gcd=13v3v3v2v5&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=1468681796.1718290954&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718290953&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2073
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 15:02:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-19QC860WB0&cid=1468681796.1718290954&gtm=45je46c0v9176637411z8850445531za200zb850445531&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13v3v3v2v5&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 15:02:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-19QC860WB0&cid=1468681796.1718290954&gtm=45je46c0v9176637411z8850445531za200zb850445531&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13v3v3v2v5&npa=0&frm=0&z=1728648308
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 15:02:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CMfxuM_s2IYDFQaqGQodv_cAGA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=9651891563115;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1231660778;uaa=x86;uab=64;uafvl=Not%252FA)Bran...
14028140.fls.doubleclick.net/ Frame 4565
Redirect Chain
  • https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=9651891563115;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1231660778;uaa=x86;uab=64;uafvl=Not%252FA)B...
  • https://14028140.fls.doubleclick.net/activityi;dc_pre=CMfxuM_s2IYDFQaqGQodv_cAGA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=9651891563115;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=123166077...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14028140.fls.doubleclick.net/activityi;dc_pre=CMfxuM_s2IYDFQaqGQodv_cAGA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=9651891563115;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1231660778;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
676
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 15:02:34 GMT
expires
Thu, 13 Jun 2024 15:02:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 15:02:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://14028140.fls.doubleclick.net/activityi;dc_pre=CMfxuM_s2IYDFQaqGQodv_cAGA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=9651891563115;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1231660778;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=9651891563115;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1231660778;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7...
ad.doubleclick.net/ 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=9651891563115;npa=0;auiddc=1254109126.1718290953;ps=1;pcor=1231660778;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46c0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:33 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"3387994880778145755"}],"aggregatable_trigger_data":[{"filters":[{"14":["49526215"]}],"key_piece":"0x62d2d275d8bea4ce","source_keys":["12","13","14","15","16","17","18","19","20","21","15113760","15113761","15113762","15113763","628809940","628809941","628809942","628809943","628842984","628842985","628842986","628842987"]},{"key_piece":"0x74b271510fa729bd","not_filters":{"14":["49526215"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15113760","15113761","15113762","15113763","628809940","628809941","628809942","628809943","628842984","628842985","628842986","628842987"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15113760":81,"15113761":81,"15113762":81,"15113763":7946,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628809940":72,"628809941":72,"628809942":72,"628809943":7062,"628842984":54,"628842985":54,"628842986":54,"628842987":5297},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"778844015509665534","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"3387994880778145755","filters":[{"14":["49526215"],"source_type":["event"]},{"14":["49526215"],"24":["49526215"],"source_type":["navigation"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"3387994880778145755","filters":[{"14":["49526215"],"23":["49526215"],"source_type":["navigation"]}],"priority":"10","trigger_data":"0"},{"deduplication_key":"3387994880778145755","filters":[{"14":["49526215"],"25":["49526215"],"source_type":["navigation"]}],"priority":"10","trigger_data":"2"},{"deduplication_key":"3387994880778145755","filters":[{"14":["49526215"],"26":["49526215"],"source_type":["navigation"]}],"priority":"10","trigger_data":"3"},{"deduplication_key":"3387994880778145755","filters":[{"14":["49526215"],"27":["49526215"],"source_type":["navigation"]}],"priority":"10","trigger_data":"4"},{"deduplication_key":"3387994880778145755","filters":[{"14":["49526215"],"28":["49526215"],"source_type":["navigation"]}],"priority":"10","trigger_data":"5"},{"deduplication_key":"3387994880778145755","filters":[{"14":["49526215"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"3387994880778145755","filters":[{"source_type":["event"]},{"23":["49526215"],"source_type":["navigation"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"3387994880778145755","filters":[{"24":["49526215"],"source_type":["navigation"]}],"priority":"0","trigger_data":"1"},{"deduplication_key":"3387994880778145755","filters":[{"25":["49526215"],"source_type":["navigation"]}],"priority":"0","trigger_data":"2"},{"deduplication_key":"3387994880778145755","filters":[{"26":["49526215"],"source_type":["navigation"]}],"priority":"0","trigger_data":"3"},{"deduplication_key":"3387994880778145755","filters":[{"27":["49526215"],"source_type":["navigation"]}],"priority":"0","trigger_data":"4"},{"deduplication_key":"3387994880778145755","filters":[{"28":["49526215"],"source_type":["navigation"]}],"priority":"0","trigger_data":"5"},{"deduplication_key":"3387994880778145755","filters":[{"29":["49526215"],"source_type":["navigation"]}],"priority":"0","trigger_data":"6"},{"deduplication_key":"3387994880778145755","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14028140"]}}
