urlscan.io logo urlscan.io
SecurityTrails logo

saynotobald.com Open in urlscan Pro
161.35.48.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://saynotobald.com/0.16146843590212367
Effective URL: https://saynotobald.com/presentation
Submission: On August 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 6 countries across 26 domains to perform 86 HTTP transactions. The main IP is 161.35.48.155, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is saynotobald.com.
TLS certificate: Issued by R11 on July 22nd 2024. Valid for: 3 months.
This is the only time saynotobald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 161.35.48.155 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
2 54.83.102.150 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
2 157.240.253.1 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
3 2a02:2638:3::e 44788 (ASN-CRITE...)
1 2 142.250.185.228 15169 (GOOGLE)
2 151.101.1.44 54113 (FASTLY)
3 2620:1ec:33:1... 8075 (MICROSOFT...)
1 3.163.248.4 16509 (AMAZON-02)
1 65.9.84.78 16509 (AMAZON-02)
1 34.107.199.247 396982 (GOOGLE-CL...)
1 146.75.120.157 54113 (FASTLY)
3 142.250.185.136 15169 (GOOGLE)
3 2620:1ec:bdf::60 8075 (MICROSOFT...)
5 2.18.64.15 20940 (AKAMAI-ASN1)
1 151.101.65.44 54113 (FASTLY)
3 6 142.250.186.70 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.70 15169 (GOOGLE)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
1 216.58.206.34 15169 (GOOGLE)
4 143.204.205.59 16509 (AMAZON-02)
5 35.190.43.134 15169 (GOOGLE)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 104.244.42.131 13414 (TWITTER)
1 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.152.143.207 8075 (MICROSOFT...)
1 134.209.162.206 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
4 141.226.228.48 200478 (TABOOLA-AS)
1 1 178.250.1.9 ()
1 74.119.117.16 ()
1 2a02:2638:3::19 ()
86 40
6    161.35.48.155 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: saynotobald.com
saynotobald.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    54.83.102.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-102-150.compute-1.amazonaws.com
secure.regrowhairformula.com
5    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
www.youtube.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
2    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
2    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
3    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)
sc-static.net
1    65.9.84.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-84-78.ams1.r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
1    34.107.199.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com
www.ibph4trk.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
www.googletagmanager.com
3    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    2.18.64.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-15.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
6    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
12217290.fls.doubleclick.net
14028140.fls.doubleclick.net
14618141.fls.doubleclick.net
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
td.doubleclick.net
3    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.google.de
1    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
td.doubleclick.net
4    143.204.205.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-59.fra53.r.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
1    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net
1    2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
1    134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
service3.purehealthresearch.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    178.250.1.9 (None, )

ASN- ()
sslwidget.criteo.com
1    74.119.117.16 (None, )

ASN- ()
widget.us.criteo.com
1    2a02:2638:3::19 (None, )

ASN- ()
measurement-api.criteo.com
Apex Domain
Subdomains		 Transfer
15 doubleclick.net
12217290.fls.doubleclick.net — Cisco Umbrella Rank: 678451
td.doubleclick.net — Cisco Umbrella Rank: 481
ad.doubleclick.net — Cisco Umbrella Rank: 210
14028140.fls.doubleclick.net — Cisco Umbrella Rank: 806944
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
14618141.fls.doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
2 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
691 KB
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1198
psb.taboola.com — Cisco Umbrella Rank: 9372
trc.taboola.com — Cisco Umbrella Rank: 1123
trc-events.taboola.com — Cisco Umbrella Rank: 3272
24 KB
7 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4315
gum.criteo.com — Cisco Umbrella Rank: 553
sslwidget.criteo.com
widget.us.criteo.com
fledge.us.criteo.com Failed
measurement-api.criteo.com
67 KB
6 saynotobald.com
saynotobald.com
357 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 1202
tr6.snapchat.com — Cisco Umbrella Rank: 1340
977 B
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 963
137 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
o.clarity.ms — Cisco Umbrella Rank: 12757
29 KB
5 cloudfront.net
d9i5ve8f04qxt.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
22 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10
region1.analytics.google.com — Cisco Umbrella Rank: 3773
24 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
16 KB
2 gstatic.com
fonts.gstatic.com
51 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
83 KB
2 regrowhairformula.com
secure.regrowhairformula.com
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
1 purehealthresearch.com
service3.purehealthresearch.com — Cisco Umbrella Rank: 333882
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 117
6 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1356
725 B
1 t.co
t.co — Cisco Umbrella Rank: 979
624 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1253
15 KB
1 ibph4trk.com
www.ibph4trk.com
19 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1413
21 KB
1 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 4316
86 26
Domain Requested by
8 www.googletagmanager.com saynotobald.com
www.googletagmanager.com
6 saynotobald.com 1 redirects saynotobald.com
5 analytics.tiktok.com saynotobald.com
analytics.tiktok.com
4 trc-events.taboola.com cdn.taboola.com
4 tr.snapchat.com sc-static.net
saynotobald.com
4 d1pqvb2h9xgm7r.cloudfront.net d9i5ve8f04qxt.cloudfront.net
4 td.doubleclick.net www.googletagmanager.com
3 ad.doubleclick.net saynotobald.com
3 www.clarity.ms saynotobald.com
www.clarity.ms
bat.bing.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
saynotobald.com
3 dynamic.criteo.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 o.clarity.ms www.clarity.ms
2 14618141.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 14028140.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 12217290.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google.com 1 redirects www.googletagmanager.com
2 www.facebook.com saynotobald.com
2 www.youtube.com saynotobald.com
www.youtube.com
2 connect.facebook.net saynotobald.com
connect.facebook.net
2 secure.regrowhairformula.com saynotobald.com
secure.regrowhairformula.com
2 fonts.googleapis.com saynotobald.com
1 measurement-api.criteo.com saynotobald.com
1 widget.us.criteo.com
1 sslwidget.criteo.com 1 redirects
1 tr6.snapchat.com sc-static.net
1 service3.purehealthresearch.com saynotobald.com
1 i.ytimg.com saynotobald.com
1 googleads.g.doubleclick.net saynotobald.com
1 analytics.twitter.com saynotobald.com
1 t.co saynotobald.com
1 www.google.de saynotobald.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 gum.criteo.com dynamic.criteo.com
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com cdn.taboola.com
1 static.ads-twitter.com saynotobald.com
1 www.ibph4trk.com www.googletagmanager.com
1 d9i5ve8f04qxt.cloudfront.net www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 cdn.taboola.com www.googletagmanager.com
1 www.youtube-nocookie.com saynotobald.com
0 fledge.us.criteo.com Failed saynotobald.com
86 44

This site contains no links.

