saynotobald.com Open in urlscan Pro
161.35.48.155 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://saynotobald.com/0.40590006563983994
Effective URL:
https://saynotobald.com/presentation
Submission: On March 21 via api (March 21st 2024, 9:23:34 pm UTC) from US — Scanned from US

Summary HTTP 97 Redirects Behaviour Indicators

Summary

This website contacted 40 IPs in 1 countries across 29 domains to perform 97 HTTP transactions. The main IP is 161.35.48.155, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is saynotobald.com.
TLS certificate: Issued by R3 on January 23rd 2024. Valid for: 3 months.

This is the only time saynotobald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	161.35.48.155 161.35.48.155	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
2	18.205.82.20 18.205.82.20	14618 (AMAZON-AES) (AMAZON-AES)
6	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
14	2607:f8b0:400... 2607:f8b0:4004:c17::be	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c19::5d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::68	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::77	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001::f 2620:100:a001::f	19750 (AS-CRITEO) (AS-CRITEO)
4	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	54.230.48.245 54.230.48.245	16509 (AMAZON-02) (AMAZON-02)
1	3.161.210.15 3.161.210.15	16509 (AMAZON-02) (AMAZON-02)
1	34.107.199.247 34.107.199.247	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
3	2603:1062:10:... 2603:1062:10:a::1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	23.33.40.79 23.33.40.79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	142.251.167.148 142.251.167.148	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9c	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
3	3.162.7.231 3.162.7.231	16509 (AMAZON-02) (AMAZON-02)
1 7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2	52.184.204.244 52.184.204.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2607:f8b0:400... 2607:f8b0:4004:c1f::9d	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	141.226.124.48 141.226.124.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	134.209.162.206 134.209.162.206	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	20.125.209.212 20.125.209.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
97	40

6 161.35.48.155 (North Bergen, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: saynotobald.com

saynotobald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.205.82.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-82-20.compute-1.amazonaws.com

secure.regrowhairformula.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c17::be (Washington, United States)

ASN15169 (GOOGLE, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::5d (Washington, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::77 (Washington, United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::f (United States)

ASN19750 (AS-CRITEO, US)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.48.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-48-245.yul62.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.210.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-210-15.yul62.r.cloudfront.net

d9i5ve8f04qxt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.199.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com

www.ibph4trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2603:1062:10:a::1 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.33.40.79 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-40-79.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.167.148 (Farmingdale, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f148.1e100.net

14028140.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12217290.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.162.7.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-7-231.yul62.r.cloudfront.net

d1pqvb2h9xgm7r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::9d (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

service3.purehealthresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.125.209.212 (Chicago, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 3788	1 MB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1307 trc.taboola.com — Cisco Umbrella Rank: 954 pips.taboola.com — Cisco Umbrella Rank: 2146 cds.taboola.com — Cisco Umbrella Rank: 2509 trc-events.taboola.com — Cisco Umbrella Rank: 2591	34 KB
7	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 981 tr6.snapchat.com — Cisco Umbrella Rank: 1404	2 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1162 n.clarity.ms — Cisco Umbrella Rank: 8666 c.clarity.ms — Cisco Umbrella Rank: 1824	24 KB
6	doubleclick.net 3 redirects 14028140.fls.doubleclick.net — Cisco Umbrella Rank: 741554 12217290.fls.doubleclick.net — Cisco Umbrella Rank: 503814 stats.g.doubleclick.net — Cisco Umbrella Rank: 195 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	4 KB
6	google.com www.google.com — Cisco Umbrella Rank: 5 analytics.google.com — Cisco Umbrella Rank: 258 adservice.google.com — Cisco Umbrella Rank: 190	21 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	484 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 jnn-pa.googleapis.com — Cisco Umbrella Rank: 293	44 KB
6	saynotobald.com 2 redirects saynotobald.com	357 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 818	153 KB
5	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3803 gum.criteo.com — Cisco Umbrella Rank: 622 mug.criteo.com — Cisco Umbrella Rank: 1939	49 KB
4	cloudfront.net d9i5ve8f04qxt.cloudfront.net d1pqvb2h9xgm7r.cloudfront.net	21 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 643 c.bing.com — Cisco Umbrella Rank: 427	16 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 862	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 168	22 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1158	38 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 78	69 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 251	72 KB
2	regrowhairformula.com secure.regrowhairformula.com	2 KB
1	purehealthresearch.com service3.purehealthresearch.com — Cisco Umbrella Rank: 363929
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1224	723 B
1	t.co t.co — Cisco Umbrella Rank: 766	374 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1208	15 KB
1	ibph4trk.com www.ibph4trk.com — Cisco Umbrella Rank: 585632	19 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 108	45 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 211	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	274 B
0	googlevideo.com Failed rr2---sn-ab5l6nrz.googlevideo.com Failed
97	29

	Domain	Requested by
14	www.youtube-nocookie.com	saynotobald.com www.youtube-nocookie.com
6	tr.snapchat.com	1 redirects sc-static.net saynotobald.com
6	www.googletagmanager.com	saynotobald.com www.googletagmanager.com
6	saynotobald.com	2 redirects saynotobald.com
5	analytics.tiktok.com	saynotobald.com analytics.tiktok.com
4	jnn-pa.googleapis.com	www.youtube-nocookie.com
3	d1pqvb2h9xgm7r.cloudfront.net	d9i5ve8f04qxt.cloudfront.net
3	www.clarity.ms	saynotobald.com www.clarity.ms bat.bing.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com saynotobald.com
3	cdn.taboola.com	www.googletagmanager.com cdn.taboola.com
2	c.clarity.ms	1 redirects
2	trc-events.taboola.com	cdn.taboola.com
2	pixel.tapad.com	2 redirects
2	adservice.google.com	14028140.fls.doubleclick.net 12217290.fls.doubleclick.net
2	www.googleadservices.com	14028140.fls.doubleclick.net www.googleadservices.com
2	n.clarity.ms	www.clarity.ms
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	analytics.google.com	www.googletagmanager.com
2	12217290.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	14028140.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	sc-static.net	www.googletagmanager.com tr.snapchat.com
2	dynamic.criteo.com	www.googletagmanager.com
2	www.google.com	www.youtube-nocookie.com 14028140.fls.doubleclick.net
2	fonts.gstatic.com	www.youtube-nocookie.com
2	www.youtube.com	saynotobald.com www.youtube.com
2	connect.facebook.net	saynotobald.com connect.facebook.net
2	secure.regrowhairformula.com	saynotobald.com secure.regrowhairformula.com
2	fonts.googleapis.com	saynotobald.com
1	c.bing.com	1 redirects
1	service3.purehealthresearch.com	saynotobald.com
1	cds.taboola.com	cdn.taboola.com
1	googleads.g.doubleclick.net	1 redirects
1	tr6.snapchat.com	sc-static.net
1	pips.taboola.com	cdn.taboola.com
1	mug.criteo.com	saynotobald.com
1	trc.taboola.com	cdn.taboola.com
1	analytics.twitter.com	saynotobald.com
1	t.co	saynotobald.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.ads-twitter.com	saynotobald.com
1	www.ibph4trk.com	www.googletagmanager.com
1	d9i5ve8f04qxt.cloudfront.net	www.googletagmanager.com
1	i.ytimg.com	www.youtube-nocookie.com
1	yt3.ggpht.com	www.youtube-nocookie.com
1	www.facebook.com	saynotobald.com
0	rr2---sn-ab5l6nrz.googlevideo.com Failed	www.youtube-nocookie.com
97	46

This site contains no links.

Subject Issuer	Validity	Valid
saynotobald.com R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
secure.regrowhairformula.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-11` - `2024-09-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-30` - `2024-03-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
p8btrk.com Starfield Secure Certificate Authority - G2	`2023-11-30` - `2024-12-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-04` - `2025-01-02`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
service3.purehealthresearch.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://saynotobald.com/presentation
Frame ID: B3B98E6AF86C374E5BB42A69A27F47D9
Requests: 59 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: CCABD586062595FC57649BAF7449CC03
Requests: 24 HTTP requests in this frame

Frame: https://14028140.fls.doubleclick.net/activityi;dc_pre=CPWyyoulhoUDFb3DwgQdAq8LhA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=4352572455862;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: DC66787243A4DEFC8C79A9D6EF20E516
Requests: 5 HTTP requests in this frame

Frame: https://12217290.fls.doubleclick.net/activityi;dc_pre=CJLB0oulhoUDFaHRwgQdXEsPeg;src=12217290;type=regro0;cat=rg_al0;ord=1;num=8503191734215;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: 976C2FA0F3BA1F29E6AE83D4288E9CC4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag
Frame ID: 2A1CC36C8B8BDD1E476EDD78903DDA24
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=244033eb-1a5f-4716-a4e7-16c59c56bcec&u_sclid=afc9c871-09d7-4e24-913b-3ab80f81ca2b
Frame ID: C7FF28529402B6B7D5D46BBFDE136F5B
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1710989092262&pnid=140&pcid=766755e7-ead9-4007-aa28-2e35ee8befb6
Frame ID: 0EBC480750FD9666294D95985CFA3A2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ReGrow

Page URL History Show full URLs

http://saynotobald.com/0.40590006563983994 HTTP 301
https://saynotobald.com/0.40590006563983994 HTTP 302
https://saynotobald.com/presentation Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

97
Requests

95 %
HTTPS

49 %
IPv6

29
Domains

46
Subdomains

40
IPs

1
Countries

2584 kB
Transfer

7366 kB
Size

49
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://saynotobald.com/0.40590006563983994 HTTP 301
https://saynotobald.com/0.40590006563983994 HTTP 302
https://saynotobald.com/presentation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=4352572455862;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation HTTP 302
https://14028140.fls.doubleclick.net/activityi;dc_pre=CPWyyoulhoUDFb3DwgQdAq8LhA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=4352572455862;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation

Request Chain 54

https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=8503191734215;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation HTTP 302
https://12217290.fls.doubleclick.net/activityi;dc_pre=CJLB0oulhoUDFaHRwgQdXEsPeg;src=12217290;type=regro0;cat=rg_al0;ord=1;num=8503191734215;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation

Request Chain 69

https://gum.criteo.com/sid/json?origin=onetag&domain=saynotobald.com&sn=ChromeSyncframe&so=0&topUrl=saynotobald.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=1V0YYXx4Um4vSExiOVRyVmc0SlJUZ2JwSWpWV1JibFQvYnlpaG13WlAxZnpjdXY3UzYwcDFxZVY5bWpJZDZRVC9qUlptaTdNNjNlNzh3S1VlSHQ3TTd3cXV5eGJiZFN3anozOGp4dmlWWWtZcFVCRmRqRmVQTTFkb0Y2K0h3cXdKdkFnbUJqbkpFQ25jTFRzWU1CWjJ2QnNPZHp4bEc5dWdJWUpyaWpqTnVTc3ZVUzR6RFZ4UHViT1ZlcFFPN3M0TG9iMHlhZ3c3eHNHeUEyMHNuOVU1U1VxZm5qR2wrbGlQMmVIa29BR25nbTZnU0ltVVlOcjA4eDkwQlFZSldmWWpSMUFTZm12SVJBdzFyYjlGTnRXQ21rVWNFVjR4V3BtSmVvb0dkdEVGQVpvYjBmYz18&cppv=2

Request Chain 85

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1711056208530&u_scsid=730404f5-9150-473a-b51d-db8bcade8e8b&u_sclid=0e70579a-ff6c-4399-9427-bbe8d0254f35 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710989092262%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710989092262%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1710989092262&pnid=140&pcid=766755e7-ead9-4007-aa28-2e35ee8befb6

Request Chain 89

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11460447661/?random=933187241&cv=9&fst=1711056208590&num=1&npa=1&label=1W3fCN7qgowZEK2b4tgq&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F14028140.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPWyyoulhoUDFb3DwgQdAq8LhA%3Bsrc%3D14028140%3Btype%3Dinvmedia%3Bcat%3Drg_al0%3Bord%3D1%3Bnum%3D4352572455862%3Bnpa%3D0%3Bauiddc%3D1730810139.1711056207%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bpscdl%3Dnoapi%3Bgtm%3D45fe43k0z8850445531za201%3Bgcd%3D13l3l3l3l1%3Bdma%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fsaynotobald.com%252Fpresentation%3F&ref=https%3A%2F%2Fsaynotobald.com%2F&top=https%3A%2F%2Fsaynotobald.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIl-GFjKWGhQMVjx7QBB33FwKwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjolaHR0cHM6Ly8xNDAyODE0MC5mbHMuZG91YmxlY2xpY2submV0Lw HTTP 302
https://www.google.com/pagead/1p-conversion/11460447661/?random=933187241&cv=9&fst=1711056208590&num=1&npa=1&label=1W3fCN7qgowZEK2b4tgq&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F14028140.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPWyyoulhoUDFb3DwgQdAq8LhA%3Bsrc%3D14028140%3Btype%3Dinvmedia%3Bcat%3Drg_al0%3Bord%3D1%3Bnum%3D4352572455862%3Bnpa%3D0%3Bauiddc%3D1730810139.1711056207%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bpscdl%3Dnoapi%3Bgtm%3D45fe43k0z8850445531za201%3Bgcd%3D13l3l3l3l1%3Bdma%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fsaynotobald.com%252Fpresentation%3F&ref=https%3A%2F%2Fsaynotobald.com%2F&top=https%3A%2F%2Fsaynotobald.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIl-GFjKWGhQMVjx7QBB33FwKwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjolaHR0cHM6Ly8xNDAyODE0MC5mbHMuZG91YmxlY2xpY2submV0Lw&is_vtc=1&cid=CAQSKQB7FLtqXDwWQQSYWEZBg6Q-ml0p-u6Ny8UOhqvlt_eQytZiY1Dx5uqS&random=4261667665&resp=GooglemKTybQhCsO

Request Chain 93

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F987D1516E4D453B91D40C39C8FA7F29&RedC=c.clarity.ms&MXFR=35D72C007F07663A2EED38497B076818 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F987D1516E4D453B91D40C39C8FA7F29&MUID=373F7DBB969C659903B969F2979B6467

97 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request presentation Show response
saynotobald.com/
Redirect Chain

http://saynotobald.com/0.40590006563983994
https://saynotobald.com/0.40590006563983994
https://saynotobald.com/presentation

51 KB
14 KB

97ms
96ms

Document
text/html

161.35.48.155
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://saynotobald.com/presentation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: saynotobald.com
Software: nginx / Express
Resource Hash: 38a99a9d37d2c213bd1f589b46f629d8f4c4a27f57796e1ef1ec0e879a53cccc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Mar 2024 21:23:25 GMT
ETag: W/"ca13-2F8vpqqp5UQ9Y5QtN5bwS2achD0"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

Redirect headers

Connection: keep-alive
Content-Length: 70
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Mar 2024 21:23:25 GMT
Location: /presentation
Server: nginx
Vary: Accept
X-Powered-By: Express
pageNotFound: true

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 147ms
53ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 20:37:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 21:23:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
1 KB 152ms
58ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 21:22:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 21:23:25 GMT

GET
H/1.1 200
OK play-img-d.gif
saynotobald.com/img/video/ 302 KB
302 KB 57ms
49ms Image
image/gif 161.35.48.155
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saynotobald.com/img/video/play-img-d.gif
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: saynotobald.com
Software: nginx / Express
Resource Hash: 92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/presentation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 21:23:25 GMT
Last-Modified: Wed, 30 Aug 2023 07:18:00 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"4b87a-18a454e656e"
Content-Type: image/gif
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 309370

GET
H2 200 UCAffiliateNetworkPixel Show response
secure.regrowhairformula.com/cgi-bin/ 2 KB
1 KB 183ms
65ms Script
text/javascript 18.205.82.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.205.82.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-82-20.compute-1.amazonaws.com

Software

Apache /

Resource Hash

bde2472a76e01f194919d637e205051b6e966692237a60d113e3bd7c130bf25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 857

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 349 KB
104 KB 1229ms
1148ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7caf10fb55ad4b636a9e6af753ce6531b3c5200fbb09ec14cf7134a0d012aecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106351
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 21:23:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 112ms
36ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 21 Mar 2024 21:23:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=12, mss=1294, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: iRdl2sf0i32S1w1SQ6XK9K3F/+704U+0LpCWz7rDdaCWPOQZgEPrTLoTAwP4zlJNsYCoPowKmPujmieyo/kBgw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 UVHnhOaw7F0 Show response
www.youtube-nocookie.com/embed/ Frame CCAB 90 KB
39 KB 201ms
112ms Document
text/html 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e7e76a0119e7e42fcf5410ae038717aefff3dd9dd56adc6340257923b3e6673

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 21:23:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmDnk0SIEsH4Bi0uvITor+113VdZiHamGsT0EG6UHXgEXROwfKYSeE1NWAqwKRr6CFPJ/xqXmMgs+r58fAMEMQgAAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 158ms
69ms Script
text/javascript 2607:f8b0:4004:c19::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bb22e81453d6b69b10d640ba35b9a6ff3cc402d23e8b034bb3a1f1cee362084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 21 Mar 2024 21:23:25 GMT

GET
H/1.1 200
OK dr-holly.png
saynotobald.com/img/featured-on/holly/ 15 KB
15 KB 45ms
44ms Image
image/png 161.35.48.155
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saynotobald.com/img/featured-on/holly/dr-holly.png
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: saynotobald.com
Software: nginx / Express
Resource Hash: b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/presentation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 21:23:25 GMT
Last-Modified: Wed, 30 Aug 2023 07:18:00 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"3a1c-18a454e64f6"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14876

GET
H/1.1 200
OK featured-logo.svg
saynotobald.com/img/featured-on/holly/ 65 KB
25 KB 92ms
47ms Image
image/svg+xml 161.35.48.155
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saynotobald.com/img/featured-on/holly/featured-logo.svg
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: saynotobald.com
Software: nginx / Express
Resource Hash: 4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/presentation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 21:23:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 07:18:00 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"104e7-18a454e64f6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Connection: keep-alive

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/589f1394/www-widgetapi.vflset/ 216 KB
67 KB 41ms
40ms Script
text/javascript 2607:f8b0:4004:c19::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/589f1394/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa0d66887bc53fa2c3aae867f345f2765cd72da482bf5b297fedcdc56259f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68373
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 04:21:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Mar 2025 20:19:44 GMT

GET
H2 200 810524130072458 Show response
connect.facebook.net/signals/config/ 59 KB
14 KB 38ms
37ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/810524130072458?v=2.9.150&r=stable&domain=saynotobald.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee8e0d8f793f8db05ce81c61a24e3285a971ecb4e5395d5a48b64c53983485d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 21 Mar 2024 21:23:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13632
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=63, mss=1294, tbw=62790, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: yBmadzIguI3JTJv6Kez2OWqw5caeAWvPb7uEyjC1WnPpthDJ5O6ERFHfBTNA1tp1JFeEISX9mo8ktc4oz2eetA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube-nocookie.com/s/player/589f1394/ Frame CCAB 371 KB
47 KB 40ms
39ms Stylesheet
text/css 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/589f1394/www-player.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e9bc168bcafb793c1f88803b8d62bae049d099b4d59eb15117f060ecba8e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48009
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 04:21:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Mar 2025 13:36:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CCAB 15 KB
16 KB 590ms
40ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:05:41 GMT
x-content-type-options: nosniff
age: 1065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 21:05:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CCAB 15 KB
15 KB 601ms
51ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:22:31 GMT
x-content-type-options: nosniff
age: 55
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 21:22:31 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/589f1394/www-embed-player.vflset/ Frame CCAB 320 KB
96 KB 40ms
39ms Script
text/javascript 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/589f1394/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a4914076688cc439ac8dbf82ed794170e03ef887d68d999db2a712d5c8f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 20:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97800
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 04:21:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Mar 2025 20:25:43 GMT

GET
H2 200 base.js Show response
www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/ Frame CCAB 2 MB
782 KB 80ms
80ms Script
text/javascript 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6890437664e68fe9660afdc4df5ad9f86538df9def33855673432cade3cf12f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 800476
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 04:21:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Mar 2025 14:02:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 554ms
38ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&rl=&if=false&ts=1711056206016&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1711056206014.1589468076&ler=empty&cdl=API_unavailable&it=1711056205957&coo=false&rqm=GET