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
attribution-reporting-info
preferred-platform=os
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
137023477.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137023477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
13f3ee954b3c1d3371bccff14f8c7cb5917a4b273204da1da60270922f8929a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 13 Jun 2024 15:02:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A2672E9740204EF79C21EF3770E172A7 Ref B: FRA31EDGE0516 Ref C: 2024-06-13T15:02:33Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137023477&tm=gtm002&Ver=2&mid=f5a4bdbf-c23e-48af-8c06-cf4aba2eef4a&sid=f6b6c1a0299511ef936dad56bc273aa2&vid=f6b80130299511ef8716252ccb20def2&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=ReGrow&p=https%3A%2F%2Fsaynotobald.com%2Fpresentation&r=&lt=878&evt=pageLoad&sv=1&rn=315691
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 13 Jun 2024 15:02:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3EF4AF4D8494414681665052FEB95D5E Ref B: FRA31EDGE0516 Ref C: 2024-06-13T15:02:33Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c6dd9fab-820c-408f-b463-34bd586990e9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5cb2346d-4d61-43e2-8c25-de72c951ce3f&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.30
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
183
date
Thu, 13 Jun 2024 15:02:33 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
b7f3e84913d021c6
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
712bf138f5a3c93f6072dcea9361ddf12315b582f76653ea38e40e157779e107
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c6dd9fab-820c-408f-b463-34bd586990e9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5cb2346d-4d61-43e2-8c25-de72c951ce3f&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.30
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
174
date
Thu, 13 Jun 2024 15:02:33 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
8cffb4dbf7453d08
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
d14f4c166f228ac6a133d3ef006b431d7cb5f0078e126dd6e88c1387c7c9312b
content-length
43
main.MTZmOTQwMTEyNQ.js
analytics.tiktok.com/i18n/pixel/static/ 		350 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
80df7a43e757b2588c239e8ef060401821a45f07e1b5f61daebb69e13450ab9e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d13b89
date
Thu, 13 Jun 2024 15:02:33 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202406130230374A9D0544088386EC570C
x-tt-trace-id
00-2406130230374A9D0544088386EC570C-04135B2AA5475452-00
vary
Accept-Encoding
x-cache
TCP_HIT from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0199b2bbcfb618bc110596f87e3c4a9ad71411b5cd296e995b1d98b9d50755fd5c81cd18ad15b9ffa91cc74d5063f8a5bc4245e1f40dbf23d0ebd758d736053b79f107f7f4db03557e0ee99476d034eff995212f7d4584925d747d2142d2f32c28
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=2
content-length
101907
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gnsm8am7co?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:33 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240613T150233Z-15f57b858d4q7kwd3z1q50ap740000000ghg00000000768e
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6c728f9f-801e-0015-2192-b53968000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
p
tr6.snapchat.com/ 		0
44 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jun 2024 15:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
via
1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
137023477
www.clarity.ms/tag/uet/ 		816 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/137023477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/137023477.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8de36c476ab08d044f6236d6e09a4adbf00d2ac3b3c99ac01de9ef4ae033ddf0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Thu, 13 Jun 2024 15:02:34 GMT
x-azure-ref
20240613T150233Z-15f57b858d4q7kwd3z1q50ap740000000ghg00000000768h
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
816
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
d13c5f
date
Thu, 13 Jun 2024 15:02:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024052114000003E87D336EBED0FD8D36
x-tt-trace-id
00-24052114000003E87D336EBED0FD8D36-1B1AB4463EFA28CF-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01114f4801073a9f7a070311184c3b5d91be0ff7bac85d92f965934e32eb5970493cb52c2a0f1d2401f3d4ca1cddf247f575d27cca5f58ea8afa8c5717bdbaadf6e6e57c5691b67a64d5917045240a432939cc820ea8a30574e096b31c4c74282e