Subject Issuer Validity Valid
saynotobald.com
R11		 2024-07-22 -
2024-10-20		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
secure.regrowhairformula.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-11 -
2024-09-09		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-08 -
2024-09-06		 3 months crt.sh
*.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-26 -
2024-11-20		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
p8btrk.com
Starfield Secure Certificate Authority - G2		 2023-11-30 -
2024-12-31		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.de
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-23 -
2025-07-22		 a year crt.sh
t.co
E6		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
edgestatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
service3.purehealthresearch.com
E5		 2024-08-04 -
2024-11-02		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://saynotobald.com/presentation
Frame ID: B55CAAFDFA4152032D15EAB9EE206A39
Requests: 72 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/W2v6kmNiZhU?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: 39C1DB3758C8197DE52A9A7186B74216
Requests: 1 HTTP requests in this frame

Frame: https://12217290.fls.doubleclick.net/activityi;dc_pre=CIeUlvqvm4gDFf2Kgwcd4PAePw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: B5A2B72DF0D1C355E8F0B7E529C68C87
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: 70118EE62F1423AB0453C3018B84D564
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag
Frame ID: 276B7A936806DA95ECD6DD93982AAEEF
Requests: 1 HTTP requests in this frame

Frame: https://14028140.fls.doubleclick.net/activityi;dc_pre=COD1l_qvm4gDFTWJgwcdHXMbEQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: 7EA607520DF21D0149B25F53160D7E6B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: 037DE0B900881ADDD4356FCE8E1A1FC3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-19QC860WB0&gacid=1362182965.1724974818&gtm=45je48r0v9176637411z8850445531za200zb850445531&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1402509195
Frame ID: 27A74250584493F58B34B1E67367D2A7
Requests: 1 HTTP requests in this frame

Frame: https://14618141.fls.doubleclick.net/activityi;dc_pre=COrZoPqvm4gDFU6PgwcdnpYReQ;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0h2v9186158934z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: EC2F8E0A2005F6DFC56981E8289FFBD3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0h2v9186158934z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Frame ID: 0141338094A563F50CDB25D38D2EACA0
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_scsid=7f8be1c9-ed7d-4423-b32c-96d40023fe10&u_sclid=7b6dfbf6-4b99-4d00-9c72-31a57c24b45f
Frame ID: D3B3659581E9A5E3591873CC5B801C92
Requests: 1 HTTP requests in this frame

Frame: https://fledge.us.criteo.com/interest-group?data=aaXXaXwydktVQmVMRnQ1akxSR0RFUDRGTEpxM0Q0enNrWG1rdHpsTGs4c1l4ZExlMzFKUUNtVURXUlkvY1VnaTd1T3ZFcmFuQ0pVVytNeDBwWGlzVHorOGdlR3RrMmlKUC9MVjY3dnZqVnhuUjJXc1JvWER0RFJLZC9pSTVZY2Q2VjdUbEsza3BKaHArZEtwNmZDSWwzR0h0UEsvU2d6M0kvVXB2ck9PdERKdThjMzA9fA
Frame ID: 0E13ED502EC49E74D14A2747342FE11B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ReGrow

Page URL History Show full URLs

  1. http://saynotobald.com/0.16146843590212367 HTTP 307
    https://saynotobald.com/0.16146843590212367 HTTP 302
    https://saynotobald.com/presentation Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

86
Requests

97 %
HTTPS

35 %
IPv6

26
Domains

44
Subdomains

40
IPs

6
Countries

1562 kB
Transfer

4082 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://saynotobald.com/0.16146843590212367 HTTP 307
    https://saynotobald.com/0.16146843590212367 HTTP 302
    https://saynotobald.com/presentation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation HTTP 302
  • https://12217290.fls.doubleclick.net/activityi;dc_pre=CIeUlvqvm4gDFf2Kgwcd4PAePw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Request Chain 39
  • https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation HTTP 302
  • https://14028140.fls.doubleclick.net/activityi;dc_pre=COD1l_qvm4gDFTWJgwcdHXMbEQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Request Chain 46
  • https://14618141.fls.doubleclick.net/activityi;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0h2v9186158934z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation HTTP 302
  • https://14618141.fls.doubleclick.net/activityi;dc_pre=COrZoPqvm4gDFU6PgwcdnpYReQ;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0h2v9186158934z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Request Chain 56
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=0&rnd=1921257147.1724974818&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45fe48r0v9186755023za200&auid=18083097.1724974818&frm=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=0&rnd=1921257147.1724974818&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45fe48r0v9186755023za200&auid=18083097.1724974818&frm=0
Request Chain 81
  • https://sslwidget.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=SC7yDF9OWlJDdjVkdUxXV1JQdEpDJTJCdlJLOUM0elpqRkw4c2FIMjUyMVk3aWNVJTJGREZ4YnRFQU90RkRqUnJjWkpjbWpaQ1JjbnEzbndzN2FRSjY5MiUyRlBrVk1JdiUyQkZ6bXlWSkF0UnVqdlhIcEdOWWM4YldzeDVESWRWZDlsSFYzNUo4SldLQWZPYng0eUpsN0dJZjhEQzBDcVdBQjQ5ZEhzR0ZkeSUyRnA5dnlxdTdhbkZjJTNE&sc=%7B%22fbp%22%3A%22fb.1.1724974817666.68065924201136923%22%2C%22ttp%22%3A%22_zI3BBDwDb0i-T2LWcfcKqw57Cz%22%7D&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation&ceid=dd355314-3893-472a-b4d9-5028f00d56aa HTTP 302
  • https://widget.us.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=SC7yDF9OWlJDdjVkdUxXV1JQdEpDJTJCdlJLOUM0elpqRkw4c2FIMjUyMVk3aWNVJTJGREZ4YnRFQU90RkRqUnJjWkpjbWpaQ1JjbnEzbndzN2FRSjY5MiUyRlBrVk1JdiUyQkZ6bXlWSkF0UnVqdlhIcEdOWWM4YldzeDVESWRWZDlsSFYzNUo4SldLQWZPYng0eUpsN0dJZjhEQzBDcVdBQjQ5ZEhzR0ZkeSUyRnA5dnlxdTdhbkZjJTNE&sc=%7B%22fbp%22%3A%22fb.1.1724974817666.68065924201136923%22%2C%22ttp%22%3A%22_zI3BBDwDb0i-T2LWcfcKqw57Cz%22%7D&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation&ceid=dd355314-3893-472a-b4d9-5028f00d56aa

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request presentation
saynotobald.com/
Redirect Chain
  • http://saynotobald.com/0.16146843590212367
  • https://saynotobald.com/0.16146843590212367
  • https://saynotobald.com/presentation
51 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
c8fd6499cfe02a59d93aafde2204d60dc0400ef60ba7acdec8b496aa09c9cde9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 29 Aug 2024 23:40:17 GMT
ETag
W/"cab5-OWqSy3BMZjKT/dCZ7fuWx1HqHxE"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express

Redirect headers

Connection
keep-alive
Content-Length
70
Content-Type
text/html; charset=utf-8
Date
Thu, 29 Aug 2024 23:40:17 GMT
Location
/presentation
Server
nginx
Vary
Accept
X-Powered-By
Express
pageNotFound
true
css2
fonts.googleapis.com/ 		28 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 22:53:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Aug 2024 23:40:17 GMT
css2
fonts.googleapis.com/ 		32 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 22:41:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Aug 2024 23:40:17 GMT
play-img-d.gif
saynotobald.com/img/video/ 		302 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/video/play-img-d.gif
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0

Request headers

Referer
https://saynotobald.com/presentation
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 23:40:17 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"4b87a-18a454e656e"
Content-Type
image/gif
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
309370
UCAffiliateNetworkPixel
secure.regrowhairformula.com/cgi-bin/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.83.102.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-102-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bde2472a76e01f194919d637e205051b6e966692237a60d113e3bd7c130bf25b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
857
gtm.js
www.googletagmanager.com/ 		417 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec03885b65d19a116922659cdcac9e48137b9866f4a6405f190a525ef68b6343
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122072
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 22:48:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 23:40:17 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Aug 2024 23:40:17 GMT
document-policy
force-load-at-top
x-fb-server-load
48
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4318, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
En400VAO3wJAMF71BIsS9C1MBqb5b3pYLiqvGpthyiILtYFjYA7w1KQROYV0H2Ls8mtaAQtSjPNp+xGaACeDuA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
W2v6kmNiZhU
www.youtube-nocookie.com/embed/ Frame 39C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/W2v6kmNiZhU?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-IINKoA5BPCRptYQSygesfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5e0e4b4d474d5bac91d0994c4c9363d15f92d7e07e77da6973c925d0d7cd8390
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script'
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 29 Aug 2024 23:40:17 GMT
dr-holly.png
saynotobald.com/img/featured-on/holly/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/featured-on/holly/dr-holly.png
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6

