urlscan.io logo urlscan.io
SecurityTrails logo

saynotobald.com Open in urlscan Pro
161.35.48.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&af...
Effective URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&af...
Submission: On August 04 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 1 countries across 25 domains to perform 88 HTTP transactions. The main IP is 161.35.48.155, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is saynotobald.com.
TLS certificate: Issued by R11 on July 22nd 2024. Valid for: 3 months.
This is the only time saynotobald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 161.35.48.155 14061 (DIGITALOC...)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2620:100:a00b::a 19750 (AS-CRITEO)
1 1 142.251.174.147 15169 (GOOGLE)
1 173.194.66.155 15169 (GOOGLE)
4 151.101.65.44 54113 (FASTLY)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 3.163.245.4 16509 (AMAZON-02)
1 99.84.216.84 16509 (AMAZON-02)
2 34.107.199.247 396982 (GOOGLE-CL...)
1 146.75.28.157 54113 (FASTLY)
3 2620:1ec:bdf::38 8075 (MICROSOFT...)
14 23.217.116.226 20940 (AKAMAI-ASN1)
2 4 142.251.111.148 15169 (GOOGLE)
2 173.194.207.148 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 173.194.204.94 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
1 2620:100:a00b... 19750 (AS-CRITEO)
1 72.21.81.130 15133 (EDGECAST)
1 104.244.42.3 13414 (TWITTER)
4 18.238.79.84 16509 (AMAZON-02)
5 35.190.43.134 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 141.226.224.32 200478 (TABOOLA-AS)
2 20.114.189.70 8075 (MICROSOFT...)
1 134.209.162.206 14061 (DIGITALOC...)
1 2 20.110.205.119 8075 (MICROSOFT...)
2 2607:f8b0:400... 15169 (GOOGLE)
4 141.226.124.48 200478 (TABOOLA-AS)
88 34
5    161.35.48.155 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: saynotobald.com
saynotobald.com
2    2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2607:f8b0:400d:c0f::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2607:f8b0:400d:c03::5b (Morganton, United States)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
www.youtube.com
3    2620:100:a00b::a (United States)

ASN19750 (AS-CRITEO, US)
dynamic.criteo.com
1    142.251.174.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f147.1e100.net
www.google.com
1    173.194.66.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f155.1e100.net
googleads.g.doubleclick.net
4    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
4    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)
sc-static.net
1    99.84.216.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-216-84.iad79.r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
2    34.107.199.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com
www.ibph4trk.com
1    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2620:1ec:bdf::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
14    23.217.116.226 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-217-116-226.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    142.251.111.148 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f148.1e100.net
12217290.fls.doubleclick.net
14028140.fls.doubleclick.net
2    173.194.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f148.1e100.net
ad.doubleclick.net
2    2607:f8b0:400d:c07::64 (Morganton, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:400d:c0f::9a (Morganton, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    173.194.204.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f94.1e100.net
www.google.ca
2    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
pips.taboola.com
1    2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    72.21.81.130 (United States)

ASN15133 (EDGECAST, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
4    18.238.79.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-79-84.jfk52.r.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
2    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
1    134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
service3.purehealthresearch.com
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    2607:f8b0:400d:c1d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
14 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 963
147 KB
11 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1198
psb.taboola.com — Cisco Umbrella Rank: 9372
trc.taboola.com — Cisco Umbrella Rank: 1123
pips.taboola.com — Cisco Umbrella Rank: 2305
cds.taboola.com — Cisco Umbrella Rank: 2605
trc-events.taboola.com — Cisco Umbrella Rank: 3272
34 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
12217290.fls.doubleclick.net — Cisco Umbrella Rank: 678451
ad.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
14028140.fls.doubleclick.net — Cisco Umbrella Rank: 806944
2 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
t.clarity.ms — Cisco Umbrella Rank: 8415
c.clarity.ms — Cisco Umbrella Rank: 1838
30 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
531 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 1202
tr6.snapchat.com — Cisco Umbrella Rank: 1340
1004 B
5 cloudfront.net
d9i5ve8f04qxt.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
22 KB
5 saynotobald.com
saynotobald.com
357 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
c.bing.com — Cisco Umbrella Rank: 341
17 KB
4 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4315
gum.criteo.com — Cisco Umbrella Rank: 553
sslwidget.criteo.com Failed
64 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
analytics.google.com — Cisco Umbrella Rank: 238
24 B
2 gstatic.com
fonts.gstatic.com
51 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 ibph4trk.com
www.ibph4trk.com
19 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
84 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
1 purehealthresearch.com
service3.purehealthresearch.com — Cisco Umbrella Rank: 333882
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1356
722 B
1 t.co
t.co — Cisco Umbrella Rank: 979
376 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
63 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1253
15 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1413
21 KB
1 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 4316
0 regrowhairformula.com Failed
secure.regrowhairformula.com Failed
88 25
Domain Requested by
14 analytics.tiktok.com saynotobald.com
analytics.tiktok.com
6 www.googletagmanager.com saynotobald.com
www.googletagmanager.com
5 saynotobald.com saynotobald.com
4 trc-events.taboola.com analytics.tiktok.com
4 tr.snapchat.com sc-static.net
saynotobald.com
4 d1pqvb2h9xgm7r.cloudfront.net d9i5ve8f04qxt.cloudfront.net
analytics.tiktok.com
3 www.clarity.ms saynotobald.com
www.clarity.ms
bat.bing.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
saynotobald.com
3 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
3 dynamic.criteo.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 c.clarity.ms 1 redirects
2 t.clarity.ms analytics.tiktok.com
2 www.facebook.com saynotobald.com
2 14028140.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 analytics.google.com www.googletagmanager.com
analytics.tiktok.com
2 ad.doubleclick.net saynotobald.com
2 12217290.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.ibph4trk.com www.googletagmanager.com
analytics.tiktok.com
2 www.youtube.com saynotobald.com
www.youtube.com
2 connect.facebook.net saynotobald.com
connect.facebook.net
2 fonts.googleapis.com saynotobald.com
1 c.bing.com 1 redirects
1 service3.purehealthresearch.com analytics.tiktok.com
1 tr6.snapchat.com sc-static.net
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 analytics.twitter.com saynotobald.com
1 t.co saynotobald.com
1 gum.criteo.com dynamic.criteo.com
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com cdn.taboola.com
1 www.google.ca saynotobald.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.ads-twitter.com saynotobald.com
1 d9i5ve8f04qxt.cloudfront.net www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 googleads.g.doubleclick.net saynotobald.com
1 www.google.com 1 redirects
1 www.youtube-nocookie.com saynotobald.com
0 sslwidget.criteo.com Failed dynamic.criteo.com
0 secure.regrowhairformula.com Failed saynotobald.com
88 42

This site contains no links.

Subject Issuer Validity Valid
saynotobald.com
R11		 2024-07-22 -
2024-10-20		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-13 -
2024-08-11		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-18 -
2024-09-17		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
p8btrk.com
Starfield Secure Certificate Authority - G2		 2023-11-30 -
2024-12-31		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.ca
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-23 -
2025-07-22		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
service3.purehealthresearch.com
E5		 2024-08-04 -
2024-11-02		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Frame ID: 13C7B300ECFE9A962A739A45E7529A77
Requests: 80 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/W2v6kmNiZhU?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: FE63AE8477986F92E4C0AF751959337A
Requests: 1 HTTP requests in this frame

Frame: https://12217290.fls.doubleclick.net/activityi;dc_pre=CIHs052V24cDFb8bdgYdTRQQ1Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3172385119942;npa=0;auiddc=330050598.1722768621;ps=1;pcor=31319993;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688
Frame ID: 045C578B19F52E918D2B70E8AAF179A7
Requests: 1 HTTP requests in this frame