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=10, mss=1294, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 21:23:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 UCAffiliateNetworkPixel
secure.regrowhairformula.com/cgi-bin/ 0
379 B 54ms
54ms Stylesheet
text/plain 18.205.82.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel?t=0.3306771086435656&r=&u=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Requested by: Host: secure.regrowhairformula.com
URL: https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.205.82.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-82-20.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:26 GMT
content-length: 0
server: Apache

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CCAB 88 KB
41 KB 56ms
54ms XHR
application/json+protobuf 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2ee565220ffaf5c610c986b1978f92cdaa58cb300a86276f95bfdfd7db01345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Mar 2024 21:23:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41648
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame CCAB 56 KB
27 KB 107ms
107ms XHR
application/json 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/player?prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

a54a68bda21597b76806840d531a36e324284545754d69343ea0db45602f92b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240317.00.00
X-Goog-Visitor-Id: CgtLOWdZZWRzelY2QSjNyvKvBjIKCgJVUxIEGgAgXA%3D%3D

Response headers

date: Thu, 21 Mar 2024 21:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27566
x-xss-protection: 0

GET
H2 200 xe0jpUv_7_XFNSeMfyfrZkLqPrcN-pIWT6_UXz51XO0.js Show response
www.google.com/js/th/ Frame CCAB 51 KB
20 KB 269ms
41ms Script
text/javascript 2607:f8b0:4004:c0b::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/xe0jpUv_7_XFNSeMfyfrZkLqPrcN-pIWT6_UXz51XO0.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ed23a54bffeff5c535278c7f27eb6642ea3eb70dfa92164fafd45f3e755ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 11:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 552829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20257
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Mar 2025 11:49:37 GMT

GET
H3 200 embed.js Show response
www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/ Frame CCAB 57 KB
18 KB 41ms
40ms Script
text/javascript 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b2575e8d627e2ed605719a2fadcb4fa293c075dcacd81e5383ef1c5b05f1bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18089
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 04:21:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Mar 2025 12:11:17 GMT

GET
DATA 200
OK truncated
/ Frame CCAB 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 gJVHPB_iqmZKlOOFzxsZB9KZziaIn84Pc_LXDVPCV4r2xwRXZlkpbDQ4fmK4ulj989C26sBM=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame CCAB 1 KB
2 KB 246ms
39ms Image
image/jpeg 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/gJVHPB_iqmZKlOOFzxsZB9KZziaIn84Pc_LXDVPCV4r2xwRXZlkpbDQ4fmK4ulj989C26sBM=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a763d5da382bf5ed52f61f58a3d8d010cea1e7fa1f8bb485463379d23c86c65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 20:15:06 GMT
x-content-type-options: nosniff
age: 4100
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1503
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 22 Mar 2024 20:15:06 GMT

POST
H3 200 embedded_player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame CCAB 35 KB
23 KB 76ms
75ms XHR
application/json 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/embedded_player?prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

f5ee7af23695f4cbcc56354930a31b28f658350ce87de74a6d6d88af1712f811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240317.00.00
X-Goog-Visitor-Id: CgtLOWdZZWRzelY2QSjNyvKvBjIKCgJVUxIEGgAgXA%3D%3D

Response headers

date: Thu, 21 Mar 2024 21:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23466
x-xss-protection: 0

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 306ms
45ms Preflight
text/html 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Mar 2024 21:23:26 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube-nocookie.com/api/stats/ Frame CCAB 0
17 B 52ms
52ms XHR
text/html 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?fmt=134&cpn=IfyspiQXEBAEliIc&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C73455%2C230596%2C84737%2C36318%2C6271%2C26439494%2C4054%2C7111%2C9369%2C10825%2C16149%2C9954%2C1191%2C26497%2C1598%2C3460%2C1908%2C2%2C6689%2C880%2C1127%2C15682%2C777%2C361%2C1822%2C2948%2C6761%2C796%2C643%2C58%2C4937%2C690%2C3268&cl=616530979&seq=1&docid=UVHnhOaw7F0&ei=TqX8ZdmPFOWZ_9EPpJyqkAQ&event=streamingstats&plid=AAYUMlFe4joTciU2&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2FUVHnhOaw7F0%3Fenablejsapi%3D1%26playsinline%3D1%26rel%3D0%26controls%3D0%26showinfo%3D0%26autoplay%3D1%26modestbranding%3D1%26iv_load_policy%3D3&qclc=ChBJZnlzcGlRWEVCQUVsaUljEAE&embargoed=0&cbr=Chrome&cbrver=122.0.6261.128&c=WEB_EMBEDDED_PLAYER&cver=1.20240317.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.010:B,0.261:B,0.261:B&cat=streaming&cmt=0.010:0.000,0.261:0.000&vfs=0.261:134:134::r&view=0.261:926:521&bwe=0.261:130000&bat=0.261:1:1&vis=0.261:0&bh=0.261:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version: 1.20240317.00.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtLOWdZZWRzelY2QSjNyvKvBjIKCgJVUxIEGgAgXA%3D%3D
X-YouTube-Ad-Signals: dt=1711056206221&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C926%2C521&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:26 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST videoplayback
rr2---sn-ab5l6nrz.googlevideo.com/ Frame CCAB 0
0

GET
H3 200 captions.js Show response
www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/ Frame CCAB 71 KB
24 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

117ec7824aa0c927983ca720f2831ec98d455d56c8efef316e6f912817c557ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 04:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24402
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 04:21:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Mar 2025 04:29:30 GMT

GET
H3 200 endscreen.js Show response
www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/ Frame CCAB 34 KB
8 KB 46ms
45ms Script
text/javascript 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e37dd418ccda4465ab559e27d0912fb158b267e0a935c6609e92714260ef8a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 04:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8431
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 04:21:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Mar 2025 04:48:37 GMT

POST
H3 200 next Show response
www.youtube-nocookie.com/youtubei/v1/ Frame CCAB 5 KB
2 KB 316ms
316ms XHR
application/json 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/next?prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0cf583c4a0eb4728e60d9ce54ddc6ff82bc4735dd038fa8b63a4a552065af22c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240317.00.00
X-Goog-Visitor-Id: CgtLOWdZZWRzelY2QSjNyvKvBjIKCgJVUxIEGgAgXA%3D%3D

Response headers

date: Thu, 21 Mar 2024 21:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1741
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube-nocookie.com/api/stats/ Frame CCAB 0
17 B 52ms
51ms XHR
text/html 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?fmt=134&afmt=251&cpn=IfyspiQXEBAEliIc&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C73455%2C230596%2C84737%2C36318%2C6271%2C26439494%2C4054%2C7111%2C9369%2C10825%2C16149%2C9954%2C1191%2C26497%2C1598%2C3460%2C1908%2C2%2C6689%2C880%2C1127%2C15682%2C777%2C361%2C1822%2C2948%2C6761%2C796%2C643%2C58%2C4937%2C690%2C3268&cl=616530979&seq=2&docid=UVHnhOaw7F0&ei=TqX8ZdmPFOWZ_9EPpJyqkAQ&event=streamingstats&plid=AAYUMlFe4joTciU2&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2FUVHnhOaw7F0%3Fenablejsapi%3D1%26playsinline%3D1%26rel%3D0%26controls%3D0%26showinfo%3D0%26autoplay%3D1%26modestbranding%3D1%26iv_load_policy%3D3&qclc=ChBJZnlzcGlRWEVCQUVsaUljEAI&embargoed=0&cbr=Chrome&cbrver=122.0.6261.128&c=WEB_EMBEDDED_PLAYER&cver=1.20240317.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&afs=0.265:251::i&cmt=0.281:0.000,0.293:0.000,0.295:0.000&vps=0.281:N,0.293:SU,0.295:SU&ctmp=dompaused:t.282;r.promise;m.NotAllowedError&bat=0.295:1:1&bh=0.295:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version: 1.20240317.00.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtLOWdZZWRzelY2QSjNyvKvBjIKCgJVUxIEGgAgXA%3D%3D
X-YouTube-Ad-Signals: dt=1711056206221&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C926%2C521&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:26 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/UVHnhOaw7F0/ Frame CCAB 44 KB
45 KB 126ms
42ms Image
image/jpeg 2607:f8b0:4004:c1d::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/UVHnhOaw7F0/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgWygRMA8=&rs=AOn4CLAvEapVQUBg56H6DklC2DFf83c1RQ

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb40d6e621c5d531d57d5e874c96762a5acc90d253c95e7ca0c80822f895e857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:00:41 GMT
x-content-type-options: nosniff
age: 1365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45439
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 23:00:41 GMT

GET
H3 204 generate_204
www.youtube-nocookie.com/ Frame CCAB 0
10 B 39ms
39ms Image
text/plain 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?Rndtyw
Requested by: Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 41ms
41ms Preflight
text/html 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Mar 2024 21:23:26 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CCAB 90 B
133 B 47ms
46ms XHR
application/json+protobuf 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76b890b6742e6bec211241e91bff56046a7d282c496bbf65882192275a4888c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Mar 2024 21:23:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 322ms
38ms Script
application/javascript 2620:100:a001::f
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=91644

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::f , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

995834e4963b3f7fd9850502b9bab3ee9771bf84e07fa303affa9a471cb07064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 360ms
77ms Script
application/javascript 2620:100:a001::f
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=92347

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::f , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

fe67da1d9111e427624f23b5a09addc6dacf2de4818ca8502757e30570390cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
98 KB 75ms
74ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a37ccdea1eb98e4589951e8dc4d64915abccc68601e7c60fb47222d19edb8eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 21:23:27 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1423196/ 69 KB
22 KB 359ms
90ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc985d1ef62209576d8eb5c4b30afba4940447b5eb45bdcba0629499a01ed2d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 3A8Q2nkkuMq21psVCBlJAKF2cgSDJ3yk
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Mar 2024 21:23:27 GMT
x-amz-request-id: QY0Z0W17DHZEPG48
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 21527
x-amz-id-2: AKJfVcbfwPgT+AcGVUxOtWmE2oE4s9+iA5JtLhy8Wqs0uZQsDARBjFawRqkCa4LjAmCs3D+aoWE=
x-served-by: cache-yyz4575-YYZ
last-modified: Mon, 18 Mar 2024 08:59:13 GMT
server: AmazonS3
x-timer: S1711056207.381976,VS0,VE62
etag: "356d990033cf39363599d6aeb413f490"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 43
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 90ms
90ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2824db0752da3f5ed63b73495ca530d7f7bc1c50794ca0a764218c44da44182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72064
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 21:23:27 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 325ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 21 Mar 2024 21:23:26 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2DF34A31DB924D279EA07D811DF5FCD7 Ref B: EWR311000107011 Ref C: 2024-03-21T21:23:27Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 scevent.min.js Show response
sc-static.net/ 44 KB
19 KB 342ms
74ms Script
application/javascript 54.230.48.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-245.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: gzip
via: 1.1 144825e0e5f4523d1f7ce8c9b62cd908.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 19117
x-amz-cf-id: RfryK6ywfc_D9ygW9vK_jLPLlVik7gHTNTgp0rXYV9jDTLN8coQDNA==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 89ms
89ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e96bbafac26cd94a236f6f0cf0acc2daf406832a7a397b85ae93ed5ee7b08ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72066
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 21:23:27 GMT