Request headers

Referer
https://saynotobald.com/presentation
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 23:40:17 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"3a1c-18a454e64f6"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14876
featured-logo.svg
saynotobald.com/img/featured-on/holly/ 		65 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saynotobald.com/img/featured-on/holly/featured-logo.svg
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855

Request headers

Referer
https://saynotobald.com/presentation
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 23:40:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"104e7-18a454e64f6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
810524130072458
connect.facebook.net/signals/config/ 		130 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/810524130072458?v=2.9.166&r=stable&domain=saynotobald.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
14b3218e9db60ed38fade7796b9eab50f29fecaa5319b3c0ddf4b57d854037ed
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Aug 2024 23:40:17 GMT
document-policy
force-load-at-top
x-fb-server-load
27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25363
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=70, mss=1232, tbw=66958, tp=62, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
ZhWZolJESaXBsjiU3Spcf55L8Q27nb5OJwMoTYlxXLCBXJ6JxMXiN5KazjOm7RBMT0oU6vv0J6b+v5WtXTQq4w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/57c75fa4/www-widgetapi.vflset/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/57c75fa4/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 15:30:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
29376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10546
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 04:19:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Aug 2025 15:30:41 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fsaynotobald.com&rl=&if=false&ts=1724974817671&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12316&fbp=fb.1.1724974817666.68065924201136923&pm=1&hrl=f9556c&ler=empty&cdl=API_unavailable&it=1724974817606&coo=false&cs_cc=1&cas=8564655656931037%2C8556732911118822%2C8131760856914234%2C8754315691259442%2C7782401381871875%2C7909510249118159%2C7881967401882351%2C7517427561716084%2C8443922588968707%2C26034578199519331%2C8141434192645646%2C7579772582137965%2C7380041312118141%2C5904082956382190%2C8012597892088465%2C7617628734960318%2C7776626955734231%2C7383496225079023%2C7377693012315080%2C7614754538545034%2C7510813242314237%2C8199745216736057%2C6945292395551325%2C7553474568045692%2C7283762228396572%2C7470405063049324%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C25405276682421135%2C7584915014861402%2C7112737342092811%2C6763574803742773%2C7339467549439646%2C7894091980641460%2C7544712445564313%2C6317318171714328%2C7662419700483096%2C25916332654632115%2C9519302044810334%2C5781673425258056%2C8032076670139991%2C7039146506197689%2C7609299599122216%2C8024146470981584%2C9934289436642028%2C5735284416492337&rqm=GET
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1297, tbw=2801, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 29 Aug 2024 23:40:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fsaynotobald.com&rl=&if=false&ts=1724974817671&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12316&fbp=fb.1.1724974817666.68065924201136923&pm=1&hrl=f9556c&ler=empty&cdl=API_unavailable&it=1724974817606&coo=false&cs_cc=1&cas=8564655656931037%2C8556732911118822%2C8131760856914234%2C8754315691259442%2C7782401381871875%2C7909510249118159%2C7881967401882351%2C7517427561716084%2C8443922588968707%2C26034578199519331%2C8141434192645646%2C7579772582137965%2C7380041312118141%2C5904082956382190%2C8012597892088465%2C7617628734960318%2C7776626955734231%2C7383496225079023%2C7377693012315080%2C7614754538545034%2C7510813242314237%2C8199745216736057%2C6945292395551325%2C7553474568045692%2C7283762228396572%2C7470405063049324%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C25405276682421135%2C7584915014861402%2C7112737342092811%2C6763574803742773%2C7339467549439646%2C7894091980641460%2C7544712445564313%2C6317318171714328%2C7662419700483096%2C25916332654632115%2C9519302044810334%2C5781673425258056%2C8032076670139991%2C7039146506197689%2C7609299599122216%2C8024146470981584%2C9934289436642028%2C5735284416492337&rqm=FGET
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 29 Aug 2024 23:40:17 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408710426629572338", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=12, mss=1297, tbw=3118, tp=-1, tpl=-1, uplat=178, ullat=0
pragma
no-cache
x-fb-debug
QSpvWt2LWODqQnK4oIIyXF3GrptH8rrJDGT6p60jXb/VKoVHYNbKYHtAmLYpnY5tET6ixauAYXJXr9npDhzeFg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408710426629572338"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=91644
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a6b013c85873a3c03eaf24a04dc6043c8b390d9bd0dee4f0c1423a1d075bb42e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=92347
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6de8b8ecf06ae431e0aaa48646d237c3d91e7855ffbb3281e58a034f4d72b26a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=113117
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4cb1d2e8005383d8bb7353ea253c64401b3f565d026d59a910499d2387606b56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&frm=0&rnd=1921257147.1724974818&auid=18083097.1724974818&npa=0&gtm=45He48r0v850445531za200&gcs=G111&gcd=13v3v3v2v5l1&dma_cps=syphamo&dma=1&tag_exp=0&tft=1724974817727&tfd=774&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		332 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ecdae41631c6bfc7abfe6e5f90dc080583cf9c1c186a862d430d6146cae23cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
110464
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 29 Aug 2024 23:40:17 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1423196/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ec38905e35198a7c3c085a8f70a014ecefc2f335ac00112580694eaaf61c6a1

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
638evadSYewhF3jIa1coB7.HfobqEBz_
content-encoding
gzip
via
1.1 varnish
date
Thu, 29 Aug 2024 23:40:17 GMT
x-amz-request-id
5FMMCH819PTPQ1DV
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21952
x-amz-id-2
Kh5PC/FbIpL/usqXGt0/qnt8RU1WuCrQuWZV20jUlG24FZ9tI3qegkTREFIaB1cX2P95pxZiShk=
x-served-by
cache-fra-etou8220153-FRA
last-modified
Sun, 25 Aug 2024 12:49:38 GMT
server
AmazonS3
x-timer
S1724974818.770582,VS0,VE1
etag
"ac227bab3aa81887c0d3dbc4332c69e2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
97
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
destination
www.googletagmanager.com/gtag/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3743769fa847b5eda297273129e90d5b14d73d83c5d0305a6e77cc9980db481f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78958
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 22:48:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 23:40:17 GMT
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 29 Aug 2024 23:40:17 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EE0D5985768E47EF93E777E5C72A3581 Ref B: FRA31EDGE0811 Ref C: 2024-08-29T23:40:17Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
destination
www.googletagmanager.com/gtag/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2549728388b785f14ce36cbd3014cc87d3877aba235d861f424ed170b1b10c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78887
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 22:48:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 23:40:17 GMT
scevent.min.js
sc-static.net/ 		49 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2af0f5c12099fb857aeda94a926b0ab19f253b649b4b159f04f0f9e342de2d9f

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
gzip
via
1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
21282
x-amz-cf-id
dZlDtZ2ch68aNm1EVMr6ifXOMtJayUmBhC836C9RIwXmV5pr-3nrvg==
destination
www.googletagmanager.com/gtag/ 		216 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-14618141&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b19c4a3fcf71b8761786079fe6cf64166a433b265f7a65c066152ef1cd61edc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79278
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 22:48:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 23:40:17 GMT
collect-g.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 		105 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-84-78.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 23:32:29 GMT
content-encoding
gzip
via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
age
518869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
20382
last-modified
Fri, 12 Jul 2024 12:32:30 GMT
server
AmazonS3
etag
"c8164200b1af114ca9af998ceedb1fc2"
content-type
application/x-javascript; charset=UTF-8
cache-control
max-age=604800,s-maxage=604800
accept-ranges
bytes
x-amz-cf-id
K6OwT6H8LSvPSw9vSOva4NfFHasYvqtv9CQGQUsMUQR4q-RexuHNlQ==
everflow.js
www.ibph4trk.com/scripts/sdk/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibph4trk.com/scripts/sdk/everflow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.199.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
247.199.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1b593a3379b6ba352db1a3c7d7285544e796ff62e63bffc5dc42513e6a45577b