Frame: https://14028140.fls.doubleclick.net/activityi;dc_pre=CPGT6J2V24cDFdAWdgYdAX8FsQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5060738319847;npa=0;auiddc=330050598.1722768621;ps=1;pcor=1683681319;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688
Frame ID: F43DED45AD600376238325B0C7DA8AA2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag
Frame ID: B24FDC58EA90099526C4752E8D01108C
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_scsid=d4639369-dd1c-4e61-add8-ceb0da20618e&u_sclid=79b660ac-5bf3-4b7f-b717-9645ee3a0b14
Frame ID: C1274C5B5ADC7E5ACC64A1372224AC8F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ReGrow

Page URL History Show full URLs

  1. http://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_c... HTTP 307
    https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

88
Requests

95 %
HTTPS

35 %
IPv6

25
Domains

42
Subdomains

34
IPs

1
Countries

1414 kB
Transfer

3645 kB
Size

56
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688 HTTP 307
    https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v3v5&tag_exp=95250752&rnd=279813591.1722768621&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma=0&npa=0&gtm=45He47v0n81TDFXFQXv850445531za200&auid=330050598.1722768621 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v3v5&tag_exp=95250752&rnd=279813591.1722768621&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma=0&npa=0&gtm=45He47v0n81TDFXFQXv850445531za200&auid=330050598.1722768621
Request Chain 29
  • https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3172385119942;npa=0;auiddc=330050598.1722768621;ps=1;pcor=31319993;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688 HTTP 302
  • https://12217290.fls.doubleclick.net/activityi;dc_pre=CIHs052V24cDFb8bdgYdTRQQ1Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3172385119942;npa=0;auiddc=330050598.1722768621;ps=1;pcor=31319993;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688
Request Chain 36
  • https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5060738319847;npa=0;auiddc=330050598.1722768621;ps=1;pcor=1683681319;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688 HTTP 302
  • https://14028140.fls.doubleclick.net/activityi;dc_pre=CPGT6J2V24cDFdAWdgYdAX8FsQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5060738319847;npa=0;auiddc=330050598.1722768621;ps=1;pcor=1683681319;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688
Request Chain 75
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=609FE1E0674743ECA25FA41EE4118DED&RedC=c.clarity.ms&MXFR=3CDF8A1397966BCB3C8A9EC2939665AC HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=609FE1E0674743ECA25FA41EE4118DED&MUID=3D8B804B3A2E611E0032949A3BF86033

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request presentation
saynotobald.com/
Redirect Chain
  • http://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
  • https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
51 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
e0f036e3ef62f1eb3eacc79319430b5c29263802ab23ecd93744bdf41acb8f00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 04 Aug 2024 10:50:20 GMT
ETag
W/"cab1-cxyYjhoF6CvWafPmgv5C2oplOO8"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express

Redirect headers

Location
https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Aug 2024 10:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 09:06:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Aug 2024 10:50:20 GMT
css2
fonts.googleapis.com/ 		32 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Aug 2024 10:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 09:06:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Aug 2024 10:50:20 GMT
play-img-d.gif
saynotobald.com/img/video/ 		302 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/video/play-img-d.gif
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0

Request headers

Referer
https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 04 Aug 2024 10:50:20 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"4b87a-18a454e656e"
Content-Type
image/gif
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
309370
UCAffiliateNetworkPixel
secure.regrowhairformula.com/cgi-bin/ 		0
0
gtm.js
www.googletagmanager.com/ 		411 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19addd3722945f9d02154eff6258cea6594fecf8aeeb2dda73a8a91542976442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120881
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Aug 2024 10:50:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Aug 2024 10:50:20 GMT
document-policy
force-load-at-top
x-fb-server-load
41
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=12, mss=1297, tbw=2803, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
FcyFTE9YI4usrzrLc2J2JYxQLyVDyAwHn2JfJT/2tcmNe1hiOT3A+iSqMtEO/Y+K7cDtrsc8D71dPexIncOY6g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
W2v6kmNiZhU
www.youtube-nocookie.com/embed/ Frame FE63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/W2v6kmNiZhU?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::5b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Aug 2024 10:50:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::5b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9f299073433d2af5662ec49a4d73a9c6c8bfe760c60b3db2f863788950d6511
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sun, 04 Aug 2024 10:50:20 GMT
dr-holly.png
saynotobald.com/img/featured-on/holly/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/featured-on/holly/dr-holly.png
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6

Request headers

Referer
https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 04 Aug 2024 10:50:20 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"3a1c-18a454e64f6"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14876
featured-logo.svg
saynotobald.com/img/featured-on/holly/ 		65 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/featured-on/holly/featured-logo.svg
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855

Request headers

Referer
https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 04 Aug 2024 10:50:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"104e7-18a454e64f6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
810524130072458
connect.facebook.net/signals/config/ 		123 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/810524130072458?v=2.9.164&r=stable&domain=saynotobald.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
82bfbaac97d5acd8fcabaf4525f45303b73726106316b3f19b3c21e8629fb3ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Aug 2024 10:50:21 GMT
document-policy
force-load-at-top
x-fb-server-load
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=65, mss=1297, tbw=64415, tp=-1, tpl=-1, uplat=539, ullat=0
pragma
public
x-fb-debug
CM8MNnkdE1te+1MSDjYdU+annbFZDK+U/EM/sjmPHWsSVF5ihnjvmoi5iBaRiQbfrjHoiWbvmB/S7LrW2cnHwA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=91644
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a6b013c85873a3c03eaf24a04dc6043c8b390d9bd0dee4f0c1423a1d075bb42e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=92347
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6de8b8ecf06ae431e0aaa48646d237c3d91e7855ffbb3281e58a034f4d72b26a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=113117
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4cb1d2e8005383d8bb7353ea253c64401b3f565d026d59a910499d2387606b56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v3v5&tag_exp=95250752&rnd=279813591.1722768621&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma=0&npa=0&gtm=45He47v0n81TDFXFQXv850445531...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v3v5&tag_exp=95250752&rnd=279813591.1722768621&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma=0&npa=0&gtm=45He47v0n81TDFX...
42 B
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v3v5&tag_exp=95250752&rnd=279813591.1722768621&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma=0&npa=0&gtm=45He47v0n81TDFXFQXv850445531za200&auid=330050598.1722768621
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H3
Server
173.194.66.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:50:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:50:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v3v5&tag_exp=95250752&rnd=279813591.1722768621&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma=0&npa=0&gtm=45He47v0n81TDFXFQXv850445531za200&auid=330050598.1722768621
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		330 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52877aa8df8f5f1362ffae80a1dc315be43fb8d71bd1b08c369a682058814995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
109679
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 10:50:21 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1423196/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bee3d3ce625b7060243218906743caca3156109f00296f69608b24f402a52a74

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ycWtn9aeJLCaDOoqxhJxTQHtYjkmU7Xg
content-encoding
gzip
via
1.1 varnish
date
Sun, 04 Aug 2024 10:50:21 GMT
x-amz-request-id
G786JKP8BKR250BY
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21955
x-amz-id-2
YI6yNoGmwRHRzhBL9fsXsEB4Y2zroRdYly7ej8yHbc+129Q3uo7Zm503QEWbXvTp+XkVCvhsSaw=
x-served-by
cache-yul1970024-YUL
last-modified
Sun, 28 Jul 2024 12:16:31 GMT
server
AmazonS3
x-timer
S1722768621.089751,VS0,VE40
etag
"2b38af8a9fa08441cf94c83502ec7ee0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
46
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
destination
www.googletagmanager.com/gtag/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bfb26029b55effcea3117741b5f9a0f26ea6e9bd079eccb8b1d9ac29651eec4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78129
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Aug 2024 10:50:21 GMT
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 04 Aug 2024 10:50:20 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1750B2161D3C446D9E4B41BF23CA87B6 Ref B: YMQ01EDGE0315 Ref C: 2024-08-04T10:50:21Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
destination
www.googletagmanager.com/gtag/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8df853a49fcdb3e2c4f848dea6c22592f3e4772e46d64dbc6cb91e49c0ae1881
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78127
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Aug 2024 10:50:21 GMT
scevent.min.js
sc-static.net/ 		49 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
dc242f2acb69deaa2c17cce616c89430cd666771b2e8303465bbfdc340d39663