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
39744
monitor
analytics.tiktok.com/api/v2/ 		0
695 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
d13c7b
date
Thu, 13 Jun 2024 15:02:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24061315023414A9699C75345D6A2A3D-7F141304EE8A23DD-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
server-timing
inner; dur=7, cdn-cache; desc=MISS, edge; dur=9, origin; dur=109
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024061315023414A9699C75345D6A2A3D
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
110,2.16.1.135
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b95932d81844100265c126d1e64e8d418ac6ce16be4a96a58597b2e861ae06c3f3a1baceb8f4b0ef09df8cb1b147bbe593b0ab82d04ee9232d773fb0e8328e4e3c3620dd35e6b35fadbe94e0a7c036b563c
access-control-allow-headers
Authorization,*
expires
Thu, 13 Jun 2024 15:02:34 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
695 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
d13c7c
date
Thu, 13 Jun 2024 15:02:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406131502341392105BA2BA0967E863-2A0F855F12C0A39C-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
server-timing
inner; dur=11, cdn-cache; desc=MISS, edge; dur=20, origin; dur=101
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202406131502341392105BA2BA0967E863
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
102,2.16.1.135
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b95932d81844100265c126d1e64e8d418ac6ce16be4a96a58597b2e861ae06c3f3a1a854e4c73bfa150596376631ba6d7e2e1000633602e03185fc0e5b1eaf8176447157574a36fbf84e9f3918692d2668d
access-control-allow-headers
Authorization,*
expires
Thu, 13 Jun 2024 15:02:34 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
839 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
45fb60a1.d13c7d
date
Thu, 13 Jun 2024 15:02:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406131502345FEB8C8D62FFD8468E2E-07BA16DC1417D59B-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
97,2.16.1.135
server-timing
cdn-cache; desc=MISS, edge; dur=108, origin; dur=8, inner; dur=4
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202406131502345FEB8C8D62FFD8468E2E
x-cache-remote
TCP_MISS from a23-48-200-147.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.48.200.147
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b9584f693c5210a277715e7ddd710b67b0e82497f31f85a3b04f8ee3cecb9746306dec46b59c408a1b7afb631fbde3aba22076bbde7763c552436d2866d01030c30f2b1b7d856ad44c63d91844c8bde090445c40e431810ff77a96c396cd5b7b63b
access-control-allow-headers
Authorization,*
expires
Thu, 13 Jun 2024 15:02:34 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4575df80.d13c7e
date
Thu, 13 Jun 2024 15:02:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406131502346FBA3196A7409143D499-1F9897A909206D52-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
138,2.16.1.135
server-timing
cdn-cache; desc=MISS, edge; dur=153, origin; dur=22, inner; dur=8
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202406131502346FBA3196A7409143D499
x-cache-remote
TCP_MISS from a23-48-200-147.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
22,23.48.200.147
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b9584f693c5210a277715e7ddd710b67b0e82497f31f85a3b04f8ee3cecb9746306c7b703eceef4972a3f267aab6e8bf46cb10a5fe07ad3c32742fe01dc63edea0e0b3303c4caf0c8898b38048211d5ede5c0a9fc457361dc66ee0fafe64ebc31a3
access-control-allow-headers
Authorization,*
expires
Thu, 13 Jun 2024 15:02:34 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
48e1bf1f.d13c80
date
Thu, 13 Jun 2024 15:02:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240613150234E0212A90C47D7F29F53B-1E7EF2EAB47B78DA-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
115,2.16.1.135
server-timing
cdn-cache; desc=MISS, edge; dur=144, origin; dur=14, inner; dur=9
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240613150234E0212A90C47D7F29F53B
x-cache-remote
TCP_MISS from a23-48-200-137.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.48.200.137
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b9584f693c5210a277715e7ddd710b67b0ed7efc110f93903b2a31020a0b51bd3be46dc639d36ffdd204b2c1df786f692c1838f4190ab7cd3f369f1f0b9e2572a670e22e0438928ee71a68e487e2ca3632ad2c08d54162195e01ab7b69fee1e051f
access-control-allow-headers
Authorization,*
expires
Thu, 13 Jun 2024 15:02:34 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
839 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3c129a11.d13c81
date
Thu, 13 Jun 2024 15:02:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24061315023489A35E6FE5B87F25B8E8-421C8F9B845AE158-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
98,2.16.1.135
server-timing
cdn-cache; desc=MISS, edge; dur=131, origin; dur=11, inner; dur=6
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024061315023489A35E6FE5B87F25B8E8
x-cache-remote
TCP_MISS from a23-48-200-138.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.48.200.138
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b9584f693c5210a277715e7ddd710b67b0e02bc295f49dbf5a1558aad9c092158e8d7c2dd4d924f95b9b60f56b7c3ba30379ee8909d3d13b5148a421d2c5898bdf84c82042c2b0d216f28d02d637217af31964ae90ba5d97939c36bbcd6c92bb089