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server
nginx
vary
Origin
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
df6770a2-7060-4b23-8a23-5c127299ea0a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220072-FRA
js
www.googletagmanager.com/gtag/ 		215 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-12217290
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
818b26ced1a6d857f48212bfff27343887d33a48aae68480ca841a5abed2a037
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78873
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 22:48:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 23:40:17 GMT
gnsm8am7co
www.clarity.ms/tag/ 		868 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/gnsm8am7co?ref=gtm2
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6b39591b7ffe196119c4a3a2deedd2dfbf8ceb827454ebccba24c59192267e4a

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date
Thu, 29 Aug 2024 23:40:18 GMT
x-azure-ref
20240829T234017Z-r1bf48c954724zlqxma0hhufh400000006zg00000000msuf
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
868
expires
-1
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8dc2978ae8ec2bd433906c280e8bf8494fb2fa8ae9508ece58b191c12c0cee7c

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
3d3f2de5
date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2408292340170BA563327660337CB723-66AF9F5B5192B326-00
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=96
content-length
2120
pragma
no-cache
server
nginx
x-tt-logid
202408292340170BA563327660337CB723
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
96,2.20.179.90
x-tt-trace-host
013428da50f5d4adcebac08c6c7b0fda7288e817eeb162a8f6a4c7a62014821830dc4cb3adaed9bb203677db068f2bd283175d53b5d22e40f474a56c6183cc2e2704ef21699d16046687e76dbe2fdaf2419324af3ef31c14ca67eb78ab1e60967d
expires
Thu, 29 Aug 2024 23:40:17 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14028140
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d0faec0913bbe32c8d7afa6c967505df57b52201e768deb6527f278add3b3967
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78958
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 22:48:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 23:40:17 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14618141
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDFXFQX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0c72cdf737d5d9b5a8a773b65863777efc9897a40b76f628bb467a45415cc9ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78958
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 22:48:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 23:40:17 GMT
topics_api
psb.taboola.com/ 		65 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 29 Aug 2024 23:40:17 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1724974818.846626,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-served-by
cache-fra-etou8220089-FRA
json
trc.taboola.com/1423196/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1423196/trc/3/json?tim=1724974817816&data=%7B%22id%22%3A220%2C%22ii%22%3A%22%2Fpresentation%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1724974817806%2C%22cv%22%3A%2220240822-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpurehealthresearch-sc-regrowhair-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1724974817814%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsaynotobald.com%2Fpresentation%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c1149f549836966f092c7269759a4b317494f6ece1969e83f58ab668d0c8115c

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
13
date
Thu, 29 Aug 2024 23:40:17 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.0795
x-fastly-to-nlb-rtt
7345
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220153-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1724974818.830799,VS0,VE13
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
activityi;dc_pre=CIeUlvqvm4gDFf2Kgwcd4PAePw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
12217290.fls.doubleclick.net/ Frame B5A2
Redirect Chain
  • https://12217290.fls.doubleclick.net/activityi;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
  • https://12217290.fls.doubleclick.net/activityi;dc_pre=CIeUlvqvm4gDFf2Kgwcd4PAePw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12217290.fls.doubleclick.net/activityi;dc_pre=CIeUlvqvm4gDFf2Kgwcd4PAePw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
360
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:17 GMT
expires
Thu, 29 Aug 2024 23:40:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12217290.fls.doubleclick.net/activityi;dc_pre=CIeUlvqvm4gDFf2Kgwcd4PAePw;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;g...
td.doubleclick.net/td/fls/rul/ Frame 7011 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12217290&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=n...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=12217290;type=regro0;cat=rg_al0;ord=1;num=2558291834795;npa=0;auiddc=18083097.1724974818;ps=1;pcor=201212352;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186755023z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:40:17 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"11894473441435210815"}],"aggregatable_trigger_data":[{"filters":[{"14":["13301863"]}],"key_piece":"0x983a7385dcef01d2","source_keys":["12","13","14","15","16","17","18","19","20","21","634895880","634895881","634895882","634895883","638564932","638564933","638564934","638564935","638575432","638575433","638575434","638575435","900110928","900110929","900110930","900110931"]},{"key_piece":"0x515bfbe0c55b7645","not_filters":{"14":["13301863"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","634895880","634895881","634895882","634895883","638564932","638564933","638564934","638564935","638575432","638575433","638575434","638575435","900110928","900110929","900110930","900110931"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"634895880":93,"634895881":93,"634895882":93,"634895883":9081,"638564932":81,"638564933":81,"638564934":81,"638564935":7946,"638575432":59,"638575433":59,"638575434":59,"638575435":5778,"900110928":109,"900110929":109,"900110930":109,"900110931":10594},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"9582466532963448763","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"11894473441435210815","filters":[{"14":["13301863"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"11894473441435210815","filters":[{"14":["13301863"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"11894473441435210815","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"11894473441435210815","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12217290"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 276B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=saynotobald.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=91644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:17 GMT
server
Kestrel
server-processing-duration-in-ticks
324585
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
activityi;dc_pre=COD1l_qvm4gDFTWJgwcdHXMbEQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
14028140.fls.doubleclick.net/ Frame 7EA6
Redirect Chain
  • https://14028140.fls.doubleclick.net/activityi;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
  • https://14028140.fls.doubleclick.net/activityi;dc_pre=COD1l_qvm4gDFTWJgwcdHXMbEQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14028140.fls.doubleclick.net/activityi;dc_pre=COD1l_qvm4gDFTWJgwcdHXMbEQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
612
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:18 GMT
expires
Thu, 29 Aug 2024 23:40:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://14028140.fls.doubleclick.net/activityi;dc_pre=COD1l_qvm4gDFTWJgwcdHXMbEQ;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=...
td.doubleclick.net/td/fls/rul/ Frame 037D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14028140&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14028140;type=invmedia;cat=rg_al0;ord=1;num=5853941819708;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1811919590;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9186761063z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:40:17 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"14895403432935929448"}],"aggregatable_trigger_data":[{"filters":[{"14":["49526215"]}],"key_piece":"0x88b5a298a275e462","source_keys":["12","13","14","15","16","17","18","19","20","21","16773548","16773549","16773550","16773551","638609804","638609805","638609806","638609807","900147912","900147913","900147914","900147915"]},{"key_piece":"0x38ce193e35dfe1c1","not_filters":{"14":["49526215"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16773548","16773549","16773550","16773551","638609804","638609805","638609806","638609807","900147912","900147913","900147914","900147915"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16773548":72,"16773549":72,"16773550":72,"16773551":7062,"17":65,"18":6356,"19":65,"20":65,"21":6356,"638609804":655,"638609805":655,"638609806":655,"638609807":63569,"900147912":50,"900147913":50,"900147914":50,"900147915":4889},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"11345329075973115304","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14895403432935929448","filters":[{"14":["49526215"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"14895403432935929448","filters":[{"14":["49526215"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"14895403432935929448","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"14895403432935929448","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14028140"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je48r0v9176637411z8850445531za200zb850445531&_p=1724974817521&_gaz=1&gcs=G111&gcd=13v3v3v2v5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&cid=1362182965.1724974818&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1724974818&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1070
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:40:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-19QC860WB0&cid=1362182965.1724974818&gtm=45je48r0v9176637411z8850445531za200zb850445531&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:40:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame 27A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-19QC860WB0&gacid=1362182965.1724974818&gtm=45je48r0v9176637411z8850445531za200zb850445531&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1402509195
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-19QC860WB0&cid=1362182965.1724974818&gtm=45je48r0v9176637411z8850445531za200zb850445531&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3v3v2v5l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1193344238
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:40:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=COrZoPqvm4gDFU6PgwcdnpYReQ;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
14618141.fls.doubleclick.net/ Frame EC2F
Redirect Chain
  • https://14618141.fls.doubleclick.net/activityi;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
  • https://14618141.fls.doubleclick.net/activityi;dc_pre=COrZoPqvm4gDFU6PgwcdnpYReQ;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;u...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14618141.fls.doubleclick.net/activityi;dc_pre=COrZoPqvm4gDFU6PgwcdnpYReQ;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0h2v9186158934z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14618141&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
613
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:18 GMT
expires
Thu, 29 Aug 2024 23:40:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://14618141.fls.doubleclick.net/activityi;dc_pre=COrZoPqvm4gDFU6PgwcdnpYReQ;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0h2v9186158934z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=...
td.doubleclick.net/td/fls/rul/ Frame 0141 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0h2v9186158934z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14618141&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 23:40:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14618141;type=invmedia;cat=rg_al0;ord=2909111936749;npa=0;auiddc=18083097.1724974818;ps=1;pcor=1330542986;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48s0h2v9186158934z8850445531za201zb850445531;gcs=G111;gcd=13v3v3v2v5l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsaynotobald.com%2Fpresentation?
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:40:18 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"2224179669395680881"}],"aggregatable_trigger_data":[{"filters":[{"14":["110111958"]}],"key_piece":"0x6b028c34bbd0fd9d","source_keys":["12","13","14","15","16","17","18","19","20","21","18236224","18236225","18236226","18236227","18272208","18272209","18272210","18272211","19198524","19198525","19198526","19198527","19855360","19855361","19855362","19855363"]},{"key_piece":"0xfc35252a9422ecc4","not_filters":{"14":["110111958"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","18236224","18236225","18236226","18236227","18272208","18272209","18272210","18272211","19198524","19198525","19198526","19198527","19855360","19855361","19855362","19855363"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"18236224":72,"18236225":72,"18236226":72,"18236227":7062,"18272208":46,"18272209":46,"18272210":46,"18272211":4540,"19":65,"19198524":54,"19198525":54,"19198526":54,"19198527":5297,"19855360":65,"19855361":65,"19855362":65,"19855363":6356,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"8279352960543856434","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2224179669395680881","filters":[{"14":["110111958"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2224179669395680881","filters":[{"14":["110111958"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2224179669395680881","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2224179669395680881","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14618141"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		29 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.regrowhairformula.com
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-59.fra53.r.cloudfront.net
Software
/
Resource Hash
79d25bee6eea87e3aa81ef37c57e7c03c55343eda7aa394292062ffe3dc75c09

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:18 GMT
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
content-length
29
apigw-requestid
dS4DZjy7oAMENVg=
x-amz-cf-id
VuKQne2MDh9RfDsgygA9X7Q-Y5rZbAxuM9Ht6ZE4E83Bv4R5KUv4Hg==
c61ad1ca-f59a-4219-990e-b8a5d1118ab6.json
tr.snapchat.com/config/com/ 		117 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/c61ad1ca-f59a-4219-990e-b8a5d1118ab6.json?v=3.25.1-2408082241
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept
application/json
Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://saynotobald.com
x-envoy-upstream-service-time
94
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
i
tr.snapchat.com/cm/ Frame D3B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_scsid=7f8be1c9-ed7d-4423-b32c-96d40023fe10&u_sclid=7b6dfbf6-4b99-4d00-9c72-31a57c24b45f
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://saynotobald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 29 Aug 2024 23:40:18 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
p
tr.snapchat.com/ 		68 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&ev=PAGE_VIEW&intg=gtm&pids=c61ad1ca-f59a-4219-990e-b8a5d1118ab6&u_c1=92a422b7-71ff-4506-9cbb-c19fb9ab795a&cdid=%40-052599cb-e2eb-416a-be2a-c7f299268137&u_sclid=7b6dfbf6-4b99-4d00-9c72-31a57c24b45f&u_scsid=7f8be1c9-ed7d-4423-b32c-96d40023fe10&bg=false&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=592&m_fcps=660&m_pi=592&m_pl=0&m_pv=2&m_rd=1205&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&trackId=ff1bec5e-0b9d-41a6-8992-cf02b646db0b&ts=1724974818158&v=3.25.1-2408082241
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
adsct
t.co/1/i/ 		43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bf777227-1b1f-4c3a-9d58-5f8b7cb91105&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=84d3394e-7cc2-4378-be07-bbb58dd3b971&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.30
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-response-time
187
date
Thu, 29 Aug 2024 23:40:18 GMT
strict-transport-security
max-age=0
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif;charset=utf-8
x-transaction-id
b948ec33c040ea15
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
16bfaf97c93da2601f7d0b2be182ba2ffdbca9489cf2c0fe30844087f0404835
cf-ray
8bb062a5ce6e9743-FRA
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bf777227-1b1f-4c3a-9d58-5f8b7cb91105&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=84d3394e-7cc2-4378-be07-bbb58dd3b971&tw_document_href=https%3A%2F%2Fsaynotobald.com%2Fpresentation&tw_iframe_status=0&txn_id=oddb3&type=javascript&version=2.3.30
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-response-time
181
date
Thu, 29 Aug 2024 23:40:17 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
d486959f7dc4bffd
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
89d8bd5091aa30f5c25f89dbffa8d9c6498c592147abd2dbeb24d0957f8f5225
content-length
43
137023477.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137023477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b118f2d4b830c0175100311f130e16739b746a93b4be3e92f475b09f9ca857e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 29 Aug 2024 23:40:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B508480EB6014913A6D8EE94AD9EF8E6 Ref B: FRA31EDGE0811 Ref C: 2024-08-29T23:40:18Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=0&rnd=1921257147.1724974818&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45fe48r0v9186755...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=0&rnd=1921257147.1724974818&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45f...
42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=0&rnd=1921257147.1724974818&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45fe48r0v9186755023za200&auid=18083097.1724974818&frm=0
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:40:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:40:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=0&rnd=1921257147.1724974818&url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dma_cps=syphamo&dma=1&npa=0&gtm=45fe48r0v9186755023za200&auid=18083097.1724974818&frm=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MWY3Zjg1MDRiMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		331 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWY3Zjg1MDRiMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ9SRJC77UF4DIA1IIG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b20646f6d63814bec606c60efd47ab1b23b80127aa866eaeed7db2b70a6e0539

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
3d3f3360
date
Thu, 29 Aug 2024 23:40:18 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024082918420659825BE58C98195FBA06
x-tt-trace-id
00-24082918420659825BE58C98195FBA06-39EFDB061B47F2FE-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
013de9b68b42bb5f3fc7508a13e0309b647a1213abe28838bebae41224ab815e2952cf35c0b08bdb6520143e4869138e2c8982fa765ca863e252f66b93c4d2360deb36a6174a2107b39de735dd1a51dded736dbe7f5020a7caac984df07f6c167d
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
95262
clarity.js
www.clarity.ms/s/0.7.45/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.45/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gnsm8am7co?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:18 GMT
content-encoding
br
last-modified
Wed, 28 Aug 2024 15:42:28 GMT
etag
W/"0x8DCC77805742093"
vary
Accept-Encoding
x-azure-ref
20240829T234018Z-r1bf48c954724zlqxma0hhufh400000006zg00000000msv0
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
70c600f5-201e-0033-217f-f97170000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
mqdefault.jpg
i.ytimg.com/vi/W2v6kmNiZhU/ 		6 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://i.ytimg.com/vi/W2v6kmNiZhU/mqdefault.jpg?sqp=-oaymwEmCMACELQB8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgWygRMA8=&rs=AOn4CLB0SAxKVWgYVIFuOXj_zDJDIkN3kw
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e0b651405379f3aacb2f4d760ff4a2a5228b417a2b82fb844aef920810e678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:37:22 GMT
x-content-type-options
nosniff
age
176
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5739
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 30 Aug 2024 01:37:22 GMT
137023477
www.clarity.ms/tag/uet/ 		680 B
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/137023477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/137023477.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45dc231910f42973a5b4bf03b81cefc4186efe69c1d7531d17765489d7e7a034

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
date
Thu, 29 Aug 2024 23:40:18 GMT
x-azure-ref
20240829T234018Z-r1bf48c954724zlqxma0hhufh400000006zg00000000msv1
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
680
expires
-1
0
bat.bing.com/action/ 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137023477&tm=gtm002&Ver=2&mid=ebfc925a-4ffa-4e99-a363-8bd9ca76804d&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=ReGrow&p=https%3A%2F%2Fsaynotobald.com%2Fpresentation&r=&lt=593&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=948365
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Aug 2024 23:40:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7B10230575F24544B3B7A0C4F829AB76 Ref B: FRA31EDGE0811 Ref C: 2024-08-29T23:40:18Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify_c2008b8c.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY3Zjg1MDRiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
3d3f3456
date
Thu, 29 Aug 2024 23:40:18 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202407291241428A0637CBFAAEB41DCF01
x-tt-trace-id
00-2407291241428A0637CBFAAEB41DCF01-5E518F47C6012312-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01e33994960eedba4d9d64bb2cce523cc44cf9a1ceb6067a86a86c193f5f828f28bdf557cde35992181eb3e1ed8857856db1b699a90312147d7379f71cee1d04dd01e66feac1f106f50fe3bcde315804ca4d23cf41cda1e80b4cdebaad1c4e97a7
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39594
pixel
analytics.tiktok.com/api/v2/ 		0
843 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY3Zjg1MDRiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
2a399842.3d3f3470
date
Thu, 29 Aug 2024 23:40:18 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2408292340187FD3F2E213432073C443-560345892C8A057C-00
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
x-parent-response-time
125,2.20.179.90
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=36, inner; dur=32
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202408292340187FD3F2E213432073C443
x-cache-remote
TCP_MISS from a23-220-104-18.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
36,23.220.104.18
x-tt-trace-host
013428da50f5d4adcebac08c6c7b0fda726cfc0d0e4e29b0231019f5a0935cd890edf285445782e2c1586d65b7320f165e8fcde078588dc7c73440e5a9b328ccb4b88e3676e1a646c0af5d4b824eac0461c8bbf0260150f8c2498c826a2916a7b6d9697380cecbef4b6efccb8569b6eb29
access-control-allow-headers
Authorization,*
expires
Thu, 29 Aug 2024 23:40:18 GMT
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		514 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-59.fra53.r.cloudfront.net
Software
/
Resource Hash
f9542c151d5eaa98a8531633e34802d4ac26e4c3a69033c3aa2118f523029395

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 29 Aug 2024 23:40:18 GMT
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
c7eee895-3ecc-5a74-88dc-b7de37ee6559
x-cache
Miss from cloudfront
content-type
text/xml
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
content-length
514
apigw-requestid
dS4DchSZoAMEYrQ=
x-amz-cf-id
3s1KtKtNrsatooaiHske58LxFf3EEG_fDjH2SASEg50jNpIXl11nZw==
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-59.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://saynotobald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
68000
alt-svc
h3=":443"; ma=86400
apigw-requestid
dQSCbghkoAMEaag=
date
Thu, 29 Aug 2024 04:46:58 GMT
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-id
FXeeY7LxFAfJtO5gEH_X3OVa8V7jqP8ilsNAgADuXmfWw2h5WB37Dw==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
UCAffiliateNetworkPixel
secure.regrowhairformula.com/cgi-bin/ 		0
374 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel?t=0.7282393637302995&r=&u=https%3A%2F%2Fsaynotobald.com%2Fpresentation
Requested by
Host: secure.regrowhairformula.com
URL: https://secure.regrowhairformula.com/cgi-bin/UCAffiliateNetworkPixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.83.102.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-102-150.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:18 GMT
content-length
0
server
Apache
collect
o.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://saynotobald.com
Date
Thu, 29 Aug 2024 23:40:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		514 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.regrowhairformula.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
143.204.205.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-59.fra53.r.cloudfront.net
Software
/
Resource Hash
28309c0b568ba225af532b8b9080a1d8bacbef6f1b7e4c91039ce74e0802f1c3

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 29 Aug 2024 23:40:18 GMT
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
91189643-1330-59d9-83d1-c9081a12a041
x-cache
Miss from cloudfront
content-type
text/xml
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
content-length
514
apigw-requestid
dS4DcgsAoAMEMUA=
x-amz-cf-id
sEceXFNeiidtgzovEVnC-FNkrEsc7rZyg1apX5PaVolTZDMf9vtmPA==
act
analytics.tiktok.com/api/v2/pixel/ 		0
702 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWY3Zjg1MDRiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3d3f38bf
date
Thu, 29 Aug 2024 23:40:18 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24082923401870ED766634EC727604CC-4FA717F0E7745BFE-00
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
server-timing
inner; dur=200, cdn-cache; desc=MISS, edge; dur=5, origin; dur=300
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024082923401870ED766634EC727604CC
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
300,2.20.179.90
x-tt-trace-host
013428da50f5d4adcebac08c6c7b0fda7288e817eeb162a8f6a4c7a620148218309312d596b60c56b60800c382a53b714765cbd4fe161cdd494d3fbd7f48affe8df09a49c6454adc00e8007973e342ef9460907fe46f1d95e764ab6f92bc56ed4c
access-control-allow-headers
Authorization,*
expires
Thu, 29 Aug 2024 23:40:18 GMT
adnypeu
service3.purehealthresearch.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service3.purehealthresearch.com/adnypeu
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 29 Aug 2024 23:40:18 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Access-Control-Allow-Methods
GET
p
tr6.snapchat.com/ 		0
44 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Aug 2024 23:40:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
via
1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
favicon.png
saynotobald.com/img/ 		547 B
840 B 		Other
General
Check archive.org
Download Go to
Full URL
https://saynotobald.com/img/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.48.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
saynotobald.com
Software
nginx / Express
Resource Hash
a47e8dfabfb472192c82c8d03cb2e526fd5c2cc53778c5460c7e6e25ee81b8c2

Request headers

Referer
https://saynotobald.com/presentation
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 23:40:18 GMT
Last-Modified
Wed, 30 Aug 2023 07:18:00 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"223-18a454e64f6"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
547
p
tr.snapchat.com/ 		0
89 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Aug 2024 23:40:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://saynotobald.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saynotobald.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 17:57:14 GMT
x-content-type-options
nosniff
age
20584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 17:57:14 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saynotobald.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:41:58 GMT
x-content-type-options
nosniff
age
17900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18492
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:41:58 GMT
unip
trc-events.taboola.com/1423196/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=1584&scd=0&ssd=1&est=1724974817811&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1724974819396&vi=1724974817806&ri=7b12677f64c581a6aefeaea3fa2a4849&ref=null&cv=20240822-5-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://saynotobald.com
pragma
no-cache
date
Thu, 29 Aug 2024 23:40:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1423196/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=1584&scd=0&ssd=1&est=1724974817811&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1724974819396&vi=1724974817806&ri=7b12677f64c581a6aefeaea3fa2a4849&ref=null&cv=20240822-5-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://saynotobald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://saynotobald.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 29 Aug 2024 23:40:19 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
collect
o.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://saynotobald.com
Date
Thu, 29 Aug 2024 23:40:19 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
unip
trc-events.taboola.com/1423196/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=4585&scd=0&ssd=1&est=1724974817811&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1724974822397&vi=1724974817806&ri=7b12677f64c581a6aefeaea3fa2a4849&ref=null&cv=20240822-5-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1423196/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saynotobald.com/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://saynotobald.com
pragma
no-cache
date
Thu, 29 Aug 2024 23:40:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1423196/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1423196/log/3/unip?en=pre_d_eng_tb&tos=4585&scd=0&ssd=1&est=1724974817811&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1724974822397&vi=1724974817806&ri=7b12677f64c581a6aefeaea3fa2a4849&ref=null&cv=20240822-5-RELEASE&item-url=https%3A%2F%2Fsaynotobald.com%2Fpresentation&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://saynotobald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://saynotobald.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 29 Aug 2024 23:40:22 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=SC7yDF9OWlJDdjVkdUxXV1JQdEpDJTJCdlJLOUM0elpqRkw4c2FIMjUyMVk3aWNVJTJGREZ4YnRFQU90RkRqUnJjWkpjbWpaQ1JjbnEzbndzN2FRSj...
  • https://widget.us.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=SC7yDF9OWlJDdjVkdUxXV1JQdEpDJTJCdlJLOUM0elpqRkw4c2FIMjUyMVk3aWNVJTJGREZ4YnRFQU90RkRqUnJjWkpjbWpaQ1JjbnEzbndzN2FRSj...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=SC7yDF9OWlJDdjVkdUxXV1JQdEpDJTJCdlJLOUM0elpqRkw4c2FIMjUyMVk3aWNVJTJGREZ4YnRFQU90RkRqUnJjWkpjbWpaQ1JjbnEzbndzN2FRSjY5MiUyRlBrVk1JdiUyQkZ6bXlWSkF0UnVqdlhIcEdOWWM4YldzeDVESWRWZDlsSFYzNUo4SldLQWZPYng0eUpsN0dJZjhEQzBDcVdBQjQ5ZEhzR0ZkeSUyRnA5dnlxdTdhbkZjJTNE&sc=%7B%22fbp%22%3A%22fb.1.1724974817666.68065924201136923%22%2C%22ttp%22%3A%22_zI3BBDwDb0i-T2LWcfcKqw57Cz%22%7D&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation&ceid=dd355314-3893-472a-b4d9-5028f00d56aa
Protocol
H2
Server
74.119.117.16 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
878b84a451e126928d936e9630391e6d14843dd205c23405809b0bddef4c4336
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:40:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4379407
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:40:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=91644&v=5.26.1&otl=1&p0=e%3Dvpg&adce=1&bundle=SC7yDF9OWlJDdjVkdUxXV1JQdEpDJTJCdlJLOUM0elpqRkw4c2FIMjUyMVk3aWNVJTJGREZ4YnRFQU90RkRqUnJjWkpjbWpaQ1JjbnEzbndzN2FRSjY5MiUyRlBrVk1JdiUyQkZ6bXlWSkF0UnVqdlhIcEdOWWM4YldzeDVESWRWZDlsSFYzNUo4SldLQWZPYng0eUpsN0dJZjhEQzBDcVdBQjQ5ZEhzR0ZkeSUyRnA5dnlxdTdhbkZjJTNE&sc=%7B%22fbp%22%3A%22fb.1.1724974817666.68065924201136923%22%2C%22ttp%22%3A%22_zI3BBDwDb0i-T2LWcfcKqw57Cz%22%7D&tld=saynotobald.com&dy=1&fu=https%253A%252F%252Fsaynotobald.com%252Fpresentation&ceid=dd355314-3893-472a-b4d9-5028f00d56aa
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2127609
timing-allow-origin
*
content-length
0
expires
0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-19QC860WB0&gtm=45je48r0v9176637411za200zb850445531&_p=1724974817521&gcs=G111&gcd=13v3v3v2v5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&cid=1362182965.1724974818&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1724974818&sct=1&seg=0&dl=https%3A%2F%2Fsaynotobald.com%2Fpresentation&dt=ReGrow&en=scroll&epn.percent_scrolled=90&_et=120&tfd=6194
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19QC860WB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 23:40:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saynotobald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interest-group
fledge.us.criteo.com/ Frame 0E13 		0
0
register-trigger
measurement-api.criteo.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://measurement-api.criteo.com/register-trigger?partner_id=91644&uid=c606cb91-e9d0-4928-95a9-7562682e20d8&event_name=ViewPage&islcc=0&amount_local=0&amount_euro=0&client_side_event_id=dd355314-3893-472a-b4d9-5028f00d56aa
Requested by
Host: saynotobald.com
URL: https://saynotobald.com/presentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::19 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://saynotobald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:40:23 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"7662943534827795655","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"}
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://saynotobald.com
access-control-allow-credentials
true
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fledge.us.criteo.com
URL
https://fledge.us.criteo.com/interest-group?data=aaXXaXwydktVQmVMRnQ1akxSR0RFUDRGTEpxM0Q0enNrWG1rdHpsTGs4c1l4ZExlMzFKUUNtVURXUlkvY1VnaTd1T3ZFcmFuQ0pVVytNeDBwWGlzVHorOGdlR3RrMmlKUC9MVjY3dnZqVnhuUjJXc1JvWER0RFJLZC9pSTVZY2Q2VjdUbEsza3BKaHArZEtwNmZDSWwzR0h0UEsvU2d6M0kvVXB2ck9PdERKdThjMzA9fA

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| dataLayer function| fbq function| _fbq object| lazySizesConfig object| lazySizes function| init function| adjustVideoPlayerSize function| onYouTubeIframeAPIReady function| getVideoStartTime function| onProgress function| updateTime function| setTapImageSource function| showTapImage function| hideTapImage function| showNextStepButton function| videoChangeGo function| handleKeyboardEvent function| isFacebookApp function| smoothScrollTo function| calculateScrollTopPosition function| showCookiesBanner function| acceptCookies function| setCookie function| getCookie function| toOrderForm object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| google_tag_manager object| google_tag_data object| __tfa_pixel_init object| _tfa function| snaptr function| twq function| clarity string| TiktokAnalyticsObject object| ttq function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM object| Criteo object| criteo_q object| _scPxHelper object| _scPxTeller object| gaGlobal function| UET function| UET_init function| UET_push object| TimeMe boolean| _ucaloaded string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent object| _uca function| ucaEvent boolean| ucaInit object| regeneratorRuntime object| twttr object| ueto_2e6af951e4 object| uetq object| EF function| gtag function| ucAnpFailback function| ucRemoveBadMacros function| ucAnpCallback object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| clarityuetq

30 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 3c1412b8a0a94f31a19b66f8b63dbed5
.youtube.com/ Name: YSC
Value: SFATZCHaMto
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: x4pBxQ1ZFX8
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgOg%3D%3D
.saynotobald.com/ Name: _fbp
Value: fb.1.1724974817666.68065924201136923
.saynotobald.com/ Name: _gcl_au
Value: 1.1.18083097.1724974818
.criteo.com/ Name: uid
Value: c606cb91-e9d0-4928-95a9-7562682e20d8
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.saynotobald.com/ Name: _scid
Value: 92a422b7-71ff-4506-9cbb-c19fb9ab795a
.saynotobald.com/ Name: _scid_r
Value: 92a422b7-71ff-4506-9cbb-c19fb9ab795a
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.tiktok.com/ Name: _ttp
Value: 2lM0p48XIxTZRkZ0DWVf641RpnR
.saynotobald.com/ Name: _ga
Value: GA1.1.1362182965.1724974818
.doubleclick.net/ Name: IDE
Value: AHWqTUk5WTBtWHFItKNxCMXTUJJF92GYOaKxF-lPDICczK9Dsw6tMn7Lu7hDvZhRdFY
.saynotobald.com/ Name: _ga_19QC860WB0
Value: GS1.1.1724974818.1.0.1724974818.60.0.0
.saynotobald.com/ Name: cto_bundle
Value: SC7yDF9OWlJDdjVkdUxXV1JQdEpDJTJCdlJLOUM0elpqRkw4c2FIMjUyMVk3aWNVJTJGREZ4YnRFQU90RkRqUnJjWkpjbWpaQ1JjbnEzbndzN2FRSjY5MiUyRlBrVk1JdiUyQkZ6bXlWSkF0UnVqdlhIcEdOWWM4YldzeDVESWRWZDlsSFYzNUo4SldLQWZPYng0eUpsN0dJZjhEQzBDcVdBQjQ5ZEhzR0ZkeSUyRnA5dnlxdTdhbkZjJTNE
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBQQ0AMAgDQEUkhUFa5PDYVCB+d7zKqIax+ljmGxsFTHBwrtg1u87IZsq1+KJSIsgyAAAA
.saynotobald.com/ Name: _tt_enable_cookie
Value: 1
.saynotobald.com/ Name: _ttp
Value: _zI3BBDwDb0i-T2LWcfcKqw57Cz
.saynotobald.com/ Name: ucacid
Value: 851698729.289798
.saynotobald.com/ Name: _ScCbts
Value: %5B%5D
.t.co/ Name: muc_ads
Value: cc6225b0-4a44-4784-af78-f4ef156b39a7
.t.co/ Name: __cf_bm
Value: .koklAb0RCvtH0U3mH5q5iyfbqehePeyriJhl5WjIgo-1724974818-1.0.1.1-IKVDwyiZ2KX2FUdnXjRzSWPLHivf6ZsaFzvNBjE_BLUHaW4Is4ByJxRL7vfONvbkh8R_CFVUgPFwDtW2mwdAng
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172497481828532790
.twitter.com/ Name: guest_id_ads
Value: v1%3A172497481828532790
.twitter.com/ Name: personalization_id
Value: "v1_6oATHlD+KX+9eMB7zimuYA=="
.twitter.com/ Name: guest_id
Value: v1%3A172497481828532790
secure.regrowhairformula.com/ Name: AWSALBCORS
Value: 8hSMzYTrgjf1QD2qPzGLxIO6o31NfX3LtQzuMz/GpdkjRabJm330ajabfAvvoUKT220SWgwXSnx0yfq0LTps1VxjRdi890/yIOprclyUTqjkMNW64zQlsKMxHayL
saynotobald.com/ Name: /presentation:watchVideoTime:W2v6kmNiZhU
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12217290.fls.doubleclick.net
14028140.fls.doubleclick.net
14618141.fls.doubleclick.net
ad.doubleclick.net
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
cdn.taboola.com
connect.facebook.net
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dynamic.criteo.com
fledge.us.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.ytimg.com
measurement-api.criteo.com
o.clarity.ms
psb.taboola.com
region1.analytics.google.com
saynotobald.com
sc-static.net
secure.regrowhairformula.com
service3.purehealthresearch.com
sslwidget.criteo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
trc-events.taboola.com
trc.taboola.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.ibph4trk.com
www.youtube-nocookie.com
www.youtube.com
fledge.us.criteo.com
104.244.42.131
134.209.162.206
141.226.228.48
142.250.185.136
142.250.185.228
142.250.185.70
142.250.186.130
142.250.186.70
142.250.186.99
143.204.205.59
146.75.120.157
151.101.1.44
151.101.65.44
157.240.253.1
161.35.48.155
162.159.140.229
178.250.1.9
2.18.64.15
2001:4860:4802:32::36
216.58.206.34
2620:1ec:33:1::10
2620:1ec:bdf::60
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2008
2a00:1450:4001:829::2002
2a00:1450:4001:829::2016
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
2a00:1450:400c:c1d::9c
2a02:2638:3::19
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f176:181:face:b00c:0:25de
3.163.248.4
34.107.199.247
35.190.43.134
52.152.143.207
54.83.102.150
65.9.84.78
74.119.117.16
04e0b651405379f3aacb2f4d760ff4a2a5228b417a2b82fb844aef920810e678
0c72cdf737d5d9b5a8a773b65863777efc9897a40b76f628bb467a45415cc9ee
14b3218e9db60ed38fade7796b9eab50f29fecaa5319b3c0ddf4b57d854037ed
1b593a3379b6ba352db1a3c7d7285544e796ff62e63bffc5dc42513e6a45577b
1ec38905e35198a7c3c085a8f70a014ecefc2f335ac00112580694eaaf61c6a1
2549728388b785f14ce36cbd3014cc87d3877aba235d861f424ed170b1b10c8f
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
28309c0b568ba225af532b8b9080a1d8bacbef6f1b7e4c91039ce74e0802f1c3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af0f5c12099fb857aeda94a926b0ab19f253b649b4b159f04f0f9e342de2d9f
3743769fa847b5eda297273129e90d5b14d73d83c5d0305a6e77cc9980db481f
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
45dc231910f42973a5b4bf03b81cefc4186efe69c1d7531d17765489d7e7a034
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855
4cb1d2e8005383d8bb7353ea253c64401b3f565d026d59a910499d2387606b56
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
5e0e4b4d474d5bac91d0994c4c9363d15f92d7e07e77da6973c925d0d7cd8390
6b39591b7ffe196119c4a3a2deedd2dfbf8ceb827454ebccba24c59192267e4a
6de8b8ecf06ae431e0aaa48646d237c3d91e7855ffbb3281e58a034f4d72b26a
79d25bee6eea87e3aa81ef37c57e7c03c55343eda7aa394292062ffe3dc75c09
818b26ced1a6d857f48212bfff27343887d33a48aae68480ca841a5abed2a037
878b84a451e126928d936e9630391e6d14843dd205c23405809b0bddef4c4336
8dc2978ae8ec2bd433906c280e8bf8494fb2fa8ae9508ece58b191c12c0cee7c
92b206bdad14cdbfe91b1f7e119395cb3af58c1fe54f24d56b9c672b1e2226f0
9ecdae41631c6bfc7abfe6e5f90dc080583cf9c1c186a862d430d6146cae23cc
a47e8dfabfb472192c82c8d03cb2e526fd5c2cc53778c5460c7e6e25ee81b8c2
a6b013c85873a3c03eaf24a04dc6043c8b390d9bd0dee4f0c1423a1d075bb42e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66
b118f2d4b830c0175100311f130e16739b746a93b4be3e92f475b09f9ca857e8
b19c4a3fcf71b8761786079fe6cf64166a433b265f7a65c066152ef1cd61edc0
b20646f6d63814bec606c60efd47ab1b23b80127aa866eaeed7db2b70a6e0539
b791d2b866ab8e257e77eb59e656351704a1c2971b41ff0e4b37d2598708bfa6
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bde2472a76e01f194919d637e205051b6e966692237a60d113e3bd7c130bf25b
c1149f549836966f092c7269759a4b317494f6ece1969e83f58ab668d0c8115c
c8fd6499cfe02a59d93aafde2204d60dc0400ef60ba7acdec8b496aa09c9cde9
d0faec0913bbe32c8d7afa6c967505df57b52201e768deb6527f278add3b3967
d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ec03885b65d19a116922659cdcac9e48137b9866f4a6405f190a525ef68b6343
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9542c151d5eaa98a8531633e34802d4ac26e4c3a69033c3aa2118f523029395
fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd
fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0