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
gzip
via
1.1 480d73d26133a5d3268f9cfc7c99d59c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
21227
x-amz-cf-id
iHR-cOw79US6nVrKBvTPtaJDHXoY-PRr38WroyUkbVx9rvHZD0XwoA==
collect-g.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 		105 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.216.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-216-84.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 18:23:23 GMT
content-encoding
gzip
via
1.1 837618b47e5c2bb0a75ec63765498424.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C1
age
59219
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
20382
last-modified
Fri, 12 Jul 2024 12:32:30 GMT
server
AmazonS3
etag
"c8164200b1af114ca9af998ceedb1fc2"
content-type
application/x-javascript; charset=UTF-8
cache-control
max-age=604800,s-maxage=604800
accept-ranges
bytes
x-amz-cf-id
I_YNsw5Dm-K_d2TYNIT9fSnNCOaSMhX-d4L9TUG9dVP2kwfJvXqEMA==
everflow.js
www.ibph4trk.com/scripts/sdk/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibph4trk.com/scripts/sdk/everflow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.199.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.199.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1b593a3379b6ba352db1a3c7d7285544e796ff62e63bffc5dc42513e6a45577b

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server
nginx
vary
Origin
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
e6c57be8-a561-4f03-9e99-70456ea94943
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000111-IAD
js
www.googletagmanager.com/gtag/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-12217290
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86832389bd74a820950448b04a6a9e1da32ebf0e0a00c69fa313c1f89c433cd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78164
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Aug 2024 10:50:21 GMT
gnsm8am7co
www.clarity.ms/tag/ 		1004 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/gnsm8am7co?ref=gtm2
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c368d3039d42cc858a94f961a87072555d48e18a5ba7005504895139de8bd862

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date
Sun, 04 Aug 2024 10:50:21 GMT
x-azure-ref
20240804T105021Z-15c999468cdvvxjn5zk681b8tc0000000feg000000001d70
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1004
expires
-1
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0096322ae2cc81ae4e40f62a0029a3ef7a1385105c1581fc13156187092e24aa

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
dac0a6c
date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240804105021CAAC78497089DB988E2D-4BF44908BEB80A66-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=12
content-length
2168
pragma
no-cache
server
nginx
x-tt-logid
20240804105021CAAC78497089DB988E2D
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08d68dac0dbe55e10e392a93d68f31ca815d66121774865728014afd2b9d11e2ef74a7523e5c7e8881e8e294a80c21f98db15d4e6443012457ca4f5e3acb5062945
expires
Sun, 04 Aug 2024 10:50:21 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14028140
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4b8ae8b7b4cc82e308657d274bca3cd6cb9f7bcb46ff9620d14724c909e3eeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78166
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Aug 2024 10:50:21 GMT
www-widgetapi.js
www.youtube.com/s/player/d2e656ee/www-widgetapi.vflset/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d2e656ee/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::5b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 08:16:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
354850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10518
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 04:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 31 Jul 2025 08:16:11 GMT
activityi;dc_pre=CIHs052V24cDFb8bdgYdTRQQ1Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3172385119942;npa=0;auiddc=330050598.1722768621;ps=1;pcor=31319993;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
12217290.fls.doubleclick.net/ Frame 045C
Redirect Chain
  • https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3172385119942;npa=0;auiddc=330050598.1722768621;ps=1;pcor=31319993;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
  • https://12217290.fls.doubleclick.net/activityi;dc_pre=CIHs052V24cDFb8bdgYdTRQQ1Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3172385119942;npa=0;auiddc=330050598.1722768621;ps=1;pcor=31319993;uaa...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12217290.fls.doubleclick.net/activityi;dc_pre=CIHs052V24cDFb8bdgYdTRQQ1Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3172385119942;npa=0;auiddc=330050598.1722768621;ps=1;pcor=31319993;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.148 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
461
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Aug 2024 10:50:21 GMT
expires
Sun, 04 Aug 2024 10:50:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Aug 2024 10:50:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12217290.fls.doubleclick.net/activityi;dc_pre=CIHs052V24cDFb8bdgYdTRQQ1Q;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3172385119942;npa=0;auiddc=330050598.1722768621;ps=1;pcor=31319993;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3172385119942;npa=0;auiddc=330050598.1722768621;ps=1;pcor=31319993;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=n...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=12217290;type=regro0;cat=rg_al0;ord=1;num=3172385119942;npa=0;auiddc=330050598.1722768621;ps=1;pcor=31319993;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688?
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f148.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:50:21 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"9889074415340392213"}],"aggregatable_trigger_data":[{"filters":[{"14":["13301863"]}],"key_piece":"0xe3a33a8cceaea601","source_keys":["12","13","14","15","16","17","18","19","20","21","634895880","634895881","634895882","634895883","634911120","634911121","634911122","634911123","900110928","900110929","900110930","900110931"]},{"key_piece":"0xa81653bf70b737a3","not_filters":{"14":["13301863"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","634895880","634895881","634895882","634895883","634911120","634911121","634911122","634911123","900110928","900110929","900110930","900110931"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"634895880":93,"634895881":93,"634895882":93,"634895883":9081,"634911120":93,"634911121":93,"634911122":93,"634911123":9081,"900110928":109,"900110929":109,"900110930":109,"900110931":10594},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2858927849093409358","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9889074415340392213","filters":[{"14":["13301863"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9889074415340392213","filters":[{"14":["13301863"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9889074415340392213","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9889074415340392213","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12217290"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je47v0v9176637411z8850445531za200zb850445531&_p=1722768620510&_gaz=1&gcs=G111&gcd=13v3v3v3v5&npa=0&dma=0&tag_exp=95250753&cid=1477771680.1722768621&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722768621&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688&dt=ReGrow&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1084
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:50:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-19QC860WB0&cid=1477771680.1722768621&gtm=45je47v0v9176637411z8850445531za200zb850445531&aip=1&dma=0&gcs=G111&gcd=13v3v3v3v5&npa=0&frm=0&tag_exp=95250753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:50:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-19QC860WB0&cid=1477771680.1722768621&gtm=45je47v0v9176637411z8850445531za200zb850445531&aip=1&dma=0&gcs=G111&gcd=13v3v3v3v5&npa=0&frm=0&tag_exp=95250753&tag_exp=95250753&z=1212817705
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:50:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
topics_api
psb.taboola.com/ 		65 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 04 Aug 2024 10:50:21 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1722768621.398386,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-served-by
cache-yul1970038-YUL
json
trc.taboola.com/1423196/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1423196/trc/3/json?tim=1722768621354&data=%7B%22id%22%3A848%2C%22ii%22%3A%22%2Fpresentation%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1722768621331%2C%22cv%22%3A%2220240728-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpurehealthresearch-sc-regrowhair-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1722768621353%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688%22%2C%22tos%22%3A15%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f97ffb526929e793d687d1f617b0947413506736414a57a5aa4a28b0c965dfd