GET
H2 200 collect-g.js Show response
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 103 KB
20 KB 303ms
38ms Script
application/x-javascript 3.161.210.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.210.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-210-15.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08a5d3faf1218d1a3dc17a5f4b37b033fbd895a03872eacd53f9419b772419f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 20:25:22 GMT
content-encoding: gzip
via: 1.1 d9d0b19761149aebd7234df3fac341aa.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 521886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 20075
last-modified: Fri, 08 Mar 2024 20:09:31 GMT
server: AmazonS3
etag: "1521f6ec6a201e1beb42df9b625b455b"
content-type: application/x-javascript; charset=UTF-8
cache-control: max-age=604800,s-maxage=604800
accept-ranges: bytes
x-amz-cf-id: vo93SYD8WawY4CvqG1moaJA7_MF1v5_1mhW7EZ1JHNOgGjotTiV7XA==

GET
H2 200 everflow.js Show response
www.ibph4trk.com/scripts/sdk/ 60 KB
19 KB 347ms
82ms Script
text/javascript 34.107.199.247
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ibph4trk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.199.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 247.199.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ee5b11761bd4ac602a13816b6d26cef5323ccf591f80b06a44273b7c6ae0a6b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 31d68323-a825-4f57-b586-502463726837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 307ms
42ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000158-IAD

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 113ms
113ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12217290

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6cf9de94008c90a96bd2010253acaf8e0765013d75320969efbce9774f049e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72011
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 21:23:27 GMT

GET
H2 200 gnsm8am7co Show response
www.clarity.ms/tag/ 1017 B
1 KB 374ms
108ms Script
application/x-javascript 2603:1062:10:a::1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gnsm8am7co?ref=gtm2
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2603:1062:10:a::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9652ae54adbd9992537f73ddd3567121ca1f4a38fa2442b03eb3614c9e3fe971

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
date: Thu, 21 Mar 2024 21:23:27 GMT
x-azure-ref: 0T6X8ZQAAAAACqSZpbAfMTa87IZQV8UdMRE0yQUExMDkxMjA3MDM1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1017
expires: -1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 339ms
74ms Script
application/javascript 23.33.40.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-33-40-79.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ccb35e209f065628ee2425a824e21b596c113063ffa897e6d6d4da74db253b00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-akamai-request-id: af758da1.3e7eb80c
date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240321212327D51F2401B2C7B5A6775F-221EE51057952917-00
x-cache: TCP_MISS from a23-33-41-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
x-parent-response-time: 24,23.33.41.143
server-timing: cdn-cache; desc=MISS, edge; dur=13, origin; dur=13, inner; dur=4
content-length: 1863
pragma: no-cache
server: nginx
x-tt-logid: 20240321212327D51F2401B2C7B5A6775F
x-cache-remote: TCP_MISS from a23-48-200-211.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.48.200.211
x-tt-trace-host: 011ba866a0f8103d730e0ebb419fa6a97240346029c10d56e96e6208ea04d77a6bfebd20fec8f5312acd88f8f1f344f2d3fadceb90392f019ce1206397ff94169444d0edd5555e9124c35c156b802c4b38a2bb89d6d76f40c6b011a852f37af3fbf7c288fbd84863a38f0c33f7a8d05eea
expires: Thu, 21 Mar 2024 21:23:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 92ms
92ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-14028140

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a19861082dac85875c47a04143c5285239615748fdb64ecb439d92d98d01fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72011
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 21:23:27 GMT

GET
H2

200

activityi;dc_pre=CPWyyoulhoUDFb3DwgQdAq8LhA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=4352572455862;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap... Show response
14028140.fls.doubleclick.net/ Frame DC66
Redirect Chain

https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=4352572455862;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=n...
https://14028140.fls.doubleclick.net/activityi;dc_pre=CPWyyoulhoUDFb3DwgQdAq8LhA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=4352572455862;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;ua...

1 KB
858 B

129ms
124ms

Document
text/html

142.251.167.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14028140.fls.doubleclick.net/activityi;dc_pre=CPWyyoulhoUDFb3DwgQdAq8LhA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=4352572455862;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.148 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f148.1e100.net

Software

cafe /

Resource Hash

c1daccf2edef9e0e96e591f23f91ff36c08756b0255ab0a92e3596226f5849a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 553
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 21:23:27 GMT
expires: Thu, 21 Mar 2024 21:23:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 21:23:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14028140.fls.doubleclick.net/activityi;dc_pre=CPWyyoulhoUDFb3DwgQdAq8LhA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=4352572455862;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CJLB0oulhoUDFaHRwgQdXEsPeg;src=12217290;type=regro0;cat=rg_al0;ord=1;num=8503191734215;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;... Show response
12217290.fls.doubleclick.net/ Frame 976C
Redirect Chain

https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=8503191734215;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noa...
https://12217290.fls.doubleclick.net/activityi;dc_pre=CJLB0oulhoUDFaHRwgQdXEsPeg;src=12217290;type=regro0;cat=rg_al0;ord=1;num=8503191734215;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb...

521 B
330 B

132ms
131ms

Document
text/html

142.251.167.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12217290.fls.doubleclick.net/activityi;dc_pre=CJLB0oulhoUDFaHRwgQdXEsPeg;src=12217290;type=regro0;cat=rg_al0;ord=1;num=8503191734215;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.148 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f148.1e100.net

Software

cafe /

Resource Hash

b86f2798083f21c462860d2879a953c5ed4368a7403c25da78690b31e6dac828

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saynotobald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 21:23:28 GMT
expires: Thu, 21 Mar 2024 21:23:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 21:23:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12217290.fls.doubleclick.net/activityi;dc_pre=CJLB0oulhoUDFaHRwgQdXEsPeg;src=12217290;type=regro0;cat=rg_al0;ord=1;num=8503191734215;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 118ms
45ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je43k0v9176637411z8850445531za200&_p=1711056205611&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=529810357.1711056208&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711056207&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2496
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://saynotobald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 152ms
50ms Ping
text/plain 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-19QC860WB0&cid=529810357.1711056208&gtm=45je43k0v9176637411z8850445531za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://saynotobald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
374 B 144ms
52ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=ef8fadb6-3a68-44ad-9496-1abdda731054&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a341f0a1-8039-4cfc-b43a-067e9b59d6a2&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.29

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time: 7
date: Thu, 21 Mar 2024 21:23:26 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 0aea8281ea2dc8cd
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 9f801182a853ae83b8e8e94129e907c8448a9a9cf4c4b5ff93eac67370fb0e9e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 276ms
142ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=ef8fadb6-3a68-44ad-9496-1abdda731054&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a341f0a1-8039-4cfc-b43a-067e9b59d6a2&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.29

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time: 88
date: Thu, 21 Mar 2024 21:23:27 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 9437cf49f87623bc
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 70c1ed49dd5c1c95f69a46af0650d7405365f6867e1acdd78272597549c6ba24
content-length: 43

GET
H2 200 main.MWIzOGRhOGZjMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 425 KB
112 KB 66ms
65ms Script
application/javascript 23.33.40.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-33-40-79.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd4c3a41eccea0d5704ed6eb9cd22d25242dddb210cf8e5075b542a8af7cd9fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-akamai-request-id: 3e7eba22
date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240318105440869C83AD4E721EFE0579
x-tt-trace-id: 00-240318105440869C83AD4E721EFE0579-6A09E7B9B98BA794-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-33-41-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016bb0407f7d8e1d0df1d5fa498d782fed658f5f8314c74494d3c94005f45f4f7f3ba5808cb4860d070e3f7f6a1ec35480c6fff929985b91e793c854b3d79cb4b75a7a9213c3a73366f53eb0bc69bde3e45c30b6de09edc193059c86f1eaa7cfb0
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=20
content-length: 114348

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2A1C 14 KB
6 KB 113ms
37ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=91644

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://saynotobald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 21:23:27 GMT
server: Kestrel
server-processing-duration-in-ticks: 751553
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 id Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 29 B
370 B 218ms
133ms XHR
text/plain 3.162.7.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.regrowhairformula.com
Requested by: Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.7.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-7-231.yul62.r.cloudfront.net
Software: /
Resource Hash: 82c3b297f7128dc65affbc8bc4643465625704902a9f988dcdc5902a905c3cdc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
via: 1.1 327dc9ff74acc5a845efbe2daefaec7a.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
alt-svc: h3=":443"; ma=86400
content-length: 29
apigw-requestid: U_7EggH0IAMEV4Q=
x-amz-cf-id: pUcMaTmhn852qqDIIwP1Z1-HK5mzHU8LIkHEBwwwdE25nxQKGBOXlw==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.24/ 60 KB
20 KB 71ms
71ms Script
application/javascript 2603:1062:10:a::1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.24/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gnsm8am7co?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2603:1062:10:a::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: br
last-modified: Tue, 19 Mar 2024 12:23:39 GMT
etag: "0x8DC480F6888504A"
x-azure-ref: 0T6X8ZQAAAABDp/pFdWXSSZfpeFlK/+KDRE0yQUExMDkxMjA3MDM1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6cac2614-801e-003a-469f-7b34a3000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 json Show response
trc.taboola.com/1423196/trc/3/ 2 KB
2 KB 82ms
75ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1423196/trc/3/json?tim=1711056207683&data=%7B%22id%22%3A756%2C%22ii%22%3A%22%2Fpresentation%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1711056207652%2C%22cv%22%3A%2220240317-34-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpurehealthresearch-sc-regrowhair-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1711056207681%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%22%2C%22tos%22%3A25%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e81fa9e7db3839ed07311a954b9b41645d12e89540eed942d0267355251b426d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-vcl-time-ms: 50
date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.21375
x-fastly-to-nlb-rtt: 18919
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-yyz4575-YYZ
x-log-content-encoding: gzip
server: nginx
x-timer: S1711056208.703454,VS0,VE50
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 137023477.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 45ms
45ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137023477.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