access-control-allow-headers
Authorization,*
expires
Thu, 13 Jun 2024 15:02:34 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
11157165.d13c82
date
Thu, 13 Jun 2024 15:02:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240613150234BC4F8FCEB1A00345644C-58E5B2E81508CCF3-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
104,2.16.1.135
server-timing
cdn-cache; desc=MISS, edge; dur=137, origin; dur=11, inner; dur=6
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240613150234BC4F8FCEB1A00345644C
x-cache-remote
TCP_MISS from a23-222-0-217.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.222.0.217
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b959eb34a298e09e06684c35215b8a5e0e54d2ac246a644452c98c36264a1ef51c59fbcb080cdb0faf25f8cfe59ebbf2183829f77e684e6b3c6118e30ade1ea0a14c9f13e3431dec3b7202c402db5ca0a297c0db74477c6cbdbda1d26b04e94827e
access-control-allow-headers
Authorization,*
expires
Thu, 13 Jun 2024 15:02:34 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
d13c83
date
Thu, 13 Jun 2024 15:02:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406131502341EC8AB07C95FA245CF00-6CBE106DBBAC780E-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
server-timing
inner; dur=57, cdn-cache; desc=MISS, edge; dur=32, origin; dur=147
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202406131502341EC8AB07C95FA245CF00
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
148,2.16.1.135
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b95932d81844100265c126d1e64e8d418ac17d70d2af3b9bd1692998981c473b45f8c0bf7d91fddbc7d11753de0f2afbb440f74e25cd32bff353fbbf39fdcbf4e2d76e2a607c4fd88fe482f072385970c51
access-control-allow-headers
Authorization,*
expires
Thu, 13 Jun 2024 15:02:34 GMT
p
tr.snapchat.com/ 		0
92 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jun 2024 15:02:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://saynotobald.com
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		513 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-89.fra53.r.cloudfront.net
Software
/
Resource Hash
196a3813e754bc0889180f2d4d803b24b7c7bcb23841ab3c4afa648d470cdfe1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 13 Jun 2024 15:02:34 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
33feb179-3376-5f3e-9c8b-ef9c3f3c4be8
x-cache
Miss from cloudfront
content-type
text/xml
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
content-length
513
apigw-requestid
ZT6Bqj-QIAMEY1Q=
x-amz-cf-id
TEJWfWdZe8OnMwxu3wTTkZtBIfMDzfG4atdcBiFyc3J5dX6VpqGjxw==
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-89.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://saynotobald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
38711
alt-svc
h3=":443"; ma=86400
apigw-requestid
ZSbhAi6JoAMESbw=
date
Thu, 13 Jun 2024 04:17:22 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-id
6joFacuzJnTHUPc6yrbvNEBPIZLTLrUkH5N6Gbq4jSn01Y_nsJRxlQ==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
collect
q.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://saynotobald.com
Date
Thu, 13 Jun 2024 15:02:34 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
monitor
analytics.tiktok.com/api/v2/ 		0
839 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
123a1afe.d13dbc
date
Thu, 13 Jun 2024 15:02:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24061315023439748C50A10E50271F8E-2F8A96EFAE8CC8D0-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
115,2.16.1.135
server-timing
cdn-cache; desc=MISS, edge; dur=105, origin; dur=17, inner; dur=6
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024061315023439748C50A10E50271F8E
x-cache-remote
TCP_MISS from a23-217-116-247.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
17,23.217.116.247
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b950a12fb41acd3f96dd5c024461ba8329de63ac8e06aca1d6a729bdcf41fbd3c99331eb76f03c0b5b98a9aa77ada570c726f4dcf8fda3b0ae8f2578780829805b2df808bb30539d37cd681bc3877a31e5b58b9998890f70c05b134cd775f44776e
access-control-allow-headers
Authorization,*
expires
Thu, 13 Jun 2024 15:02:34 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
c15caaa.d13dd1
date
Thu, 13 Jun 2024 15:02:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240613150234E808F22859ADCA453C07-10E99EEBCF059B04-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
159,2.16.1.135
server-timing
cdn-cache; desc=MISS, edge; dur=174, origin; dur=14, inner; dur=7
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240613150234E808F22859ADCA453C07
x-cache-remote
TCP_MISS from a23-48-36-223.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.48.36.223
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b9584f693c5210a277715e7ddd710b67b0e857c94c11e22fd056789edd5afe274594f65506a55efdd831007a8ced17607c486a63b79c4ec769385dd76a4e3bfbc4c2dcfb88a33e521091837ee2a23fe929203394228654dac53ff0712f59be09b67
access-control-allow-headers
Authorization,*
expires
Thu, 13 Jun 2024 15:02:34 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
123a1aaa.d13dd2
date
Thu, 13 Jun 2024 15:02:34 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406131502345D2D69AB1EA6C34584EB-0160F8E7E959FFBD-00
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
297,2.16.1.135
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=210, inner; dur=189
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202406131502345D2D69AB1EA6C34584EB
x-cache-remote
TCP_MISS from a23-217-116-247.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
210,23.217.116.247
x-tt-trace-host
01363bab9ca6e103ddc00a3e4d9d614b950a12fb41acd3f96dd5c024461ba8329de63ac8e06aca1d6a729bdcf41fbd3c9909dbaa46853e823caf5309f3aaace7cf4438f8b4a36558e5999a4e358fd52dcb8e5db41c71fe9f9fc5c68a8a94030d5dfe5c672cc5cbbc9c8b4a669283769faf
access-control-allow-headers
Authorization,*
expires
Thu, 13 Jun 2024 15:02:34 GMT
adnypeu
service3.purehealthresearch.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service3.purehealthresearch.com/adnypeu
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 13 Jun 2024 15:02:35 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Access-Control-Allow-Methods
GET
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E3E82060DF214A6A96C895548AB5EBBA&RedC=c.clarity.ms&MXFR=0D02A40AE43A646C04A1B097E03A6A76
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E3E82060DF214A6A96C895548AB5EBBA&MUID=1BAB0FD79AE865B337E51B4A9B63644D
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E3E82060DF214A6A96C895548AB5EBBA&MUID=1BAB0FD79AE865B337E51B4A9B63644D
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 15:02:34 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 13 Jun 2024 15:02:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 72807C47EFB343FB837542D1289D2989 Ref B: FRA31EDGE0516 Ref C: 2024-06-13T15:02:35Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E3E82060DF214A6A96C895548AB5EBBA&MUID=1BAB0FD79AE865B337E51B4A9B63644D
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
unip
trc-events.taboola.com/1423196/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=1642&scd=0&ssd=1&est=1718290953246&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1718290954888&vi=1718290953244&ri=e73ec3de38461e7bc30b32fb36ebce19&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Attribution-Reporting-Eligible
trigger
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://saynotobald.com
pragma
no-cache
date
Thu, 13 Jun 2024 15:02:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1423196/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=1642&scd=0&ssd=1&est=1718290953246&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1718290954888&vi=1718290953244&ri=e73ec3de38461e7bc30b32fb36ebce19&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://saynotobald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://saynotobald.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 13 Jun 2024 15:02:35 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
favicon.png
saynotobald.com/img/ 		547 B
840 B 		Other
General
Check archive.org
Download Go to
Full URL
https://saynotobald.com/img/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
a47e8dfabfb472192c82c8d03cb2e526fd5c2cc53778c5460c7e6e25ee81b8c2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/presentation
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 15:02:34 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"223-18a454e64f6"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
547
collect
q.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://saynotobald.com
Date
Thu, 13 Jun 2024 15:02:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://saynotobald.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 07:27:20 GMT
x-content-type-options
nosniff
age
200115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 07:27:20 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://saynotobald.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 00:47:46 GMT
x-content-type-options
nosniff
age
51289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 00:47:46 GMT
collect
q.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://saynotobald.com
Date
Thu, 13 Jun 2024 15:02:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
unip
trc-events.taboola.com/1423196/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=4643&scd=0&ssd=1&est=1718290953246&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1718290957889&vi=1718290953244&ri=e73ec3de38461e7bc30b32fb36ebce19&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Attribution-Reporting-Eligible
trigger
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://saynotobald.com
pragma
no-cache
date
Thu, 13 Jun 2024 15:02:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1423196/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=4643&scd=0&ssd=1&est=1718290953246&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1718290957889&vi=1718290953244&ri=e73ec3de38461e7bc30b32fb36ebce19&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://saynotobald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://saynotobald.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 13 Jun 2024 15:02:37 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=91644&v=5.25.0&otl=1&p0=e%3Dvpg&adce=1&bundle=sT8Rxl8yakVhZzNiTDRNQWs4RGpUbW1vSE1BR2ZhS1VLc2VlVjRyeHVxVHBOVkhMNTcwblc1QkhZNjJCZ0Z5MW5qaGgwMDFGZ1pFUlc5cTViJTJCNG...
  • https://widget.us.criteo.com/event?a=91644&v=5.25.0&otl=1&p0=e%3Dvpg&adce=1&bundle=sT8Rxl8yakVhZzNiTDRNQWs4RGpUbW1vSE1BR2ZhS1VLc2VlVjRyeHVxVHBOVkhMNTcwblc1QkhZNjJCZ0Z5MW5qaGgwMDFGZ1pFUlc5cTViJTJCNG...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=91644&v=5.25.0&otl=1&p0=e%3Dvpg&adce=1&bundle=sT8Rxl8yakVhZzNiTDRNQWs4RGpUbW1vSE1BR2ZhS1VLc2VlVjRyeHVxVHBOVkhMNTcwblc1QkhZNjJCZ0Z5MW5qaGgwMDFGZ1pFUlc5cTViJTJCNGslMkZIeVBRV2I1WnEyMmhtRnkxRkVXYUl2em5JbUM3NXZsYnU3cVlhMmFYWXRzR1g3bm5Db2pIQ0tZelpEanFVN2d0RERYUU84WUFwcVZYJTJGNE4yOWc4RlN6QUhVJTJGTSUzRA&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation&ceid=2acd238c-4158-40e5-95de-d6071c965a7f
Protocol
H2
Server
74.119.117.16 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
aaf87d2e1b23bc2354e48b7c1583d123e8ad757c382f5dfb3e2dead0633223b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 15:02:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9038085
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Jun 2024 15:02:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=91644&v=5.25.0&otl=1&p0=e%3Dvpg&adce=1&bundle=sT8Rxl8yakVhZzNiTDRNQWs4RGpUbW1vSE1BR2ZhS1VLc2VlVjRyeHVxVHBOVkhMNTcwblc1QkhZNjJCZ0Z5MW5qaGgwMDFGZ1pFUlc5cTViJTJCNGslMkZIeVBRV2I1WnEyMmhtRnkxRkVXYUl2em5JbUM3NXZsYnU3cVlhMmFYWXRzR1g3bm5Db2pIQ0tZelpEanFVN2d0RERYUU84WUFwcVZYJTJGNE4yOWc4RlN6QUhVJTJGTSUzRA&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation&ceid=2acd238c-4158-40e5-95de-d6071c965a7f
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
14978355
timing-allow-origin
*
content-length
0
expires
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je46c0v9176637411za200zb850445531&_p=1718290952193&gcs=G111&gcd=13v3v3v2v5&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=1468681796.1718290954&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718290953&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=scroll&epn.percent_scrolled=90&_et=23&tfd=7109
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 13 Jun 2024 15:02:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
register-trigger
measurement-api.criteo.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://measurement-api.criteo.com/register-trigger?partner_id=91644&uid=d4cf7147-94a6-4ea2-a123-7f9124aa20e9&event_name=ViewPage&islcc=0&amount_local=0&amount_euro=0&client_side_event_id=2acd238c-4158-40e5-95de-d6071c965a7f
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyNQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::19 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://saynotobald.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 15:02:38 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"8259798204788951246","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"}
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://saynotobald.com
access-control-allow-credentials
true
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.regrowhairformula.com
URL
https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 undefined| event object| fence object| sharedStorage object| dataLayer function| fbq function| _fbq object| lazySizesConfig object| lazySizes function| init function| adjustVideoPlayerSize function| onYouTubeIframeAPIReady function| getVideoStartTime function| onProgress function| updateTime function| setTapImageSource function| showTapImage function| hideTapImage function| showNextStepButton function| videoChangeGo function| handleKeyboardEvent function| isFacebookApp function| smoothScrollTo function| calculateScrollTopPosition function| showCookiesBanner function| acceptCookies function| setCookie function| getCookie function| toOrderForm object| google_tag_manager object| google_tag_data object| __tfa_pixel_init object| _tfa function| snaptr function| twq function| clarity string| TiktokAnalyticsObject object| ttq object| _scPxHelper object| _scPxTeller object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| Criteo object| criteo_q object| TimeMe boolean| _ucaloaded string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent object| _uca function| ucaEvent boolean| ucaInit object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_3412e29479 object| uetq object| regeneratorRuntime object| twttr object| SIGNAL_TYPE object| EF function| gtag object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| clarityuetq

40 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: d8adc6ba02b1462ba930cf4572193de0
.saynotobald.com/ Name: _gcl_au
Value: 1.1.1254109126.1718290953
.youtube.com/ Name: YSC
Value: 8Wg2OmPo4DY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: PUGt0RQs8e0
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgXQ%3D%3D
secure.regrowhairformula.com/ Name: AWSALBCORS
Value: DfIVEE+d0f8jqUJopCoxMpgKYD9gdoSZwdOWkGM9lqEZYv2B2Uwf5yGJ+v/zPDhSy4pfWNdZll3h6qGqGPwp0aF0m0fpYtnFZhjrL6A1rncfuKqGbzr63+i21qYI
.saynotobald.com/ Name: _scid
Value: d7a7ccc5-05e7-4d0c-9140-c8fd67b19b08
.saynotobald.com/ Name: _scid_r
Value: d7a7ccc5-05e7-4d0c-9140-c8fd67b19b08
.saynotobald.com/ Name: _fbp
Value: fb.1.1718290953345.610158367375696501
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgREAMQQEwIrMEOQox/ukCsVnFyUO6CF8ZmSVReH/Jfad3dG6Ns8IJFZyug4/HNztjzIAAAA=
.saynotobald.com/ Name: _ga
Value: GA1.1.1468681796.1718290954
.saynotobald.com/ Name: _ga_19QC860WB0
Value: GS1.1.1718290953.1.0.1718290953.60.0.0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: d4cf7147-94a6-4ea2-a123-7f9124aa20e9
.tiktok.com/ Name: _ttp
Value: 2hpVM2DnneoJn7PWU8AlBQVM0cF
.saynotobald.com/ Name: _uetsid
Value: f6b6c1a0299511ef936dad56bc273aa2
.saynotobald.com/ Name: _uetvid
Value: f6b80130299511ef8716252ccb20def2
.doubleclick.net/ Name: ar_debug
Value: 1
www.clarity.ms/ Name: CLID
Value: 402bd2bf41b648e887398b5c067a458b.20240613.20250613
.saynotobald.com/ Name: cto_bundle
Value: sT8Rxl8yakVhZzNiTDRNQWs4RGpUbW1vSE1BR2ZhS1VLc2VlVjRyeHVxVHBOVkhMNTcwblc1QkhZNjJCZ0Z5MW5qaGgwMDFGZ1pFUlc5cTViJTJCNGslMkZIeVBRV2I1WnEyMmhtRnkxRkVXYUl2em5JbUM3NXZsYnU3cVlhMmFYWXRzR1g3bm5Db2pIQ0tZelpEanFVN2d0RERYUU84WUFwcVZYJTJGNE4yOWc4RlN6QUhVJTJGTSUzRA
.bing.com/ Name: MUID
Value: 1BAB0FD79AE865B337E51B4A9B63644D
.doubleclick.net/ Name: IDE
Value: AHWqTUnq0rBlLT68HccEQcihukaOT9tObbZHdRpO1iOqJgOTKmNXZJhYR30r2_0F
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.saynotobald.com/ Name: _clck
Value: p694ay%7C2%7Cfml%7C0%7C1625
.saynotobald.com/ Name: _tt_enable_cookie
Value: 1
.saynotobald.com/ Name: _ttp
Value: MZjZXKu1eMFgZ1USUvqKhmJmKS5
.saynotobald.com/ Name: ucacid
Value: 870987394.141390
.twitter.com/ Name: guest_id_marketing
Value: v1%3A171829095399383110
.twitter.com/ Name: guest_id_ads
Value: v1%3A171829095399383110
.twitter.com/ Name: personalization_id
Value: "v1_wW0Kvm7rdDvwBPluJDc+eg=="
.twitter.com/ Name: guest_id
Value: v1%3A171829095399383110
.t.co/ Name: muc_ads
Value: 3d3d1c12-a168-4597-8364-5f8608a00918
.saynotobald.com/ Name: _clsk
Value: 17irpjt%7C1718290954555%7C1%7C1%7Cq.clarity.ms%2Fcollect
saynotobald.com/ Name: /presentation:watchVideoTime:UVHnhOaw7F0
Value: 0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1BAB0FD79AE865B337E51B4A9B63644D
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1BAB0FD79AE865B337E51B4A9B63644D
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12217290.fls.doubleclick.net
14028140.fls.doubleclick.net
ad.doubleclick.net
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.taboola.com
connect.facebook.net
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
measurement-api.criteo.com
psb.taboola.com
q.clarity.ms
region1.analytics.google.com
saynotobald.com
sc-static.net
secure.regrowhairformula.com
service3.purehealthresearch.com
sslwidget.criteo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
tr6.snapchat.com
trc-events.taboola.com
trc.taboola.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.ibph4trk.com
www.youtube-nocookie.com
www.youtube.com
secure.regrowhairformula.com
104.244.42.131
13.32.23.43
134.209.162.206
141.226.228.48
142.250.186.134
142.250.186.34
142.250.186.35
143.204.205.89
146.75.120.157
151.101.1.44
161.35.48.155
172.217.18.4
178.250.1.9
18.239.98.245
2.16.1.139
20.231.53.73
2001:4860:4802:34::36
2620:1ec:29:1::45
2620:1ec:c11::237
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::200e
2a00:1450:400c:c09::9d
2a02:2638:3::19
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.107.199.247
35.190.43.134
68.219.88.97
74.119.117.16
93.184.221.165
02660f9cd38ea499474d8ead6fd8657654ecea09aab69ebb18a33da225532b59
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
03b8970524212903ed5e8da72d99351e9ac4510cf8e898f94c8b8191a96014da
13f3ee954b3c1d3371bccff14f8c7cb5917a4b273204da1da60270922f8929a2
196a3813e754bc0889180f2d4d803b24b7c7bcb23841ab3c4afa648d470cdfe1
1b593a3379b6ba352db1a3c7d7285544e796ff62e63bffc5dc42513e6a45577b
1fd1660bfa96525b1e1edceb128244dba187cfee4af097c8decc3012d61507dd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
4805ef81fe77acaa28e334ceaf5b9e2773cfffaf6d53f0b01811c57f19fe4802
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
50bbef3b0717dd7f3e44094d6da8a5c634ca127a292cea36d0ba5f5035ee5bf7
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
69711e16fff54adab001489ef3256f39365b0311bac51e7d32e94722bf4a82bc
6b1dbd70a461a34e78b3d65c8a0cffc911c282a8c2ade167e8ccdd8a3704d7ae
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
7e83de4a9969104f402f7fb1ca8c9eb09633efe5049e443d4aea0b9467643582
80df7a43e757b2588c239e8ef060401821a45f07e1b5f61daebb69e13450ab9e
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8bb7ae3585c4509d4b880f0f0f6b21095db4bdd36dc891866a2b22635eb0c919
8de36c476ab08d044f6236d6e09a4adbf00d2ac3b3c99ac01de9ef4ae033ddf0
92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c40ba0fef9934e31f2cf69644ea7c6ebe3b8d69868a92d6a31eab7211610caa
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
a47e8dfabfb472192c82c8d03cb2e526fd5c2cc53778c5460c7e6e25ee81b8c2
a63358af0ecf02a4b1fba442cbb8ce4d5924c5bf406fefa9983160bcd31285a5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaf87d2e1b23bc2354e48b7c1583d123e8ad757c382f5dfb3e2dead0633223b7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6
b9750931421c5b6b4d52d29718f0942f7e9d6c369b91e5e07555112d872ff42e
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
be555ccfab96036d222543b8b031a81a9e76eba9d7c7d1342709f64b9a8c1f24
c564265302b1530dca2bb76828ac428462c996f2f5e77f10bab8f58aba29a464
c6be9c2b4b586338acb4905892d5330c51e109f1da0e7a0d6bc7478cce89cf84
cba9cd2c287b2fc51ce3e24b34f74bced15bcbed77bf7f21152a3bac98042e8a
cdbc052ae1fd704bb743a8949c760d6b687f51045a0a92d1926ca9b1d69ee750
d5d3c6093132b31505e8736c771bdbdb3ff52fe0c1a7f913894f6d8a209945a4
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49dd57fd6b3336e35d411e47ffe455d93a5f65e2b2ba9bffe5500f869a52e83
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fbf3694b1a78e336d653887b16068fa28a900c63274582b454de3692e59ad4bb