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
36
date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
25354
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yul1970024-YUL
x-log-content-encoding
gzip
server
nginx
x-timer
S1722768621.410116,VS0,VE36
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
activityi;dc_pre=CPGT6J2V24cDFdAWdgYdAX8FsQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5060738319847;npa=0;auiddc=330050598.1722768621;ps=1;pcor=1683681319;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
14028140.fls.doubleclick.net/ Frame F43D
Redirect Chain
  • https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5060738319847;npa=0;auiddc=330050598.1722768621;ps=1;pcor=1683681319;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
  • https://14028140.fls.doubleclick.net/activityi;dc_pre=CPGT6J2V24cDFdAWdgYdAX8FsQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5060738319847;npa=0;auiddc=330050598.1722768621;ps=1;pcor=1683681319...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14028140.fls.doubleclick.net/activityi;dc_pre=CPGT6J2V24cDFdAWdgYdAX8FsQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5060738319847;npa=0;auiddc=330050598.1722768621;ps=1;pcor=1683681319;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.148 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
711
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Aug 2024 10:50:21 GMT
expires
Sun, 04 Aug 2024 10:50:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Aug 2024 10:50:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://14028140.fls.doubleclick.net/activityi;dc_pre=CPGT6J2V24cDFdAWdgYdAX8FsQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5060738319847;npa=0;auiddc=330050598.1722768621;ps=1;pcor=1683681319;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5060738319847;npa=0;auiddc=330050598.1722768621;ps=1;pcor=1683681319;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;psc...
ad.doubleclick.net/ 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5060738319847;npa=0;auiddc=330050598.1722768621;ps=1;pcor=1683681319;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v3v5;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688?
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f148.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:50:21 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"5815204783484620045"}],"aggregatable_trigger_data":[{"filters":[{"14":["49526215"]}],"key_piece":"0x998d032a74f365eb","source_keys":["12","13","14","15","16","17","18","19","20","21","15113760","15113761","15113762","15113763","16773548","16773549","16773550","16773551","628842984","628842985","628842986","628842987","900147912","900147913","900147914","900147915"]},{"key_piece":"0x1e3119eab745c3c8","not_filters":{"14":["49526215"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15113760","15113761","15113762","15113763","16773548","16773549","16773550","16773551","628842984","628842985","628842986","628842987","900147912","900147913","900147914","900147915"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15113760":81,"15113761":81,"15113762":81,"15113763":7946,"16":65,"16773548":72,"16773549":72,"16773550":72,"16773551":7062,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628842984":54,"628842985":54,"628842986":54,"628842987":5297,"900147912":50,"900147913":50,"900147914":50,"900147915":4889},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"15630824268982572433","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5815204783484620045","filters":[{"14":["49526215"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"5815204783484620045","filters":[{"14":["49526215"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"5815204783484620045","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"5815204783484620045","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14028140"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
137023477.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137023477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e2f1f97690851d87817f9c74a5085d3dab6273f86e6d7c7df9127cf4bc4315c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Sun, 04 Aug 2024 10:50:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 16BC98749EED4D47A99040C3E00817EA Ref B: YMQ01EDGE0315 Ref C: 2024-08-04T10:50:21Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
syncframe
gum.criteo.com/ Frame B24F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=91644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 04 Aug 2024 10:50:20 GMT
server
Kestrel
server-processing-duration-in-ticks
400596
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=ea5e759d-988d-450a-8532-f1b28f15ef39&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2f71feb2-0194-4dc3-9d77-41e70979c851&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.30
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.130 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time
83
date
Sun, 04 Aug 2024 10:50:21 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
1b3b88663aa1bb8f
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
77266f8d3df44523393a661960c94f4d50085a3f29e8c01317b778ecaf1c3382
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=ea5e759d-988d-450a-8532-f1b28f15ef39&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2f71feb2-0194-4dc3-9d77-41e70979c851&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.30
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time
79
date
Sun, 04 Aug 2024 10:50:21 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
42473db0ed2de909
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
4fb5b80040567662378de342962a01c93c1171cb136d0db5a22226eef445f1de
content-length
43
id
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		30 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.regrowhairformula.com
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.79.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-79-84.jfk52.r.cloudfront.net
Software
/
Resource Hash
9b9c99c51fb1b50b87e0a98393a188799678b823561b08fbc80f6340d72b86f7

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
via
1.1 23e7aee2c1da825ba7d0bf0266366110.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P5
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
content-length
30
apigw-requestid
b-t1MgyooAMEbVA=
x-amz-cf-id
7O-dWHmlWmiq8G3TZsU1C7Zegqm3f2YPdc5KAd4ioowrGqqAuuUaNA==
c61ad1ca-f59a-4219-990e-b8a5d1118ab6.json
tr.snapchat.com/config/com/ 		116 B
410 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/c61ad1ca-f59a-4219-990e-b8a5d1118ab6.json?v=3.24.0-2407292126
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
1c861c26773390863ae121a67ec84609a45d31dc45c36c13cca0f456b92f53c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept
application/json
Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://saynotobald.com
x-envoy-upstream-service-time
39
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
i
tr.snapchat.com/cm/ Frame C127 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_scsid=d4639369-dd1c-4e61-add8-ceb0da20618e&u_sclid=79b660ac-5bf3-4b7f-b717-9645ee3a0b14
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
672
content-type
text/html
date
Sun, 04 Aug 2024 10:50:21 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
0
p
tr.snapchat.com/ 		68 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&ev=PAGE_VIEW&intg=gtm&pids=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_c1=35af2f73-d092-4ecb-85d8-41a7886db245&cdid=%40-b28736d9-d1fb-4046-a3f2-3497dccbff26&u_sclid=79b660ac-5bf3-4b7f-b717-9645ee3a0b14&u_scsid=d4639369-dd1c-4e61-add8-ceb0da20618e&bg=false&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=446&m_fcps=516&m_pi=445&m_pl=0&m_pv=2&m_rd=1420&m_sh=1200&m_sl=1&m_sw=1600&pl=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688&trackId=d98d2ba4-2a96-4995-a099-7c755a243168&ts=1722768621629&v=3.24.0-2407292126
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
1
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
clarity.js
www.clarity.ms/s/0.7.41/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gnsm8am7co?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
br
last-modified
Thu, 01 Aug 2024 19:54:07 GMT
etag
W/"0x8DCB263B4239D88"
vary
Accept-Encoding
x-azure-ref
20240804T105021Z-15c999468cdvvxjn5zk681b8tc0000000feg000000001d7n
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6cb445a9-701e-0001-29be-e47107000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
main.MTc2ZTRjM2Y4NQ.js
analytics.tiktok.com/i18n/pixel/static/ 		345 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ad28b3b5f28739765840503c574c9ae1df73468e1ff3e3ed7b2e29b9dee6c7f1