13f3ee954b3c1d3371bccff14f8c7cb5917a4b273204da1da60270922f8929a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 21 Mar 2024 21:23:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E697842A5CC24A31850F8E0087E46600 Ref B: EWR311000107011 Ref C: 2024-03-21T21:23:27Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
362 B 61ms
60ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137023477&tm=gtm002&Ver=2&mid=176d45c2-aad5-4c77-bf1a-fbc7d20bf782&sid=420311d0e7c911ee81d731dbe49dc9ee&vid=42039cc0e7c911eebe10abeb09e0b4af&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=ReGrow&p=https%3A%2F%2Fsaynotobald.com%2Fpresentation&r=&lt=727&evt=pageLoad&sv=1&rn=897509

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Mar 2024 21:23:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D2B23E38507F43F882CCCF546B0C63A1 Ref B: EWR311000107011 Ref C: 2024-03-21T21:23:27Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 21444b75-45eb-4207-bb22-dc5f286db86b.js Show response
tr.snapchat.com/config/com/ 185 B
469 B 167ms
115ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/21444b75-45eb-4207-bb22-dc5f286db86b.js?v=3.12.0-2402271815

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

15fc4f4f41cce71191665c7e7061067c82e9275958257ca9464ff8c21958d60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://saynotobald.com/
Origin: https://saynotobald.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://saynotobald.com
x-envoy-upstream-service-time: 40
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame C7FF 672 B
1 KB 141ms
69ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=244033eb-1a5f-4716-a4e7-16c59c56bcec&u_sclid=afc9c871-09d7-4e24-913b-3ab80f81ca2b

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://saynotobald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Thu, 21 Mar 2024 21:23:27 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 1

GET
H2 200 p
tr.snapchat.com/ 68 B
302 B 145ms
75ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=21444b75-45eb-4207-bb22-dc5f286db86b&ev=PAGE_VIEW&intg=gtm&pids=21444b75-45eb-4207-bb22-dc5f286db86b&u_c1=dfd0c75c-a1c4-42f7-b53d-b51e15c83010&u_sclid=afc9c871-09d7-4e24-913b-3ab80f81ca2b&u_scsid=244033eb-1a5f-4716-a4e7-16c59c56bcec&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=727&m_fcps=809&m_pi=727&m_pl=0&m_pv=2&m_rd=2703&m_sh=1200&m_sl=1&m_sw=1600&pl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&trackId=2594fda8-08b5-4352-8b20-efc3fad4d317&ts=1711056207729&v=3.12.0-2402271815

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2A1C
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=saynotobald.com&sn=ChromeSyncframe&so=0&topUrl=saynotobald.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=1V0YYXx4Um4vSExiOVRyVmc0SlJUZ2JwSWpWV1JibFQvYnlpaG13WlAxZnpjdXY3UzYwcDFxZVY5bWpJZDZRVC9qUlptaTdNNjNlNzh3S1VlSHQ3TTd3cXV5eGJiZFN3anozOGp4dmlWWWtZcFVCRmRqRmVQTTFkb0Y2K0...

422 B
1 KB

364ms
39ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=1V0YYXx4Um4vSExiOVRyVmc0SlJUZ2JwSWpWV1JibFQvYnlpaG13WlAxZnpjdXY3UzYwcDFxZVY5bWpJZDZRVC9qUlptaTdNNjNlNzh3S1VlSHQ3TTd3cXV5eGJiZFN3anozOGp4dmlWWWtZcFVCRmRqRmVQTTFkb0Y2K0h3cXdKdkFnbUJqbkpFQ25jTFRzWU1CWjJ2QnNPZHp4bEc5dWdJWUpyaWpqTnVTc3ZVUzR6RFZ4UHViT1ZlcFFPN3M0TG9iMHlhZ3c3eHNHeUEyMHNuOVU1U1VxZm5qR2wrbGlQMmVIa29BR25nbTZnU0ltVVlOcjA4eDkwQlFZSldmWWpSMUFTZm12SVJBdzFyYjlGTnRXQ21rVWNFVjR4V3BtSmVvb0dkdEVGQVpvYjBmYz18&cppv=2

Requested by

Host: saynotobald.com
URL: https://saynotobald.com/presentation

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5f2fde87f241b98ebc4e3f4fb21b96e7d5bee539697ada2dbdfa9f4c8db3ba60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1789737
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=1V0YYXx4Um4vSExiOVRyVmc0SlJUZ2JwSWpWV1JibFQvYnlpaG13WlAxZnpjdXY3UzYwcDFxZVY5bWpJZDZRVC9qUlptaTdNNjNlNzh3S1VlSHQ3TTd3cXV5eGJiZFN3anozOGp4dmlWWWtZcFVCRmRqRmVQTTFkb0Y2K0h3cXdKdkFnbUJqbkpFQ25jTFRzWU1CWjJ2QnNPZHp4bEc5dWdJWUpyaWpqTnVTc3ZVUzR6RFZ4UHViT1ZlcFFPN3M0TG9iMHlhZ3c3eHNHeUEyMHNuOVU1U1VxZm5qR2wrbGlQMmVIa29BR25nbTZnU0ltVVlOcjA4eDkwQlFZSldmWWpSMUFTZm12SVJBdzFyYjlGTnRXQ21rVWNFVjR4V3BtSmVvb0dkdEVGQVpvYjBmYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 308839
content-length: 0
expires: 0

GET
H2 200 identify_05ea2.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 47ms
46ms Script
application/javascript 23.33.40.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_05ea2.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-33-40-79.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-akamai-request-id: 3e7ebc5d
date: Thu, 21 Mar 2024 21:23:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202403141341546A69ADE57D34A20CA53D
x-tt-trace-id: 00-2403141341546A69ADE57D34A20CA53D-28A8D3534A9CA24A-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-33-41-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0162886a4329f1ce6b659941d71cd5c1e05d568d3b0ef6aadde4bf08f5fe2a9becf53b6e7e2600b2cdc3bc162d28ae3491933b8ee61e78214e136d4915ec6955a40462749e774acd9460d7376b5313708174f1519521503fb1cde85ba07b28c24f
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 37139

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 239ms
237ms Ping
text/plain 23.33.40.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-33-40-79.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saynotobald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3e7ebd4b
date: Thu, 21 Mar 2024 21:23:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403212123279874A8F3A9FEB6DF480A-2C8DA2092F7BD13D-00
x-cache: TCP_MISS from a23-33-41-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
server-timing: inner; dur=44, cdn-cache; desc=MISS, edge; dur=8, origin; dur=60
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202403212123279874A8F3A9FEB6DF480A
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 60,23.33.41.143
x-tt-trace-host: 011ba866a0f8103d730e0ebb419fa6a97255beffd3883b222109b51c1dea2731bc0d16a9db910dd395187984e8d4cba43a5363699391e44e5cba41213e03f4bd98a00440e7639fef9c72ba20f76b0848207c0b327e3b846c699f73471e8c3f5800
access-control-allow-headers: Authorization,*
expires: Thu, 21 Mar 2024 21:23:27 GMT

POST
H2 200 rt Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 20 B
439 B 132ms
131ms XHR
application/json 3.162.7.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt

Requested by

Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.7.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-7-231.yul62.r.cloudfront.net

Software

Apache /

Resource Hash

7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saynotobald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 21 Mar 2024 21:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 327dc9ff74acc5a845efbe2daefaec7a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: YUL62-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
alt-svc: h3=":443"; ma=86400
content-length: 35
apigw-requestid: U_7EjhUAIAMEV4w=
x-amz-cf-id: W13XUAfg1esIE321OEaQjxWEfeNNbYN0-daV8pvaryQ_mf_r-YyrWA==

GET
H2 200 137023477 Show response
www.clarity.ms/tag/uet/ 829 B
1021 B 129ms
128ms Script
application/x-javascript 2603:1062:10:a::1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/137023477
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/137023477.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2603:1062:10:a::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d5cfb61c5c9e1a0a6849548f84f3d95f9b3c982da422a064af76ed1103896ca9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
date: Thu, 21 Mar 2024 21:23:27 GMT
x-azure-ref: 0UKX8ZQAAAABT7+SgGm2uQIEyfXm1t+BKRE0yQUExMDkxMjA3MDM1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 829
expires: -1

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
295 B 258ms
46ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://saynotobald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://saynotobald.com
Date: Thu, 21 Mar 2024 21:23:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

OPTIONS
H2 204 rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 0
0 40ms
39ms Preflight 3.162.7.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.7.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-7-231.yul62.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://saynotobald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 300
age: 71139
alt-svc: h3=":443"; ma=86400
apigw-requestid: U9NZAgufoAMES0w=
date: Thu, 21 Mar 2024 01:37:48 GMT
via: 1.1 327dc9ff74acc5a845efbe2daefaec7a.cloudfront.net (CloudFront)
x-amz-cf-id: 4MpT-zFNnDqwzybvSOrEXLU6Ul2z8akjCtyHl7sunmi9R9-GYyLOpQ==
x-amz-cf-pop: YUL62-P2
x-cache: Hit from cloudfront

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 23ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Mar 2024 21:23:28 GMT
x-amz-request-id: Q89PZAPY13C01VBS
age: 3287
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: WyW+sQit27+5QQaPOprDWlxQkOlwneaUZDqksoV7u0dxhY+oAngI45yJEW41JVZdfQSdWufJIXs=
x-served-by: cache-yyz4575-YYZ
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1711056208.378580,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 19
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 4772

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 24ms
23ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Mar 2024 21:23:28 GMT
x-amz-request-id: F0ERNPAEKW73Z8P2
age: 7586
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: plsZvdnyCt2i8Bpor4XZ/Hw8FQ82hV+hAUU7z72e8PcCioobdkLHvDkUimb10ggYrfGsRVEk5hI=
x-served-by: cache-yyz4575-YYZ
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1711056208.378694,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 0
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 8760

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame DC66 53 KB
20 KB 193ms
105ms Script
text/javascript 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 14028140.fls.doubleclick.net
URL: https://14028140.fls.doubleclick.net/activityi;dc_pre=CPWyyoulhoUDFb3DwgQdAq8LhA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=4352572455862;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

bedd15c7fa429ab3746fe85bbe5bc8e9aa16fbf4efe097fd666de84a4144799f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://14028140.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19845
x-xss-protection: 0
server: cafe
etag: 10745024659593395807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 21:23:28 GMT

GET
H2 200 dc_pre=CPWyyoulhoUDFb3DwgQdAq8LhA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=4352572455862;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201...
adservice.google.com/ddm/fls/z/ Frame DC66 42 B
401 B 194ms
99ms Image
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPWyyoulhoUDFb3DwgQdAq8LhA;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=4352572455862;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://14028140.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJLB0oulhoUDFaHRwgQdXEsPeg;src=12217290;type=regro0;cat=rg_al0;ord=1;num=8503191734215;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;g...
adservice.google.com/ddm/fls/z/ Frame 976C 42 B
107 B 154ms
100ms Image
image/gif 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJLB0oulhoUDFaHRwgQdXEsPeg;src=12217290;type=regro0;cat=rg_al0;ord=1;num=8503191734215;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation

Requested by

Host: 12217290.fls.doubleclick.net
URL: https://12217290.fls.doubleclick.net/activityi;dc_pre=CJLB0oulhoUDFaHRwgQdXEsPeg;src=12217290;type=regro0;cat=rg_al0;ord=1;num=8503191734215;npa=0;auiddc=1730810139.1711056207;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z8850445531za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://12217290.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
842 B 106ms
105ms Ping
text/plain 23.33.40.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-33-40-79.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saynotobald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a55cc1f7.3e7ec2be
date: Thu, 21 Mar 2024 21:23:28 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240321212328B7B5710BCAB61FA827F9-6EA707A14E1E4A5A-00
x-cache: TCP_MISS from a23-33-41-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
x-parent-response-time: 34,23.33.41.143
server-timing: cdn-cache; desc=MISS, edge; dur=18, origin; dur=25, inner; dur=22
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240321212328B7B5710BCAB61FA827F9
x-cache-remote: TCP_MISS from a23-48-200-209.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,23.48.200.209
x-tt-trace-host: 011ba866a0f8103d730e0ebb419fa6a97240346029c10d56e96e6208ea04d77a6b3655483cacd84f356d9a2e43be42f8221d259a7dcbf45f8bad00ed0a3a5fd4e04cb821871a5e6c9cb1ca29049c5745db3b5b232c90704d6d267c899b8597043941e6c659f4f20a58c134d4ffbff3dc54
access-control-allow-headers: Authorization,*
expires: Thu, 21 Mar 2024 21:23:28 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame C7FF 44 KB
19 KB 40ms
38ms Script
application/javascript 54.230.48.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=21444b75-45eb-4207-bb22-dc5f286db86b&u_scsid=244033eb-1a5f-4716-a4e7-16c59c56bcec&u_sclid=afc9c871-09d7-4e24-913b-3ab80f81ca2b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-245.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 18:30:02 GMT
content-encoding: gzip
via: 1.1 144825e0e5f4523d1f7ce8c9b62cd908.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-C2
age: 10406
etag: b9bd00ec73544025b937f4253ff9de4c
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 19117
x-amz-cf-id: ooroaMHpri6FaMDNopMCp2Fthqxj0Mgcm1bnV8GmzIdTqiuNhbz1iQ==

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 487ms
36ms XHR
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 4b665eeff04be588dd38b499dd057a8d63903bc66b955637bcd1a8a272ff979f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-served-by: cache-nyc-kteb1890091-NYC
date: Thu, 21 Mar 2024 21:23:28 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://saynotobald.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

POST
H2 200 p
tr6.snapchat.com/ 0
48 B 80ms
75ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://saynotobald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 21:23:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google, 1.1 google
server: API Gateway
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

p Show response
tr.snapchat.com/cm/ Frame 0EBC
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1711056208530&u_scsid=730404f5-9150-473a-b51d-db8bcade8e8b&u_sclid=0e70579a-ff6c-4399-9427-bbe8d0254f35
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710989092262%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1710989092262%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1710989092262&pnid=140&pcid=766755e7-ead9-4007-aa28-2e35ee8befb6

0
197 B

104ms
85ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1710989092262&pnid=140&pcid=766755e7-ead9-4007-aa28-2e35ee8befb6

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Thu, 21 Mar 2024 21:23:29 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 2

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 21 Mar 2024 21:23:29 GMT
location: https://tr.snapchat.com/cm/p?rand=1710989092262&pnid=140&pcid=766755e7-ead9-4007-aa28-2e35ee8befb6
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11460447661/ Frame DC66 3 KB
2 KB 56ms
55ms Script
text/javascript 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11460447661/?random=1711056208590&cv=9&fst=1711056208590&num=1&npa=1&label=1W3fCN7qgowZEK2b4tgq&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F14028140.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPWyyoulhoUDFb3DwgQdAq8LhA%3Bsrc%3D14028140%3Btype%3Dinvmedia%3Bcat%3Drg_al0%3Bord%3D1%3Bnum%3D4352572455862%3Bnpa%3D0%3Bauiddc%3D1730810139.1711056207%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bpscdl%3Dnoapi%3Bgtm%3D45fe43k0z8850445531za201%3Bgcd%3D13l3l3l3l1%3Bdma%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fsaynotobald.com%252Fpresentation%3F&ref=https%3A%2F%2Fsaynotobald.com%2F&top=https%3A%2F%2Fsaynotobald.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

49527b43e795a7c22fcf587c39407edae8f920fcb7231e19015a785067b55297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://14028140.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1667
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
tr.snapchat.com/ 0
90 B 76ms
74ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://saynotobald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 21:23:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://saynotobald.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 log_event Show response
www.youtube-nocookie.com/youtubei/v1/ Frame CCAB 28 B
50 B 53ms
52ms XHR
application/json 2607:f8b0:4004:c17::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/589f1394/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-Goog-Request-Time: 1711056208834
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/UVHnhOaw7F0?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version: 1.20240317.00.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtLOWdZZWRzelY2QSjNyvKvBjIKCgJVUxIEGgAgXA%3D%3D
X-YouTube-Ad-Signals: dt=1711056206089&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C926%2C521&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 21 Mar 2024 21:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H2

200

/
www.google.com/pagead/1p-conversion/11460447661/ Frame DC66
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11460447661/?random=933187241&cv=9&fst=1711056208590&num=1&npa=1&label=1W3fCN7qgowZEK2b4tgq&guid=ON&resp=GooglemKTybQhCsO&eid=375603...
https://www.google.com/pagead/1p-conversion/11460447661/?random=933187241&cv=9&fst=1711056208590&num=1&npa=1&label=1W3fCN7qgowZEK2b4tgq&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512...

42 B
340 B

63ms
62ms

Image
image/gif

2607:f8b0:4004:c0b::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/11460447661/?random=933187241&cv=9&fst=1711056208590&num=1&npa=1&label=1W3fCN7qgowZEK2b4tgq&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F14028140.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPWyyoulhoUDFb3DwgQdAq8LhA%3Bsrc%3D14028140%3Btype%3Dinvmedia%3Bcat%3Drg_al0%3Bord%3D1%3Bnum%3D4352572455862%3Bnpa%3D0%3Bauiddc%3D1730810139.1711056207%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bpscdl%3Dnoapi%3Bgtm%3D45fe43k0z8850445531za201%3Bgcd%3D13l3l3l3l1%3Bdma%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fsaynotobald.com%252Fpresentation%3F&ref=https%3A%2F%2Fsaynotobald.com%2F&top=https%3A%2F%2Fsaynotobald.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIl-GFjKWGhQMVjx7QBB33FwKwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjolaHR0cHM6Ly8xNDAyODE0MC5mbHMuZG91YmxlY2xpY2submV0Lw&is_vtc=1&cid=CAQSKQB7FLtqXDwWQQSYWEZBg6Q-ml0p-u6Ny8UOhqvlt_eQytZiY1Dx5uqS&random=4261667665&resp=GooglemKTybQhCsO

Requested by

Protocol

Server

2607:f8b0:4004:c0b::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://14028140.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/11460447661/?random=933187241&cv=9&fst=1711056208590&num=1&npa=1&label=1W3fCN7qgowZEK2b4tgq&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F14028140.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPWyyoulhoUDFb3DwgQdAq8LhA%3Bsrc%3D14028140%3Btype%3Dinvmedia%3Bcat%3Drg_al0%3Bord%3D1%3Bnum%3D4352572455862%3Bnpa%3D0%3Bauiddc%3D1730810139.1711056207%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bpscdl%3Dnoapi%3Bgtm%3D45fe43k0z8850445531za201%3Bgcd%3D13l3l3l3l1%3Bdma%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fsaynotobald.com%252Fpresentation%3F&ref=https%3A%2F%2Fsaynotobald.com%2F&top=https%3A%2F%2Fsaynotobald.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIl-GFjKWGhQMVjx7QBB33FwKwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjolaHR0cHM6Ly8xNDAyODE0MC5mbHMuZG91YmxlY2xpY2submV0Lw&is_vtc=1&cid=CAQSKQB7FLtqXDwWQQSYWEZBg6Q-ml0p-u6Ny8UOhqvlt_eQytZiY1Dx5uqS&random=4261667665&resp=GooglemKTybQhCsO
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 160ms
36ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=f8e89188-51ae-4288-a94d-6ad626f2399d-tuctcf62acf&uad=8a72ac550b8ec510b42e3ff70f35e3c1de2d56c40299d43ce1b450b1c0480a25&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 21:23:29 GMT
cache-control: no-store
server: nginx

GET
H2 204 unip Show response
trc-events.taboola.com/1423196/log/3/ 0
623 B 104ms
35ms XHR
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=1601&scd=0&ssd=1&est=1711056207655&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1711056209258&vi=1711056207652&ri=e2d8f7a3f520171baaf57f33fab97d96&sd=v2_fd266f61a3fd4d743bc8baa6133b73ea_f8e89188-51ae-4288-a94d-6ad626f2399d-tuctcf62acf_1711056207_1711056207_CNawjgYQ3O5WGKT-lpfmMSABKAEw4QE4kaQOQMzrD0jd2NsDUIsEWABgAGjP4tvDwa67g4YBcAE&ui=f8e89188-51ae-4288-a94d-6ad626f2399d-tuctcf62acf&ref=null&cv=20240317-34-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://saynotobald.com
pragma: no-cache
date: Thu, 21 Mar 2024 21:23:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK adnypeu
service3.purehealthresearch.com/ 0
0 108ms
37ms Fetch 134.209.162.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://service3.purehealthresearch.com/adnypeu
Requested by: Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 21 Mar 2024 21:23:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Methods: GET

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F987D1516E4D453B91D40C39C8FA7F29&RedC=c.clarity.ms&MXFR=35D72C007F07663A2EED38497B076818
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F987D1516E4D453B91D40C39C8FA7F29&MUID=373F7DBB969C659903B969F2979B6467

42 B
443 B

50ms
35ms

Image
image/gif

20.125.209.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F987D1516E4D453B91D40C39C8FA7F29&MUID=373F7DBB969C659903B969F2979B6467
Protocol: H2
Server: 20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:29 GMT
last-modified: Fri, 01 Mar 2024 22:54:06 GMT
server: Microsoft-IIS/10.0
etag: "8573f85c2b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 592767D0E6254970A25F37F778D56279 Ref B: EWR311000107011 Ref C: 2024-03-21T21:23:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F987D1516E4D453B91D40C39C8FA7F29&MUID=373F7DBB969C659903B969F2979B6467
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
295 B 93ms
92ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://saynotobald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://saynotobald.com
Date: Thu, 21 Mar 2024 21:23:29 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 204 unip Show response
trc-events.taboola.com/1423196/log/3/ 0
622 B 31ms
31ms XHR
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=4603&scd=0&ssd=1&est=1711056207655&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1711056212260&vi=1711056207652&ri=e2d8f7a3f520171baaf57f33fab97d96&sd=v2_fd266f61a3fd4d743bc8baa6133b73ea_f8e89188-51ae-4288-a94d-6ad626f2399d-tuctcf62acf_1711056207_1711056207_CNawjgYQ3O5WGKT-lpfmMSABKAEw4QE4kaQOQMzrD0jd2NsDUIsEWABgAGjP4tvDwa67g4YBcAE&ui=f8e89188-51ae-4288-a94d-6ad626f2399d-tuctcf62acf&ref=null&cv=20240317-34-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://saynotobald.com
pragma: no-cache
date: Thu, 21 Mar 2024 21:23:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 46ms
45ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je43k0v9176637411za200&_p=1711056205611&gcd=13l3l3l3l1&npa=0&dma=0&cid=529810357.1711056208&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1711056207&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=scroll&epn.percent_scrolled=90&_et=13&tfd=7514
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://saynotobald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 21:23:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://saynotobald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rr2---sn-ab5l6nrz.googlevideo.com
URL: https://rr2---sn-ab5l6nrz.googlevideo.com/videoplayback?expire=1711077806&ei=TqX8ZdmPFOWZ_9EPpJyqkAQ&ip=2602%3Affc8%3A2%3A104%3A%3A14&id=o-AFVGOY3LIO1wStwx7vfhv5AZg6_IGQq5aS-iIySc-jJn&itag=134&aitags=134%2C136%2C137%2C160&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=tU&mm=31%2C26&mn=sn-ab5l6nrz%2Csn-tt1e7nlz&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=1637500&spc=UWF9f8KMgQwKmUiHjbch_yqPp0EpHQdy-JrUAT_MiMohRaY&vprv=1&svpuc=1&mime=video%2Fmp4&ns=MX0F-lzyVjRb1hF-scZ9rQwQ&gir=yes&clen=64963334&dur=1884.440&lmt=1688398191010791&mt=1711055811&fvip=1&keepalive=yes&beids=24350319&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6219224&n=X2nawJC5GoOSbA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgP19QcUtEM_mPljp0dRvNzQFZ-90aP4rwkSIp2mCasUcCIQDbklzKcybv5lOv-FOeIPTKEkB8IKqgZ_-TQ39thIAMbA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRgIhAIUhu18I1P_dqfzXt-hqVmPDyeJUrb5lD1jUvH45atwGAiEA115FG2xbT5d6DUvTS7wMQDMwyyYfIRsFN7IPx6b77K0%3D&alr=yes&cpn=IfyspiQXEBAEliIc&cver=1.20240317.00.00&range=0-163376&rn=1&rbuf=0&pot=IjhLtUu2Lknu-wjSP_kE4i_vEeIZzy7ZEoca5iH7MsMAwwnfAv4I0gHjHs0C8AzSCtIT9G6GD5B48Q==&ump=1&srfvp=1

Domain: rr2---sn-ab5l6nrz.googlevideo.com
URL: https://rr2---sn-ab5l6nrz.googlevideo.com/videoplayback?expire=1711077806&ei=TqX8ZdmPFOWZ_9EPpJyqkAQ&ip=2602%3Affc8%3A2%3A104%3A%3A14&id=o-AFVGOY3LIO1wStwx7vfhv5AZg6_IGQq5aS-iIySc-jJn&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=tU&mm=31%2C26&mn=sn-ab5l6nrz%2Csn-tt1e7nlz&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=1637500&spc=UWF9f8KMgQwKmUiHjbch_yqPp0EpHQdy-JrUAT_MiMohRaY&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=MX0F-lzyVjRb1hF-scZ9rQwQ&gir=yes&clen=28591249&dur=1884.461&lmt=1688398237452835&mt=1711055811&fvip=1&keepalive=yes&beids=24350319&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6218224&n=X2nawJC5GoOSbA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgYJf4UdF_N-lDJrZdrRMf7Jbm6Dfp5uWHjQlcW_pYwWsCIQDG1e_16gB2Wqm-ozER44EAtEXAVECCFekdCSCeRDCBBw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRgIhAIUhu18I1P_dqfzXt-hqVmPDyeJUrb5lD1jUvH45atwGAiEA115FG2xbT5d6DUvTS7wMQDMwyyYfIRsFN7IPx6b77K0%3D&alr=yes&cpn=IfyspiQXEBAEliIc&cver=1.20240317.00.00&range=0-69089&rn=2&rbuf=0&pot=IjimG6YYw-cDVeV80lfpTMJB_Ez0YcN3_yn3SMxV323tbeRx71DlfOxN82PvXuF853z-WoMo4j6VXw==&ump=1&srfvp=1

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/purehealthresearch-sc-regrowhair-sc/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_fd266f61a3fd4d743bc8baa6133b73ea_f8e89188-51ae-4288-a94d-6ad626f2399d-tuctcf62acf_1711056207_1711056207_CNawjgYQ3O5WGKT-lpfmMSABKAEw4QE4kaQOQMzrD0jd2NsDUIsEWABgAGjP4tvDwa67g4YBcAE
sc-static.net/scevent.min.js	1970-01-20 19:19:02	Name: X-AB Value: b9bd00ec73544025b937f4253ff9de4c
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: wemlkpB0or0
.youtube.com/	1970-01-20 23:36:48	Name: VISITOR_INFO1_LIVE Value: ECKMPrYRAbA
.youtube.com/	1970-01-20 23:36:48	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgWw%3D%3D
.saynotobald.com/	1970-01-20 21:27:12	Name: _fbp Value: fb.1.1711056206014.1589468076
secure.regrowhairformula.com/	1970-01-20 19:27:41	Name: AWSALBCORS Value: Bbr+zwd0LM1rzVIYuQaH/olPnQc4vWbHgJeFS+0Q9A6SgQaG/jIXEsMJk9ItNjKk/ca3I+y0EQCD3+x4jSNk2c03vLCw99azJyigcrJd+0XebcZy6vpkvodMO8zX
.saynotobald.com/	1970-01-20 21:27:12	Name: _gcl_au Value: 1.1.1730810139.1711056207
saynotobald.com/	1969-12-31 23:59:59	Name: /presentation:watchVideoTime:UVHnhOaw7F0 Value: 0
.tiktok.com/	1970-01-21 04:39:12	Name: _ttp Value: 2e0zJ1FaMPb3GGJbjH6gpVh9KNm
www.clarity.ms/	1970-01-21 04:03:12	Name: CLID Value: 3d5e9ea55c7249a993f7a8e56ea6a5c1.20240321.20250321
.saynotobald.com/	1970-01-21 04:53:36	Name: _ga Value: GA1.1.529810357.1711056208
.saynotobald.com/	1970-01-21 04:53:36	Name: _ga_19QC860WB0 Value: GS1.1.1711056207.1.0.1711056207.60.0.0
.saynotobald.com/	1970-01-21 04:47:22	Name: _scid Value: dfd0c75c-a1c4-42f7-b53d-b51e15c83010
.saynotobald.com/	1970-01-21 04:47:22	Name: _scid_r Value: dfd0c75c-a1c4-42f7-b53d-b51e15c83010
.criteo.com/	1970-01-21 04:39:12	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 04:39:12	Name: uid Value: 0f08f3a4-653b-4345-9819-a217ec4c397a
.t.co/	1970-01-21 04:53:36	Name: muc_ads Value: ef932922-0d35-48d0-802e-f70dedb461ac
.saynotobald.com/	1970-01-20 19:19:02	Name: _uetsid Value: 420311d0e7c911ee81d731dbe49dc9ee
.saynotobald.com/	1970-01-21 04:39:12	Name: _uetvid Value: 42039cc0e7c911eebe10abeb09e0b4af
.taboola.com/	1970-01-21 04:03:12	Name: t_gid Value: f8e89188-51ae-4288-a94d-6ad626f2399d-tuctcf62acf
.taboola.com/	1970-01-21 04:03:12	Name: t_pt_gid Value: f8e89188-51ae-4288-a94d-6ad626f2399d-tuctcf62acf
.taboola.com/	1970-01-21 04:03:12	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 04:39:12	Name: MUID Value: 373F7DBB969C659903B969F2979B6467
.bat.bing.com/	1970-01-20 19:27:41	Name: MR Value: 0
.twitter.com/	1970-01-21 04:53:36	Name: guest_id_marketing Value: v1%3A171105620770834599
.twitter.com/	1970-01-21 04:53:36	Name: guest_id_ads Value: v1%3A171105620770834599
.twitter.com/	1970-01-21 04:53:36	Name: personalization_id Value: "v1_ziC8ILXSmDcULzf9JYr3fQ=="
.twitter.com/	1970-01-21 04:53:36	Name: guest_id Value: v1%3A171105620770834599
.doubleclick.net/	1970-01-20 23:36:48	Name: receive-cookie-deprecation Value: 1
.saynotobald.com/	1970-01-21 04:39:12	Name: _tt_enable_cookie Value: 1
.saynotobald.com/	1970-01-21 04:39:12	Name: _ttp Value: 9x2LE_qLoHWZyh9t446q5aCbpgj
.saynotobald.com/	1970-01-21 04:03:12	Name: _clck Value: edhtzh%7C2%7Cfk9%7C0%7C1541
.saynotobald.com/	1970-01-21 04:03:12	Name: ucacid Value: 518921136.334505
.criteo.com/	1970-01-21 04:39:12	Name: partitioned_bundle Value: M0paOl8wOUlSZmU2M1ZyY3h3UVpaWFFzQ0ZuUjFtM0lqRGlpVU1qUGRsZnUlMkZLckNHZFB5MVY1ZU9PcG9jMDJHS2drZDV3UWFJNTU5bUMlMkZFOWdZR1BnbzI1WVpyemczbzFKY2FTTkxCS0hPeVBON3UlMkZFSXppbXZJbmd4M2NiMEl5c3EyUzd3NmlHNHlzZGh6TlVMUnA3ZExmT1ducFRpM1FPVHlpREJ2U3JjUjYybmxWZnlkR0xweUxIYVphUXFFNiUyQk5pcA
.doubleclick.net/	1970-01-21 04:53:36	Name: IDE Value: AHWqTUkVHRBTMeTRzX0WotEPO0YybaZvT-IwOvV2C4ooDMxCQxiw5oArHOhGEs54QRs
.saynotobald.com/	1970-01-20 19:19:02	Name: _clsk Value: 1c8whj0%7C1711056208455%7C1%7C1%7Cn.clarity.ms%2Fcollect
.saynotobald.com/	1970-01-21 04:47:00	Name: cto_bundle Value: dx7HkF8wOUlSZmU2M1ZyY3h3UVpaWFFzQ0ZuUjFtM0lqRGlpVU1qUGRsZnUlMkZLckNHZFB5MVY1ZU9PcG9jMDJHS2drZDV3UWFJNTU5bUMlMkZFOWdZR1BnbzI1WVpyemczbzFKY2FTTkxCS0hPeVBON3UlMkZFSXppbXZJbmd4M2NiMEl5c3EyU0F5NUZ0bGZqY21QT1JCTkJGdW1lbEElM0QlM0Q
.tapad.com/	1970-01-20 20:44:00	Name: TapAd_TS Value: 1711056209073
.tapad.com/	1970-01-20 20:44:00	Name: TapAd_DID Value: 766755e7-ead9-4007-aa28-2e35ee8befb6
.tapad.com/	1970-01-20 20:44:00	Name: TapAd_3WAY_SYNCS Value:
.snapchat.com/	1970-01-21 04:39:12	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ0AIQgEwIpIFgGJdsNqqMLi73vzmos8RQvpoIkTFHqWsBN9Sm1dPnVsTVXEHFjvV3xvWOmPQAAAAA==
.saynotobald.com/	1970-01-21 04:47:22	Name: _sctr Value: 1%7C1711015200000
.c.bing.com/	1970-01-20 19:27:41	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:39:12	Name: SRM_B Value: 373F7DBB969C659903B969F2979B6467
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:39:12	Name: MUID Value: 373F7DBB969C659903B969F2979B6467
.c.clarity.ms/	1970-01-20 19:27:41	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:17:36	Name: ANONCHK Value: 0

72 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/810524130072458?v=2.9.150&r=stable&domain=saynotobald.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://saynotobald.com/presentation Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12217290.fls.doubleclick.net
14028140.fls.doubleclick.net
adservice.google.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.taboola.com
cds.taboola.com
connect.facebook.net
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.ytimg.com
jnn-pa.googleapis.com
mug.criteo.com
n.clarity.ms
pips.taboola.com
pixel.tapad.com
rr2---sn-ab5l6nrz.googlevideo.com
saynotobald.com
sc-static.net
secure.regrowhairformula.com
service3.purehealthresearch.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
tr6.snapchat.com
trc-events.taboola.com
trc.taboola.com
www.clarity.ms
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.ibph4trk.com
www.youtube-nocookie.com
www.youtube.com
yt3.ggpht.com
rr2---sn-ab5l6nrz.googlevideo.com
104.244.42.133
104.244.42.3
134.209.162.206
141.226.124.48
141.226.224.32
142.251.167.148
146.75.28.157
151.101.129.44
161.35.48.155
172.253.62.157
18.205.82.20
20.125.209.212
2001:4860:4802:32::181
23.33.40.79
2603:1062:10:a::1
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c0b::68
2607:f8b0:4004:c17::be
2607:f8b0:4004:c19::5d
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c1d::77
2607:f8b0:4004:c1d::9c
2607:f8b0:4004:c1f::9d
2620:100:a001::c
2620:100:a001::f
2620:1ec:c11::200
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42::300
3.161.210.15
3.162.7.231
34.107.199.247
34.111.113.62
35.190.43.134
52.184.204.244
54.230.48.245
74.119.119.139
08a5d3faf1218d1a3dc17a5f4b37b033fbd895a03872eacd53f9419b772419f1
0a19861082dac85875c47a04143c5285239615748fdb64ecb439d92d98d01fad
0cf583c4a0eb4728e60d9ce54ddc6ff82bc4735dd038fa8b63a4a552065af22c
117ec7824aa0c927983ca720f2831ec98d455d56c8efef316e6f912817c557ec
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13f3ee954b3c1d3371bccff14f8c7cb5917a4b273204da1da60270922f8929a2
15fc4f4f41cce71191665c7e7061067c82e9275958257ca9464ff8c21958d60f
1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e7e76a0119e7e42fcf5410ae038717aefff3dd9dd56adc6340257923b3e6673
38a99a9d37d2c213bd1f589b46f629d8f4c4a27f57796e1ef1ec0e879a53cccc
3aa0d66887bc53fa2c3aae867f345f2765cd72da482bf5b297fedcdc56259f21
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42a4914076688cc439ac8dbf82ed794170e03ef887d68d999db2a712d5c8f1ec
49527b43e795a7c22fcf587c39407edae8f920fcb7231e19015a785067b55297
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855
4b2575e8d627e2ed605719a2fadcb4fa293c075dcacd81e5383ef1c5b05f1bef
4b665eeff04be588dd38b499dd057a8d63903bc66b955637bcd1a8a272ff979f
4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
4e37dd418ccda4465ab559e27d0912fb158b267e0a935c6609e92714260ef8a0
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bb22e81453d6b69b10d640ba35b9a6ff3cc402d23e8b034bb3a1f1cee362084
5f2fde87f241b98ebc4e3f4fb21b96e7d5bee539697ada2dbdfa9f4c8db3ba60
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6890437664e68fe9660afdc4df5ad9f86538df9def33855673432cade3cf12f2
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
76b890b6742e6bec211241e91bff56046a7d282c496bbf65882192275a4888c3
7caf10fb55ad4b636a9e6af753ce6531b3c5200fbb09ec14cf7134a0d012aecb
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82c3b297f7128dc65affbc8bc4643465625704902a9f988dcdc5902a905c3cdc
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0
9652ae54adbd9992537f73ddd3567121ca1f4a38fa2442b03eb3614c9e3fe971
995834e4963b3f7fd9850502b9bab3ee9771bf84e07fa303affa9a471cb07064
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a37ccdea1eb98e4589951e8dc4d64915abccc68601e7c60fb47222d19edb8eb2
a54a68bda21597b76806840d531a36e324284545754d69343ea0db45602f92b6
a6cf9de94008c90a96bd2010253acaf8e0765013d75320969efbce9774f049e5
a763d5da382bf5ed52f61f58a3d8d010cea1e7fa1f8bb485463379d23c86c65a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6
b86f2798083f21c462860d2879a953c5ed4368a7403c25da78690b31e6dac828
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd4c3a41eccea0d5704ed6eb9cd22d25242dddb210cf8e5075b542a8af7cd9fb
bde2472a76e01f194919d637e205051b6e966692237a60d113e3bd7c130bf25b
bedd15c7fa429ab3746fe85bbe5bc8e9aa16fbf4efe097fd666de84a4144799f
c1daccf2edef9e0e96e591f23f91ff36c08756b0255ab0a92e3596226f5849a0
c5ed23a54bffeff5c535278c7f27eb6642ea3eb70dfa92164fafd45f3e755ced
cb40d6e621c5d531d57d5e874c96762a5acc90d253c95e7ca0c80822f895e857
ccb35e209f065628ee2425a824e21b596c113063ffa897e6d6d4da74db253b00
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3e9bc168bcafb793c1f88803b8d62bae049d099b4d59eb15117f060ecba8e44
d5cfb61c5c9e1a0a6849548f84f3d95f9b3c982da422a064af76ed1103896ca9
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc985d1ef62209576d8eb5c4b30afba4940447b5eb45bdcba0629499a01ed2d9
e2824db0752da3f5ed63b73495ca530d7f7bc1c50794ca0a764218c44da44182
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81fa9e7db3839ed07311a954b9b41645d12e89540eed942d0267355251b426d
e96bbafac26cd94a236f6f0cf0acc2daf406832a7a397b85ae93ed5ee7b08ff2
ee5b11761bd4ac602a13816b6d26cef5323ccf591f80b06a44273b7c6ae0a6b5
ee8e0d8f793f8db05ce81c61a24e3285a971ecb4e5395d5a48b64c53983485d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ee565220ffaf5c610c986b1978f92cdaa58cb300a86276f95bfdfd7db01345
f5ee7af23695f4cbcc56354930a31b28f658350ce87de74a6d6d88af1712f811
fe67da1d9111e427624f23b5a09addc6dacf2de4818ca8502757e30570390cc2

saynotobald.com Open in urlscan Pro 161.35.48.155 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

95 %HTTPS

49 %IPv6

29 Domains

46 Subdomains

40 IPs

1 Countries

2584 kBTransfer

7366 kBSize

49 Cookies

0 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

saynotobald.com Open in urlscan Pro
161.35.48.155 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

95 %
HTTPS

49 %
IPv6

29
Domains

46
Subdomains

40
IPs

1
Countries

2584 kB
Transfer

7366 kB
Size

49
Cookies

97 HTTP transactions
1 data transactions