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
dac0d31
date
Sun, 04 Aug 2024 10:50:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202407310104169FDCD68C4E1F66C24638
x-tt-trace-id
00-2407310104169FDCD68C4E1F66C24638-3DE77E248A6E5ED8-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0165254bc20f9710af3d75f9149c15cccc2b6bfb713680cab39eebcca9fce33bc5251084d35c2536f71d08ceeb92d775e9ea9af94fe3c34cff74d6123fa0dce372abae3641e50e809d15ac106e29442ff47155b1408d53a8821ea0d0a32fd98514
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
99366
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fsaynotobald.com&rl=&if=false&ts=1722768621683&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1722768621675.915125102399291639&pm=1&hrl=f9ce6a&ler=empty&cdl=API_unavailable&it=1722768620859&coo=false&cs_cc=1&cas=7881967401882351%2C7517427561716084%2C8443922588968707%2C26034578199519331%2C8141434192645646%2C7579772582137965%2C7380041312118141%2C5904082956382190%2C8012597892088465%2C7617628734960318%2C7776626955734231%2C7383496225079023%2C7377693012315080%2C7614754538545034%2C7510813242314237%2C6945292395551325%2C7553474568045692%2C7283762228396572%2C7470405063049324%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C25405276682421135%2C7584915014861402%2C7112737342092811%2C6763574803742773%2C7339467549439646%2C7894091980641460%2C7544712445564313%2C6317318171714328%2C7662419700483096%2C25916332654632115%2C9519302044810334%2C5781673425258056%2C8032076670139991%2C7039146506197689%2C7609299599122216%2C8024146470981584%2C9934289436642028%2C5735284416492337&exp=f0&rqm=GET
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=10, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 04 Aug 2024 10:50:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fsaynotobald.com&rl=&if=false&ts=1722768621683&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1722768621675.915125102399291639&pm=1&hrl=f9ce6a&ler=empty&cdl=API_unavailable&it=1722768620859&coo=false&cs_cc=1&cas=7881967401882351%2C7517427561716084%2C8443922588968707%2C26034578199519331%2C8141434192645646%2C7579772582137965%2C7380041312118141%2C5904082956382190%2C8012597892088465%2C7617628734960318%2C7776626955734231%2C7383496225079023%2C7377693012315080%2C7614754538545034%2C7510813242314237%2C6945292395551325%2C7553474568045692%2C7283762228396572%2C7470405063049324%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C25405276682421135%2C7584915014861402%2C7112737342092811%2C6763574803742773%2C7339467549439646%2C7894091980641460%2C7544712445564313%2C6317318171714328%2C7662419700483096%2C25916332654632115%2C9519302044810334%2C5781673425258056%2C8032076670139991%2C7039146506197689%2C7609299599122216%2C8024146470981584%2C9934289436642028%2C5735284416492337&exp=f0&rqm=FGET
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 04 Aug 2024 10:50:21 GMT
document-policy
force-load-at-top
x-fb-server-load
54
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399234886461143488", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=10, mss=1297, tbw=3103, tp=-1, tpl=-1, uplat=109, ullat=0
pragma
no-cache
x-fb-debug
se+SQzR7FgC5+ge+xoNHdhfkEwAerL4/3bak/sfrSuDHFq/k6Xy33PUDKRSf+qiESS+B+ayy1u01IIbk+wj0PQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399234886461143488"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Sun, 04 Aug 2024 10:50:21 GMT
x-amz-request-id
6JHGH81ZT92XB2EC
age
362
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
LIzssnkqEXvaqWOPai9EQSGBymMqgtnK9agcSWZpI34OwU2eUCOttSDk3fx8xZjawg5pSDgtre4=
x-served-by
cache-yul1970024-YUL
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1722768622.704057,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
66
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
436
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Sun, 04 Aug 2024 10:50:21 GMT
x-amz-request-id
QXENVYWNQSDA4Z69
age
9619
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
Gurb87VBhhjA64p5CpyuGsPYjhYqtCvfgPu8jDBvx79Vx3d06sXrrtpGkitsufaKF4tnoN/mH5A=
x-served-by
cache-yul1970024-YUL
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-timer
S1722768622.704166,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
63
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4582
137023477
www.clarity.ms/tag/uet/ 		816 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/137023477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/137023477.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a4cc39e739d1af61b70a3d42bfa7bdfc5bff2c0fd2e75de45d47bca0a612da7

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
date
Sun, 04 Aug 2024 10:50:21 GMT
x-azure-ref
20240804T105021Z-15c999468cdvvxjn5zk681b8tc0000000feg000000001d7w
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
816
expires
-1
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137023477&tm=gtm002&Ver=2&mid=f461a22f-42e5-4e5e-95fb-e98e7e33c698&sid=58c51990524f11ef95456f4fb76c3a2d&vid=58c54c40524f11efafb423410be0f3d8&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=ReGrow&p=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688&r=&lt=446&evt=pageLoad&sv=1&cdb=AQAQ&rn=687055
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 04 Aug 2024 10:50:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F0E70BAD2E5A4D5FAA933D797B8FE55C Ref B: YMQ01EDGE0315 Ref C: 2024-08-04T10:50:21Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		4 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 04 Aug 2024 10:50:21 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://saynotobald.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-served-by
cache-yul1970038-YUL
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 04 Aug 2024 10:50:22 GMT
cache-control
no-store
server
nginx
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		514 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.79.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-79-84.jfk52.r.cloudfront.net
Software
/
Resource Hash
aa982255895847c441c87ea8e8fa17c49f6155148979ec1b5bd2f133e75b8214

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 04 Aug 2024 10:50:22 GMT
via
1.1 23e7aee2c1da825ba7d0bf0266366110.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P5
x-amzn-requestid
61c6de30-53cf-5be3-a549-81190ce15aed
x-cache
Miss from cloudfront
content-type
text/xml
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
content-length
514
apigw-requestid
b-t1PjFIoAMEVxQ=
x-amz-cf-id
nsBfdH8Njc8INb6W2_QQ-qGCuHh3OwVSJO9GNPfdqNSh9pEN-Iwutg==
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.79.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-79-84.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://saynotobald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
3117
alt-svc
h3=":443"; ma=86400
apigw-requestid
b-mOHi6OIAMESdA=
date
Sun, 04 Aug 2024 09:58:24 GMT
via
1.1 23e7aee2c1da825ba7d0bf0266366110.cloudfront.net (CloudFront)
x-amz-cf-id
9MzSpcCAXF8ubAYH2Gn9A50RNb_rfqPygrrQl1eCsiWefw1x0JzwBg==
x-amz-cf-pop
JFK52-P5
x-cache
Hit from cloudfront
identify_c2008b8c.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
dac10f3
date
Sun, 04 Aug 2024 10:50:22 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024072912414836AEE57E78CCCF3B182C
x-tt-trace-id
00-24072912414836AEE57E78CCCF3B182C-140D3F7088812C93-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01a225ba231b0fefae7eb877403795e4b0b59a9502cd9cec317ea58dec57c3d1a81b2a9fbd50223e6341767f29e5a9c65b26a6b96318b3c274b5df38cde898b0a2f47da272c1170f47c678315592ff5980b678652dad860cea90fdcb7cd6db99d7
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
39285
monitor
analytics.tiktok.com/api/v2/ 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
dac111e
date
Sun, 04 Aug 2024 10:50:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240804105022CAAC78497089DB988E82-0DCC6A182BBB8097-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=11, cdn-cache; desc=MISS, edge; dur=23, origin; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240804105022CAAC78497089DB988E82
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
17,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08d68dac0dbe55e10e392a93d68f31ca815d1c8b12c81b94f0e0c1b190a844b0d999f8204a4b70e34e01da7adbc43447afdd13f1bb87a7c11b704912d9909fcca19
access-control-allow-headers
Authorization,*
expires
Sun, 04 Aug 2024 10:50:22 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
701 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
dac111f
date
Sun, 04 Aug 2024 10:50:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240804105022F8A812D4F6BF32B03EAB-1D9F10EFB3DF7F95-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=10, cdn-cache; desc=MISS, edge; dur=12, origin; dur=13
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240804105022F8A812D4F6BF32B03EAB
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08df99c241cb407abad9ee8613fc2a4a93dec0c47af6dea373e8f515175edf3841e60e667a253a6a2b8b1f693c976a9ebeda9cc5dc0bfd2048ba20d73c572722544
access-control-allow-headers
Authorization,*
expires
Sun, 04 Aug 2024 10:50:22 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
702 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
dac112d
date
Sun, 04 Aug 2024 10:50:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240804105022F8A812D4F6BF32B03EB6-3AEF1B8CBD95E4CD-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=13, cdn-cache; desc=MISS, edge; dur=63, origin; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240804105022F8A812D4F6BF32B03EB6
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
16,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08df99c241cb407abad9ee8613fc2a4a93dbcfe70f7d3ec95110e473a62d1d56560591cacfc0a27615c93e715160e92ad576f5646330e3dbd1f7552e34d6a6b0b0d
access-control-allow-headers
Authorization,*
expires
Sun, 04 Aug 2024 10:50:22 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
701 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
dac11a2
date
Sun, 04 Aug 2024 10:50:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240804105022C072279B1148269CFF09-3E4EACD1FB5738DB-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=12, cdn-cache; desc=MISS, edge; dur=20, origin; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240804105022C072279B1148269CFF09
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
17,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08d2cd9a1c073b28fc10d8ab07b74a90cf867909e255a1b753e61dd5f64e1d0664c886409c95501054d0b5747b932fede4cefd569835295c5733bc7e9244470ed53
access-control-allow-headers
Authorization,*
expires
Sun, 04 Aug 2024 10:50:22 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
dac11a4
date
Sun, 04 Aug 2024 10:50:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2408041050224D8CD67E74322AC60B6F-61503779A195096C-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=32, cdn-cache; desc=MISS, edge; dur=21, origin; dur=36
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202408041050224D8CD67E74322AC60B6F
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
37,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08d7a7fbcddac17dd9494506b84751b8e32bf68e1c3f058deb9bccba31957cec1b214e86246d9ca9208aeedb106ee2877831dbb19e14b652db559ca927c710a5f27
access-control-allow-headers
Authorization,*
expires
Sun, 04 Aug 2024 10:50:22 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
701 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
dac11a5
date
Sun, 04 Aug 2024 10:50:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240804105022829CB3B39AF68F9982B5-235ABB72BF78533D-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=10, cdn-cache; desc=MISS, edge; dur=20, origin; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240804105022829CB3B39AF68F9982B5
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
16,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08d2cd9a1c073b28fc10d8ab07b74a90cf804a0fffb06d2741c9ffebb41ad629e9b2acce14ac8178c6174f8792588a049f0e46c933456502df6026a372d2f68643a
access-control-allow-headers
Authorization,*
expires
Sun, 04 Aug 2024 10:50:22 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
dac11a6
date
Sun, 04 Aug 2024 10:50:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240804105022CAAC78497089DB988E87-179907E08C11270A-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=10, cdn-cache; desc=MISS, edge; dur=20, origin; dur=14
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240804105022CAAC78497089DB988E87
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
15,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08d68dac0dbe55e10e392a93d68f31ca81502473ecdfc8a1c0cdac78080c0d2c4578a46c2b4a6abecbe057be6524dfc590e30c5667518b60b57529a55390e0f6caa
access-control-allow-headers
Authorization,*
expires
Sun, 04 Aug 2024 10:50:22 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
dac11a7
date
Sun, 04 Aug 2024 10:50:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2408041050221A898248F16831B02675-3CAF3CA7FD318DED-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=35, cdn-cache; desc=MISS, edge; dur=21, origin; dur=37
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202408041050221A898248F16831B02675
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
38,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08da3c6ea1004d523d60fb494fa3a9a7a1c657803bb1bc2db9774a7c2a3ff1fe4a113c87f2e2005f2ba1c85035781145fc9b7f3851423ed4b3b6714eb967f1dea04
access-control-allow-headers
Authorization,*
expires
Sun, 04 Aug 2024 10:50:22 GMT
click
www.ibph4trk.com/sdk/ 		86 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ibph4trk.com/sdk/click?effp=580dbf4c3e58b6749e479d73d182ddb4&sec_ch_ua_platform=&sec_ch_ua_platform_version=&sec_ch_ua_model=&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&oid=88&affid=463&__cc=&async=json&uid=0&__qp=utm_source%7Cutm_medium%7Cutm_content%7Cutm_campaign%7Caffid%7Coid%7Cuid%7C_ef_transaction_id%7Cn&__rf=&__efckuq=28
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.199.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.199.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
54b27ec1bd452afd907ff43d54764d60c5a605cdb68c6d7c73a80d668a09a011

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:50:22 GMT
via
1.1 google
server
nginx
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://saynotobald.com
access-control-allow-credentials
true
x-eflow-request-id
51c89d87-1cf6-458b-8ea7-4ab7fc7eb5e8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86
p
tr6.snapchat.com/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 04 Aug 2024 10:50:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
via
1.1 google, 1.1 google
server
API Gateway
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
monitor
analytics.tiktok.com/api/v2/ 		0
698 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
dac1214
date
Sun, 04 Aug 2024 10:50:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2408041050221A898248F16831B0267B-04C1A5B4A77C315E-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=11, cdn-cache; desc=MISS, edge; dur=8, origin; dur=18
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202408041050221A898248F16831B0267B
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
19,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08da3c6ea1004d523d60fb494fa3a9a7a1c0f88eeabad71d6e75258bdaa8c1d58843a826701e30c1d99958d3e665ebbb92fcdf2340aaac142c3c15f4fa34a8b2f5f
access-control-allow-headers
Authorization,*
expires
Sun, 04 Aug 2024 10:50:22 GMT
collect
t.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://saynotobald.com
Date
Sun, 04 Aug 2024 10:50:22 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
p
tr.snapchat.com/ 		0
90 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 04 Aug 2024 10:50:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
access-control-allow-origin
https://saynotobald.com
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
monitor
analytics.tiktok.com/api/v2/ 		0
701 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
dac13b7
date
Sun, 04 Aug 2024 10:50:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2408041050221A898248F16831B02688-5577A540AA8CA099-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=10, cdn-cache; desc=MISS, edge; dur=10, origin; dur=13
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202408041050221A898248F16831B02688
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08da3c6ea1004d523d60fb494fa3a9a7a1c25a7692a173298b4a0ff557df0f89d5e8d3b933ad01ff5a479f2ed6b0bfb3f308ac47176f5b6db96bf4382345716f799
access-control-allow-headers
Authorization,*
expires
Sun, 04 Aug 2024 10:50:22 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.116.226 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-217-116-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
dac13b8
date
Sun, 04 Aug 2024 10:50:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240804105022C072279B1148269CFF24-534BCFDD7D8541E3-00
x-cache
TCP_MISS from a23-217-116-222.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=15, cdn-cache; desc=MISS, edge; dur=10, origin; dur=20
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240804105022C072279B1148269CFF24
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
21,23.217.116.222
x-tt-trace-host
01c6924f8812bfc1a214d7532ab5d9438681fd3a5845e640bda675c4679378a08d2cd9a1c073b28fc10d8ab07b74a90cf87c15c7918ac38dca8a03ca0fff92c04430e772e5141d9bc31c9641789e0ad9e7051bbc52baf2bfd29980f9b3f3036027
access-control-allow-headers
Authorization,*
expires
Sun, 04 Aug 2024 10:50:22 GMT
adnypeu
service3.purehealthresearch.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service3.purehealthresearch.com/adnypeu
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 04 Aug 2024 10:50:22 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Access-Control-Allow-Methods
GET
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=609FE1E0674743ECA25FA41EE4118DED&RedC=c.clarity.ms&MXFR=3CDF8A1397966BCB3C8A9EC2939665AC
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=609FE1E0674743ECA25FA41EE4118DED&MUID=3D8B804B3A2E611E0032949A3BF86033
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=609FE1E0674743ECA25FA41EE4118DED&MUID=3D8B804B3A2E611E0032949A3BF86033
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:50:22 GMT
last-modified
Thu, 01 Aug 2024 17:49:37 GMT
server
Microsoft-IIS/10.0
etag
"3f6e7b2d3be4da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:50:22 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 738793DA553B486F8D601832F0A8953E Ref B: YMQ01EDGE0315 Ref C: 2024-08-04T10:50:22Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=609FE1E0674743ECA25FA41EE4118DED&MUID=3D8B804B3A2E611E0032949A3BF86033
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.png
saynotobald.com/img/ 		547 B
840 B 		Other
General
Check archive.org
Download Go to
Full URL
https://saynotobald.com/img/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
a47e8dfabfb472192c82c8d03cb2e526fd5c2cc53778c5460c7e6e25ee81b8c2

Request headers

Referer
https://saynotobald.com/presentation?utm_source=cpa&utm_medium=affiliate&utm_content=regrowvsl&utm_campaign=regrowcpa&affid=463&oid=88&uid=0&_ef_transaction_id=bd0badd8a491495f84e412f985c90f9c&n=688
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 04 Aug 2024 10:50:22 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"223-18a454e64f6"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
547
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		514 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.79.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-79-84.jfk52.r.cloudfront.net
Software
/
Resource Hash
2c0f5353f81efad80c514a67aabad3ed7a4405500b44427fd7561dafbcf85025

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 04 Aug 2024 10:50:22 GMT
via
1.1 87f2baff7d21f066e818884baff3fc4a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P5
x-amzn-requestid
6f016946-b043-58e8-ae0f-366fef6d2409
x-cache
Miss from cloudfront
content-type
text/xml
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
content-length
514
apigw-requestid
b-t1VhEDIAMEbHQ=
x-amz-cf-id
1eyLObh_zryFwVj0GfFMOzYZKJxegvjBRM5nQQIMGu2eWDjwkUHGPQ==
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saynotobald.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:13:23 GMT
x-content-type-options
nosniff
age
254219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 12:13:23 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saynotobald.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 20:58:42 GMT
x-content-type-options
nosniff
age
222700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18492
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 20:58:42 GMT
unip
trc-events.taboola.com/1423196/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=1692&scd=0&ssd=1&est=1722768621336&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1722768623029&vi=1722768621331&ri=4ddcaa7b6802f90032f41814d8af1b72&sd=v2_f55fb15a3517648a27932d7b33d1bb2a_a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d_1722768621_1722768621_CNawjgYQ3O5WGJP-i-iRMiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABokKfTisD8_NRPcAE&ui=a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688&ler=other&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://saynotobald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://saynotobald.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sun, 04 Aug 2024 10:50:23 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1423196/log/3/ 		0
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=1692&scd=0&ssd=1&est=1722768621336&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1722768623029&vi=1722768621331&ri=4ddcaa7b6802f90032f41814d8af1b72&sd=v2_f55fb15a3517648a27932d7b33d1bb2a_a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d_1722768621_1722768621_CNawjgYQ3O5WGJP-i-iRMiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABokKfTisD8_NRPcAE&ui=a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688&ler=other&it=JS_PIXEL
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://saynotobald.com
pragma
no-cache
date
Sun, 04 Aug 2024 10:50:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
t.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://saynotobald.com
Date
Sun, 04 Aug 2024 10:50:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
unip
trc-events.taboola.com/1423196/log/3/ 		0
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=4695&scd=0&ssd=1&est=1722768621336&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1722768626033&vi=1722768621331&ri=4ddcaa7b6802f90032f41814d8af1b72&sd=v2_f55fb15a3517648a27932d7b33d1bb2a_a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d_1722768621_1722768621_CNawjgYQ3O5WGJP-i-iRMiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABokKfTisD8_NRPcAE&ui=a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688&ler=other&it=JS_PIXEL
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://saynotobald.com
pragma
no-cache
date
Sun, 04 Aug 2024 10:50:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1423196/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=4695&scd=0&ssd=1&est=1722768621336&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1722768626033&vi=1722768621331&ri=4ddcaa7b6802f90032f41814d8af1b72&sd=v2_f55fb15a3517648a27932d7b33d1bb2a_a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d_1722768621_1722768621_CNawjgYQ3O5WGJP-i-iRMiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABokKfTisD8_NRPcAE&ui=a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688&ler=other&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://saynotobald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://saynotobald.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sun, 04 Aug 2024 10:50:26 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je47v0v9176637411za200zb850445531&_p=1722768620510&gcs=G111&gcd=13v3v3v3v5&npa=0&dma=0&tag_exp=95250753&cid=1477771680.1722768621&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722768621&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Daffiliate%26utm_content%3Dregrowvsl%26utm_campaign%3Dregrowcpa%26affid%3D463%26oid%3D88%26uid%3D0%26_ef_transaction_id%3Dbd0badd8a491495f84e412f985c90f9c%26n%3D688&dt=ReGrow&en=scroll&epn.percent_scrolled=90&_et=19&tfd=6118
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:50:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
sslwidget.criteo.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.regrowhairformula.com
URL
https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel
Domain
sslwidget.criteo.com
URL
https://sslwidget.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=zGDgDV9DdHkwR01NcElwMXlLbWRMMjVOV1djMFlYS0RhV3c3RzF5M2hlbGQ0eGdnV3FtSDc2ajgzVGlBdUlkZ2xxdjFidDV0Z3BWaVNvcTFLJTJGYm9VR25leHh4S25TVlZJYkdIUm4xQUdoOGNrTGY5SmphVTBBVGxqNUs2QiUyQnUlMkZES1dXWFpVZ3MxaDVxUjhOcFYlMkJ4UVlIJTJCZGo0T3Bwd3pnamk0NTZSJTJCMXh4Q1lSa0UlM0Q&sc=%7B%22fbp%22%3A%22fb.1.1722768621675.915125102399291639%22%2C%22ttp%22%3A%22AL0kuOfC7uVLKSmTR-_Vqysh38I%22%7D&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Daffiliate%2526utm_content%253Dregrowvsl%2526utm_campaign%253Dregrowcpa%2526affid%253D463%2526oid%253D88%2526uid%253D0%2526_ef_transaction_id%253Dbd0badd8a491495f84e412f985c90f9c%2526n%253D688&ceid=95a7e321-85d0-4a46-8ab0-959d42abbe98

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer function| fbq function| _fbq object| lazySizesConfig object| lazySizes function| init function| adjustVideoPlayerSize function| onYouTubeIframeAPIReady function| getVideoStartTime function| onProgress function| updateTime function| setTapImageSource function| showTapImage function| hideTapImage function| showNextStepButton function| videoChangeGo function| handleKeyboardEvent function| isFacebookApp function| smoothScrollTo function| calculateScrollTopPosition function| showCookiesBanner function| acceptCookies function| setCookie function| getCookie function| toOrderForm object| google_tag_manager object| google_tag_data object| __tfa_pixel_init object| _tfa function| snaptr function| twq function| clarity string| TiktokAnalyticsObject object| ttq object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| gaGlobal function| UET function| UET_init function| UET_push function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM object| Criteo object| criteo_q object| _scPxHelper object| _scPxTeller object| ueto_d93161d65e object| uetq object| regeneratorRuntime object| twttr object| TimeMe boolean| _ucaloaded string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent object| _uca function| ucaEvent boolean| ucaInit object| EF function| gtag function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| clarityuetq

56 Cookies

Domain/Path Name / Value
.taboola.com/purehealthresearch-sc-regrowhair-sc/ Name: taboola_session_id
Value: v2_f55fb15a3517648a27932d7b33d1bb2a_a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d_1722768621_1722768621_CNawjgYQ3O5WGJP-i-iRMiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABokKfTisD8_NRPcAE
sc-static.net/scevent.min.js Name: X-AB
Value: fdcf6e462b6e488abffd4929ae370321
.youtube.com/ Name: YSC
Value: jumPaRuU5VI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Qr2JkSYOcOE
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJDQRIEGgAgGA%3D%3D
.saynotobald.com/ Name: _gcl_au
Value: 1.1.330050598.1722768621
secure.regrowhairformula.com/ Name: AWSALBCORS
Value: 7Iiu/5dmbox1PIX7mVGnrsVeYnAnpesOZMubykpAZu/W5aBiEAoVeppV4sMwAE8r/aXkGZ89OFMyvaIL0K3fqd48ilIxrObxdy0GxH/pvKdTlekWZNaPiKSht57u
.saynotobald.com/ Name: _ga
Value: GA1.1.1477771680.1722768621
.saynotobald.com/ Name: _ga_19QC860WB0
Value: GS1.1.1722768621.1.0.1722768621.60.0.0
.doubleclick.net/ Name: ar_debug
Value: 1
www.clarity.ms/ Name: CLID
Value: 10698063345f480c894766bd4ee2ccd1.20240804.20250804
.tiktok.com/ Name: _ttp
Value: 2kBt6TuibZVxaNVzksyKvlb20FB
.taboola.com/ Name: t_gid
Value: a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d
.taboola.com/ Name: t_pt_gid
Value: a2936007-94ec-48c3-a373-04f5d8502ed2-tuctda8e26d
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
.saynotobald.com/ Name: _scid
Value: 35af2f73-d092-4ecb-85d8-41a7886db245
.saynotobald.com/ Name: _scid_r
Value: 35af2f73-d092-4ecb-85d8-41a7886db245
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.saynotobald.com/ Name: _fbp
Value: fb.1.1722768621675.915125102399291639
.doubleclick.net/ Name: IDE
Value: AHWqTUmcS-bu4KXWvF5Oi7fFUbYBRnTo2xG51xUejHSgPwrIzkVMJe7olnywrTxD
.saynotobald.com/ Name: _uetsid
Value: 58c51990524f11ef95456f4fb76c3a2d
.saynotobald.com/ Name: _uetvid
Value: 58c54c40524f11efafb423410be0f3d8
.saynotobald.com/ Name: _clck
Value: 1a5ruhw%7C2%7Cfo1%7C0%7C1677
.bing.com/ Name: MUID
Value: 3D8B804B3A2E611E0032949A3BF86033
.bat.bing.com/ Name: MR
Value: 0
.criteo.com/ Name: uid
Value: 943aedb4-f001-49ef-878c-24e75b029cfe
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172276862176944504
.twitter.com/ Name: guest_id_ads
Value: v1%3A172276862176944504
.twitter.com/ Name: personalization_id
Value: "v1_m9UsDwgSdsYiulAKjQs5MA=="
.twitter.com/ Name: guest_id
Value: v1%3A172276862176944504
.saynotobald.com/ Name: ucacid
Value: 1374925820.457230
.t.co/ Name: muc_ads
Value: 1405949a-a4d9-47e0-82e7-23b9bbbebb82
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwRHAIAwDsIlyl5hgB8YphSkYvt/qJbSsDDU7j2jpu9ugH1uIDm6tt3gjfYYAsQjcX/0DanxHxUAAAAA=
.saynotobald.com/ Name: _tt_enable_cookie
Value: 1
.saynotobald.com/ Name: _ttp
Value: AL0kuOfC7uVLKSmTR-_Vqysh38I
.saynotobald.com/ Name: cto_bundle
Value: zGDgDV9DdHkwR01NcElwMXlLbWRMMjVOV1djMFlYS0RhV3c3RzF5M2hlbGQ0eGdnV3FtSDc2ajgzVGlBdUlkZ2xxdjFidDV0Z3BWaVNvcTFLJTJGYm9VR25leHh4S25TVlZJYkdIUm4xQUdoOGNrTGY5SmphVTBBVGxqNUs2QiUyQnUlMkZES1dXWFpVZ3MxaDVxUjhOcFYlMkJ4UVlIJTJCZGo0T3Bwd3pnamk0NTZSJTJCMXh4Q1lSa0UlM0Q
.saynotobald.com/ Name: _ScCbts
Value: %5B%5D
www.ibph4trk.com/ Name: uniqueClick
Value: 95469352-2146-4bd9-8784-2bea6bdf558a:1722768622
www.ibph4trk.com/ Name: transaction_id
Value: bd0badd8a491495f84e412f985c90f9c
saynotobald.com/ Name: ef_witness
Value: 1
saynotobald.com/ Name: ef_affid
Value: 463
saynotobald.com/ Name: ef_tid_c_o_88
Value: bd0badd8a491495f84e412f985c90f9c
saynotobald.com/ Name: ef_tid_c_a_1
Value: bd0badd8a491495f84e412f985c90f9c
.tapad.com/ Name: TapAd_TS
Value: 1722768622254
.tapad.com/ Name: TapAd_DID
Value: b13ddbe7-a6a8-4c08-a520-af80254f33d8
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.saynotobald.com/ Name: _sctr
Value: 1%7C1722754800000
.saynotobald.com/ Name: _clsk
Value: 1jpuvwm%7C1722768622491%7C1%7C1%7Ct.clarity.ms%2Fcollect
saynotobald.com/ Name: /presentation:watchVideoTime:W2v6kmNiZhU
Value: 0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 3D8B804B3A2E611E0032949A3BF86033
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3D8B804B3A2E611E0032949A3BF86033
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12217290.fls.doubleclick.net
14028140.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.taboola.com
cds.taboola.com
connect.facebook.net
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
pips.taboola.com
psb.taboola.com
saynotobald.com
sc-static.net
secure.regrowhairformula.com
service3.purehealthresearch.com
sslwidget.criteo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.clarity.ms
t.co
tr.snapchat.com
tr6.snapchat.com
trc-events.taboola.com
trc.taboola.com
www.clarity.ms
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.ibph4trk.com
www.youtube-nocookie.com
www.youtube.com
secure.regrowhairformula.com
sslwidget.criteo.com
104.244.42.3
134.209.162.206
141.226.124.48
141.226.224.32
142.251.111.148
142.251.174.147
146.75.28.157
151.101.129.44
151.101.65.44
161.35.48.155
173.194.204.94
173.194.207.148
173.194.66.155
18.238.79.84
20.110.205.119
20.114.189.70
23.217.116.226
2607:f8b0:4004:c1b::5f
2607:f8b0:400d:c03::5b
2607:f8b0:400d:c07::64
2607:f8b0:400d:c0f::61
2607:f8b0:400d:c0f::9a
2607:f8b0:400d:c1d::5e
2620:100:a00b::12
2620:100:a00b::a
2620:1ec:bdf::38
2620:1ec:c11::237
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
3.163.245.4
34.107.199.247
35.190.43.134
72.21.81.130
99.84.216.84
0096322ae2cc81ae4e40f62a0029a3ef7a1385105c1581fc13156187092e24aa
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
19addd3722945f9d02154eff6258cea6594fecf8aeeb2dda73a8a91542976442
1b593a3379b6ba352db1a3c7d7285544e796ff62e63bffc5dc42513e6a45577b
1c861c26773390863ae121a67ec84609a45d31dc45c36c13cca0f456b92f53c2
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c0f5353f81efad80c514a67aabad3ed7a4405500b44427fd7561dafbcf85025
2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8
3a4cc39e739d1af61b70a3d42bfa7bdfc5bff2c0fd2e75de45d47bca0a612da7
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855
4cb1d2e8005383d8bb7353ea253c64401b3f565d026d59a910499d2387606b56
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
52877aa8df8f5f1362ffae80a1dc315be43fb8d71bd1b08c369a682058814995
54b27ec1bd452afd907ff43d54764d60c5a605cdb68c6d7c73a80d668a09a011
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
6de8b8ecf06ae431e0aaa48646d237c3d91e7855ffbb3281e58a034f4d72b26a
7f97ffb526929e793d687d1f617b0947413506736414a57a5aa4a28b0c965dfd
82bfbaac97d5acd8fcabaf4525f45303b73726106316b3f19b3c21e8629fb3ec
86832389bd74a820950448b04a6a9e1da32ebf0e0a00c69fa313c1f89c433cd8
8df853a49fcdb3e2c4f848dea6c22592f3e4772e46d64dbc6cb91e49c0ae1881
92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9c99c51fb1b50b87e0a98393a188799678b823561b08fbc80f6340d72b86f7
a47e8dfabfb472192c82c8d03cb2e526fd5c2cc53778c5460c7e6e25ee81b8c2
a6b013c85873a3c03eaf24a04dc6043c8b390d9bd0dee4f0c1423a1d075bb42e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa982255895847c441c87ea8e8fa17c49f6155148979ec1b5bd2f133e75b8214
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad28b3b5f28739765840503c574c9ae1df73468e1ff3e3ed7b2e29b9dee6c7f1
afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66
b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bee3d3ce625b7060243218906743caca3156109f00296f69608b24f402a52a74
bfb26029b55effcea3117741b5f9a0f26ea6e9bd079eccb8b1d9ac29651eec4f
c368d3039d42cc858a94f961a87072555d48e18a5ba7005504895139de8bd862
c4b8ae8b7b4cc82e308657d274bca3cd6cb9f7bcb46ff9620d14724c909e3eeb
c9f299073433d2af5662ec49a4d73a9c6c8bfe760c60b3db2f863788950d6511
dc242f2acb69deaa2c17cce616c89430cd666771b2e8303465bbfdc340d39663
e0f036e3ef62f1eb3eacc79319430b5c29263802ab23ecd93744bdf41acb8f00
e2f1f97690851d87817f9c74a5085d3dab6273f86e6d7c7df9127cf4bc4315c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd