Submitted URL: https://linklock.titanhq.com/analyse?url=https%3A%2F%2Foauth052124-mailgun000-82fe84acbf3144fdb106bsaed364b.gunny2024-1.worke...
Effective URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Submission: On May 23 via manual from ZA — Scanned from DE

Summary

This website contacted 25 IPs in 5 countries across 26 domains to perform 45 HTTP transactions. The main IP is 162.43.120.3, located in Jingūmae, Japan and belongs to XSERVER Xserver Inc., JP. The main domain is hisayo-ohta.com.
TLS certificate: Issued by R3 on May 18th 2024. Valid for: 3 months.
This is the only time hisayo-ohta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.69.98.154 16509 (AMAZON-02)
1 1 172.67.172.72 13335 (CLOUDFLAR...)
1 103.141.96.49 131965 (XSERVER X...)
2 2a04:4e42:200... 54113 (FASTLY)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 162.43.120.3 131965 (XSERVER X...)
1 2620:1ec:46::45 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.127.196.46 16509 (AMAZON-02)
2 2600:9000:244... 16509 (AMAZON-02)
3 2a03:2880:f08... 32934 (FACEBOOK)
2 2.17.147.176 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
1 146.75.120.157 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
4 34.160.13.42 396982 (GOOGLE-CL...)
2 142.250.186.130 15169 (GOOGLE)
1 2600:9000:239... 16509 (AMAZON-02)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
3 2620:1ec:21::14 8068 (MICROSOFT...)
6 2a03:2880:f17... 32934 (FACEBOOK)
1 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
45 25
Apex Domain
Subdomains
Transfer
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
5 KB
4 mailgun.com
login.mailgun.com — Cisco Umbrella Rank: 953715
196 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 338
2 KB
3 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5787
c.6sc.co — Cisco Umbrella Rank: 8716
ipv6.6sc.co — Cisco Umbrella Rank: 5928
18 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
99 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
122 B
2 rudderlabs.com
cdn.rudderlabs.com — Cisco Umbrella Rank: 11303
38 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
216 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
56 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 882
725 B
1 t.co
t.co — Cisco Umbrella Rank: 717
374 B
1 clearbitscripts.com
tag.clearbitscripts.com — Cisco Umbrella Rank: 13679
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 803
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 801
15 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1160
13 KB
1 sinchemail.com
get.sinchemail.com
3 KB
1 clearbitjs.com
x.clearbitjs.com — Cisco Umbrella Rank: 16683 Failed
1 microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com — Cisco Umbrella Rank: 14962
17 KB
1 hisayo-ohta.com
hisayo-ohta.com
5 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3044
16 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
7 KB
1 centre-hairsalon.com
centre-hairsalon.com
946 B
1 workers.dev
oauth052124-mailgun000-82fe84acbf3144fdb106bsaed364b.gunny2024-1.workers.dev
520 B
1 titanhq.com
linklock.titanhq.com — Cisco Umbrella Rank: 271306
287 B
0 google.com Failed
td.google.com Failed
45 26
Domain Requested by
6 www.facebook.com hisayo-ohta.com
4 login.mailgun.com hisayo-ohta.com
login.mailgun.com
3 px.ads.linkedin.com snap.licdn.com
hisayo-ohta.com
3 connect.facebook.net hisayo-ohta.com
connect.facebook.net
2 googleads.g.doubleclick.net hisayo-ohta.com
2 cdn.rudderlabs.com hisayo-ohta.com
2 www.googletagmanager.com hisayo-ohta.com
2 code.jquery.com centre-hairsalon.com
1 ipv6.6sc.co j.6sc.co
1 c.6sc.co j.6sc.co
1 analytics.twitter.com hisayo-ohta.com
1 t.co hisayo-ohta.com
1 tag.clearbitscripts.com hisayo-ohta.com
1 www.google-analytics.com hisayo-ohta.com
1 snap.licdn.com hisayo-ohta.com
1 static.ads-twitter.com hisayo-ohta.com
1 www.redditstatic.com hisayo-ohta.com
1 get.sinchemail.com hisayo-ohta.com
1 j.6sc.co hisayo-ohta.com
1 x.clearbitjs.com hisayo-ohta.com
1 secure.aadcdn.microsoftonline-p.com
1 hisayo-ohta.com centre-hairsalon.com
1 stackpath.bootstrapcdn.com centre-hairsalon.com
1 cdnjs.cloudflare.com centre-hairsalon.com
1 centre-hairsalon.com
1 oauth052124-mailgun000-82fe84acbf3144fdb106bsaed364b.gunny2024-1.workers.dev 1 redirects
1 linklock.titanhq.com 1 redirects
0 td.google.com Failed hisayo-ohta.com
45 28

This site contains no links.

Subject Issuer Validity Valid
www.centre-hairsalon.com
R3
2024-04-15 -
2024-07-14
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-03-27 -
2024-06-25
3 months crt.sh
www.hisayo-ohta.com
R3
2024-05-18 -
2024-08-16
3 months crt.sh
secure.aadcdn.microsoftonline-p.com
Microsoft Azure RSA TLS Issuing CA 04
2024-05-22 -
2025-05-17
a year crt.sh
*.google-analytics.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
clearbitjs.com
Amazon RSA 2048 M02
2024-02-15 -
2025-03-16
a year crt.sh
*.rudderlabs.com
Amazon RSA 2048 M03
2024-05-14 -
2025-06-12
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-03-01 -
2024-05-30
3 months crt.sh
6sc.co
R3
2024-04-09 -
2024-07-08
3 months crt.sh
get.sinchemail.com
E1
2024-05-07 -
2024-08-05
3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-08 -
2024-07-06
6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-21 -
2024-07-19
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
*.mailgun.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-08 -
2025-05-27
a year crt.sh
*.g.doubleclick.net
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
clearbitscripts.com
Amazon RSA 2048 M03
2024-05-11 -
2025-06-08
a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-07 -
2025-01-06
a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-31 -
2024-10-29
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-01-30 -
2024-07-30
6 months crt.sh

This page contains 2 frames:

Primary Page: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Frame ID: C5A8D92555053B7AC77D7522984B7784
Requests: 44 HTTP requests in this frame

Frame: https://td.google.com/
Frame ID: 834DA0E28AE061B09937C63FBABC1ECC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Login | Mailgun

Page URL History Show full URLs

  1. https://linklock.titanhq.com/analyse?url=https%3A%2F%2Foauth052124-mailgun000-82fe84acbf3144fdb106bsaed36... HTTP 301
    https://oauth052124-mailgun000-82fe84acbf3144fdb106bsaed364b.gunny2024-1.workers.dev/?eba=angelique.kleynhans@sappi.com HTTP 302
    https://centre-hairsalon.com/5162024/ Page URL
  2. https://hisayo-ohta.com/01252024/mailgun-00-connect/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

91 %
HTTPS

50 %
IPv6

26
Domains

28
Subdomains

25
IPs

5
Countries

744 kB
Transfer

1899 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://linklock.titanhq.com/analyse?url=https%3A%2F%2Foauth052124-mailgun000-82fe84acbf3144fdb106bsaed364b.gunny2024-1.workers.dev%2F%3Feba%3Dangelique.kleynhans%40sappi.com&data=eJyEjsFOxCAURb-GLkxo4PHAkojRxMx_POB1ppkWamk1_Xszbl24vjfnnBQ0Wxi8GaQFhxKjVtJnb2V2DpMZvWZnuxyeuiW8DIZTIsMyonfSJ3iW3luQPqJHmxCQ3Fuq1HaaU1133lqf6vLatVDqxut8ClR_924LVK48T58H9_eZz3Kj0gSqRus6_T6OcNv3tQnzLuAi4FLp2G_KggaUC03z9ShKKTnAyANSiqPRiGOOWrnYiLNxGPvrUcoJClDq_rtu94c-89eDaC4cSZiPfzp-AgAA__-klmBC HTTP 301
    https://oauth052124-mailgun000-82fe84acbf3144fdb106bsaed364b.gunny2024-1.workers.dev/?eba=angelique.kleynhans@sappi.com HTTP 302
    https://centre-hairsalon.com/5162024/ Page URL
  2. https://hisayo-ohta.com/01252024/mailgun-00-connect/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://linklock.titanhq.com/analyse?url=https%3A%2F%2Foauth052124-mailgun000-82fe84acbf3144fdb106bsaed364b.gunny2024-1.workers.dev%2F%3Feba%3Dangelique.kleynhans%40sappi.com&data=eJyEjsFOxCAURb-GLkxo4PHAkojRxMx_POB1ppkWamk1_Xszbl24vjfnnBQ0Wxi8GaQFhxKjVtJnb2V2DpMZvWZnuxyeuiW8DIZTIsMyonfSJ3iW3luQPqJHmxCQ3Fuq1HaaU1133lqf6vLatVDqxut8ClR_924LVK48T58H9_eZz3Kj0gSqRus6_T6OcNv3tQnzLuAi4FLp2G_KggaUC03z9ShKKTnAyANSiqPRiGOOWrnYiLNxGPvrUcoJClDq_rtu94c-89eDaC4cSZiPfzp-AgAA__-klmBC HTTP 301
  • https://oauth052124-mailgun000-82fe84acbf3144fdb106bsaed364b.gunny2024-1.workers.dev/?eba=angelique.kleynhans@sappi.com HTTP 302
  • https://centre-hairsalon.com/5162024/

45 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
centre-hairsalon.com/5162024/
Redirect Chain
  • https://linklock.titanhq.com/analyse?url=https%3A%2F%2Foauth052124-mailgun000-82fe84acbf3144fdb106bsaed364b.gunny2024-1.workers.dev%2F%3Feba%3Dangelique.kleynhans%40sappi.com&data=eJyEjsFOxCAURb-GL...
  • https://oauth052124-mailgun000-82fe84acbf3144fdb106bsaed364b.gunny2024-1.workers.dev/?eba=angelique.kleynhans@sappi.com
  • https://centre-hairsalon.com/5162024/
2 KB
946 B
Document
General
Full URL
https://centre-hairsalon.com/5162024/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.141.96.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv10688.xserver.jp
Software
nginx /
Resource Hash
299b761a2d6d256ad49ffcacd2157ae1a21662b4a697a2a34867030febe5d66e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 23 May 2024 07:18:39 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-ray
888345eb8b3a8c4f-FRA
content-length
0
date
Thu, 23 May 2024 07:18:38 GMT
location
https://centre-hairsalon.com/5162024/#angelique.kleynhans@sappi.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SJC2sUVG7b19QxFjc3SbcHsCt%2BP7OaB70H9R1w2mZyhcDe9fNogLhMVsQqg5nSqk6SEhbmysEb2m4qdYJSG6tO7ooKyCKdq%2FHdhlV0ePdSrD1CeIL5obuwzowLq5C%2BJPSoDIPPGiXw5qyc9Ip5xYyQskZDdopYv4dhnakwD2VipK0EKhfUD1e6wXnvrf6hqgyzOVdH7IPGQ5W6DRuf7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery-3.3.1.slim.min.js
code.jquery.com/
68 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: centre-hairsalon.com
URL: https://centre-hairsalon.com/5162024/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://centre-hairsalon.com/
Origin
https://centre-hairsalon.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
21646516
x-cache
HIT, HIT
content-length
24038
x-served-by
cache-lga21982-LGA, cache-fra-eddf8230144-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1716448720.731383,VS0,VE0
etag
W/"28feccc0-1111d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
116, 118521
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
Requested by
Host: centre-hairsalon.com
URL: https://centre-hairsalon.com/5162024/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://centre-hairsalon.com/
Origin
https://centre-hairsalon.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2348799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6458
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-500f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJAVyT1oWa1kPj8EwTqjV0hfjciAdGp76VVpL%2FY5cwRCp%2B5KlB7JlwtWIEsD8y6Tc3HPZskN0r%2FfOLrtd1hJz0cnTAn%2BbPECnGZd%2B1F%2FT3NuKKXBmDJ4jNlTwj60uhc9Wgl6R3AM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
888345f24a763611-FRA
expires
Tue, 13 May 2025 07:18:39 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/
49 KB
16 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
Requested by
Host: centre-hairsalon.com
URL: https://centre-hairsalon.com/5162024/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://centre-hairsalon.com/
Origin
https://centre-hairsalon.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1077
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
392803
cdn-cachedat
03/18/2024 13:32:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ce6e785579ae4cb555c9de311d1b9271"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e809f160fad439ea015bef50221e858a
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
888345f259d93735-FRA
cdn-requestpullsuccess
True
jquery-1.9.1.min.js
code.jquery.com/
90 KB
32 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: centre-hairsalon.com
URL: https://centre-hairsalon.com/5162024/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://centre-hairsalon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3979614
x-cache
HIT, HIT
content-length
32772
x-served-by
cache-lga13625-LGA, cache-fra-eddf8230026-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1716448720.731387,VS0,VE0
etag
W/"28feccc0-169d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4, 2975248
Primary Request /
hisayo-ohta.com/01252024/mailgun-00-connect/
18 KB
5 KB
Document
General
Full URL
https://hisayo-ohta.com/01252024/mailgun-00-connect/
Requested by
Host: centre-hairsalon.com
URL: https://centre-hairsalon.com/5162024/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.43.120.3 Jingūmae, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv14002.xserver.jp
Software
nginx /
Resource Hash
f6eb637a9a2a1c431bfab681a01c03c45c4835a1b9c2058eebb76a2be4ca9558

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://centre-hairsalon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html
date
Thu, 23 May 2024 07:18:40 GMT
etag
W/"46fb-614bcb059864e"
last-modified
Thu, 28 Mar 2024 18:28:25 GMT
server
nginx
vary
Accept-Encoding
favicon_a.ico
secure.aadcdn.microsoftonline-p.com/ests/2.1.6468.8/content/images/
17 KB
17 KB
Other
General
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6468.8/content/images/favicon_a.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://centre-hairsalon.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 23 May 2024 07:18:39 GMT
last-modified
Sat, 18 May 2019 11:03:12 GMT
etag
0x8D6DB806BB781BB
x-azure-ref
20240523T071839Z-164d49668c6g84lrgzgmdmugbw00000004dg00000000h1pv
x-cache
TCP_HIT
content-type
image/x-icon
x-ms-request-id
b692c666-c01e-0081-0ce1-ab3161000000
cache-control
public, max-age=604800
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
50755578
x-cache-info
L1_T2
accept-ranges
bytes
content-length
17174
gtm.js
www.googletagmanager.com/
369 KB
115 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WN2J6
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ff64f26131ac71b98b1b9e53792dc52829776b067880af130a0c9f1c454fc27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117842
x-xss-protection
0
last-modified
Thu, 23 May 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 May 2024 07:18:40 GMT
tracking.min.js
x.clearbitjs.com/v2/pk_54258638e2140e223e87c6c868ec9a93/
0
0

forms.js
x.clearbitjs.com/v1/pk_54258638e2140e223e87c6c868ec9a93/
0
0
Script
General
Full URL
https://x.clearbitjs.com/v1/pk_54258638e2140e223e87c6c868ec9a93/forms.js?page_path=%2FC%3A%2FUsers%2FAdministrator%2FDesktop%2FNEW%2520ERA%2FMAILGUNPAGE%25202023%2Fpage%2Findex.html
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-196-46.eu-central-1.compute.amazonaws.com
Software
Clearbit /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-response-flags
-
server
Clearbit
content-length
0
content-type
application/javascript;charset=utf-8
destinations.min.js
x.clearbitjs.com/v2/pk_54258638e2140e223e87c6c868ec9a93/
0
0

GoogleTagManager.min.js
cdn.rudderlabs.com/v1.1/js-integrations/
6 KB
2 KB
Script
General
Full URL
https://cdn.rudderlabs.com/v1.1/js-integrations/GoogleTagManager.min.js
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:b800:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80bd7b20f15dc6413930798722e85f86c4aaabd66055f73332ed91f44a24acf3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:17:55 GMT
content-encoding
br
via
1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
last-modified
Mon, 13 May 2024 06:04:06 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P5
age
997
x-amz-server-side-encryption
AES256
etag
W/"3df714cfb453e9290fe1693035c4266d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
8bqGTVl0zCSZgvviX7_CDplTjFBjxClTyffrPkpo5PAJbdE9wy9jew==
js
www.googletagmanager.com/gtag/
297 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PZB2JSMCGC&l=dataLayer&cx=c
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae5e30d9456ea22f434ea810b9e50e39dbbb0d4f1e368a1c4f2bcaff51064eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102351
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 May 2024 07:18:40 GMT
541164370529087
connect.facebook.net/signals/config/
101 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/541164370529087?v=2.9.104&r=stable
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
049da0a4f46184fa1f4992d8b69043a47575650adaa74ed164b1c35d07a4e84a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 May 2024 07:18:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=15, mss=1326, tbw=63362, tp=-1, tpl=-1, uplat=67, ullat=0
pragma
public
x-fb-debug
S7kD+SISl7tkKhvT49Q9CWYcXgFZf0T8mDJu5j00ckj7elL3uwBc8rec5GMnHlTpwK9s0mOy5Bc9Y3hFBiFLdA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 May 2024 07:18:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=15, mss=1326, tbw=2816, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
/yywiM4XajPxn2O4GBuDaU19Yb93Dq1ZCt8X+X89/x4ncKIt+7FpqZnvtacesc0AVS27SQOn6QyBFF5EkSUHGA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
6si.min.js
j.6sc.co/
66 KB
18 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-147-176.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 07:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 May 2024 06:01:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"663c66b5-106b3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
18038
expires
Thu, 23 May 2024 07:18:41 GMT
js
get.sinchemail.com/pr/
6 KB
3 KB
Script
General
Full URL
https://get.sinchemail.com/pr/js
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0447a16b013d19042b42be1a4eaadf522f4dac16ef6867ed8664ec53a80b1500

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:41 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 27 Feb 2024 19:31:09 GMT
server
cloudflare
etag
W/"65de387d-19ce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400, stale-if-error=604800
cf-ray
888345fa5d3a9170-FRA
pixel.js
www.redditstatic.com/ads/
42 KB
13 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Wed, 22 May 2024 17:01:28 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12104
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:41 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220036-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/
47 KB
17 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 17:20:18 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=33676
accept-ranges
bytes
content-length
16683
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 May 2024 06:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2973
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 23 May 2024 08:29:08 GMT
rudder-analytics.min.js
cdn.rudderlabs.com/v1.1/
122 KB
35 KB
Script
General
Full URL
https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:b800:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e47f6b949bf5fa09cc51057ca475494a6b9ccf2af4717086a2db9e8798095fbd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:17:56 GMT
content-encoding
br
via
1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
last-modified
Mon, 13 May 2024 06:04:05 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P5
age
998
x-amz-server-side-encryption
AES256
etag
W/"09b08a139c82eeaeee1ceeb1b8bbadd7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0tcs0cZ0-bng-HCX_oJK-hngiREKDq07hSWzzhDBgYTFLYuelPosYQ==
style.css
login.mailgun.com/login/static/
12 KB
12 KB
Stylesheet
General
Full URL
https://login.mailgun.com/login/static/style.css?v=1.0.0
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.160.13.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.13.160.34.bc.googleusercontent.com
Software
TwistedWeb/22.10.0 /
Resource Hash
94c2930b734d6fbe51744402e21501fabf6aa6fb65b79b0f0160094358bd32f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 08 May 2024 16:01:53 GMT
server
TwistedWeb/22.10.0
etag
"1715184113.0-12089-376774563"
content-type
text/css; charset=utf-8
cache-control
no-cache
content-disposition
inline; filename=style.css
content-length
12089
x-xss-protection
1; mode=block
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005952947/
43 B
61 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005952947/?random=1685204592833&cv=11&fst=1685204592833&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1536&u_h=864&url=https%3A%2F%2Flogin.mailgun.com%2Flogin%2F&label=D44PCKXQjAQQs7_W3wM&hn=www.googleadservices.com&frm=0&tiba=Login%20%7C%20Mailgun&auid=46058530.1685204589&fledge=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B113.0.5672.93%7CChromium%3B113.0.5672.93%7CNot-A.Brand%3B24.0.0.0&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&rfmt=3&fmt=4
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 07:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005952947/
43 B
61 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005952947/?random=1685205259095&cv=11&fst=1685205259095&bg=ffffff&guid=ON&async=1&gtm=45He35o0&u_w=1536&u_h=864&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdministrator%2FDesktop%2FNEW%2520ERA%2FMAILGUNPAGE%25202023%2Fpage%2Findex.html&label=D44PCKXQjAQQs7_W3wM&hn=www.googleadservices.com&frm=0&tiba=Login%20%7C%20Mailgun&fledge=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B113.0.5672.93%7CChromium%3B113.0.5672.93%7CNot-A.Brand%3B24.0.0.0&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&rfmt=3&fmt=4
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 07:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo-mailgun-sinch.svg
login.mailgun.com/login/static/
5 KB
5 KB
Image
General
Full URL
https://login.mailgun.com/login/static/logo-mailgun-sinch.svg
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.160.13.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.13.160.34.bc.googleusercontent.com
Software
TwistedWeb/22.10.0 /
Resource Hash
cb1da2f299572bf2acce785fef2ee323c1c39ae079ff8db5c85b6486dd71e0d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 08 May 2024 16:01:53 GMT
server
TwistedWeb/22.10.0
etag
"1715184113.0-5260-3523617926"
content-type
image/svg+xml; charset=utf-8
cache-control
no-cache
content-disposition
inline; filename=logo-mailgun-sinch.svg
content-length
5260
x-xss-protection
1; mode=block
mailgun-login-leftrail.png
login.mailgun.com/login/static/
178 KB
178 KB
Image
General
Full URL
https://login.mailgun.com/login/static/mailgun-login-leftrail.png
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.160.13.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.13.160.34.bc.googleusercontent.com
Software
TwistedWeb/22.10.0 /
Resource Hash
789b45eda067d65646ff665c1c2446d75db4c6a2eab5c8dbaaa9162e90691ebd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 08 May 2024 16:01:53 GMT
server
TwistedWeb/22.10.0
etag
"1715184113.0-182211-1768433185"
content-type
image/png
cache-control
no-cache
content-disposition
inline; filename=mailgun-login-leftrail.png
content-length
182211
x-xss-protection
1; mode=block
tags.js
tag.clearbitscripts.com/v1/pk_54258638e2140e223e87c6c868ec9a93/
0
0
Script
General
Full URL
https://tag.clearbitscripts.com/v1/pk_54258638e2140e223e87c6c868ec9a93/tags.js
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:ae00:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Clearbit /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-response-flags
-
via
1.1 bf1322673c76eb0dbc1cb8544c47f1e2.cloudfront.net (CloudFront)
server
Clearbit
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P2
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript;charset=utf-8
cache-control
private, max-age=600
x-amz-cf-id
PWKMBQ-skLI4Pp7_EhjSMAQ__GBS1owKzpXSdPnDcXjKFtmazE4Qjg==
adsct
t.co/1/i/
43 B
374 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=939cc2b0-a976-4b0b-a894-1b98e3298bf7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eeb64410-e513-4069-a922-41bb6f75921e&tw_document_href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdministrator%2FDesktop%2FNEW%2520ERA%2FMAILGUNPAGE%25202023%2Fpage%2Findex.html&tw_iframe_status=0&txn_id=o57gg&type=javascript&version=2.3.29
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
180
date
Thu, 23 May 2024 07:18:40 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
24c609730e0af040
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
385ad034de0dc7ad282bb7a16b3e0075263fd7dffd1050ec3c2cd9feaf28deaa
content-length
43
adsct
analytics.twitter.com/1/i/
43 B
725 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=939cc2b0-a976-4b0b-a894-1b98e3298bf7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eeb64410-e513-4069-a922-41bb6f75921e&tw_document_href=file%3A%2F%2F%2FC%3A%2FUsers%2FAdministrator%2FDesktop%2FNEW%2520ERA%2FMAILGUNPAGE%25202023%2Fpage%2Findex.html&tw_iframe_status=0&txn_id=o57gg&type=javascript&version=2.3.29
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
186
date
Thu, 23 May 2024 07:18:40 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
6a746a79fbc456e7
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
6ab19d16db1855e8c8f2edd522939a1538bc760f98aa513b379634eaeaa8f858
content-length
43
attribution_trigger
px.ads.linkedin.com/
2 B
815 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1716448721081&url=https%3A%2F%2Fhisayo-ohta.com%2F01252024%2Fmailgun-00-connect%2F%23angelique.kleynhans%40sappi.com
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
*
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:40 GMT
content-encoding
gzip
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5DC388FA188547C2BE9607AF590602A3 Ref B: FRAEDGE1109 Ref C: 2024-05-23T07:18:41Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-ltx1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYZGdxNVv8bVpJvm+SYKQ==
x-fs-uuid
00061919dc4d56ff1b56926f9be49829
collect
px.ads.linkedin.com/
0
532 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1716448721081&url=https%3A%2F%2Fhisayo-ohta.com%2F01252024%2Fmailgun-00-connect%2F%23angelique.kleynhans%40sappi.com
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:40 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7B498BF070ED40758D1D4DBA8370C919 Ref B: FRAEDGE1413 Ref C: 2024-05-23T07:18:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYZGdxNrsp9TTJsoHkLrw==
/
px.ads.linkedin.com/wa/
0
328 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://hisayo-ohta.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:40 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 629E4754EAF14946A0BC399D062706DF Ref B: FRAEDGE1413 Ref C: 2024-05-23T07:18:41Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://hisayo-ohta.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYZGdxQFiJVbSpA1t2dMw==
/
td.google.com/ Frame 834D
0
0

roboto-v27-latin-regular.woff
login.mailgun.com/login/static/
0
0

541164370529087
connect.facebook.net/signals/config/
57 KB
12 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/541164370529087?v=2.9.156&r=stable&domain=hisayo-ohta.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
db044c817671941d2a3f2cffc8825f3d749e521807f558a47449d8b085d21551
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 May 2024 07:18:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=87, mss=1326, tbw=92364, tp=-1, tpl=-1, uplat=68, ullat=0
pragma
public
x-fb-debug
ZdMpx7asTNp7tJp5/sXKuY44Bz1AQ8DyNhJ7iehtiTfv1/6brtYt6ppLzhksQzyM1z1A8bzjfS9baMhCG12gwQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=541164370529087&ev=PageView&dl=https%3A%2F%2Fhisayo-ohta.com%2F01252024%2Fmailgun-00-connect%2F%23angelique.kleynhans%40sappi.com&rl=https%3A%2F%2Fcentre-hairsalon.com%2F&if=false&ts=1716448721460&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716448721459.1963557507&ler=other&cdl=API_unavailable&it=1716448721376&coo=false&rqm=GET
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2834, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 May 2024 07:18:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
484 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=541164370529087&ev=PageView&dl=https%3A%2F%2Fhisayo-ohta.com%2F01252024%2Fmailgun-00-connect%2F%23angelique.kleynhans%40sappi.com&rl=https%3A%2F%2Fcentre-hairsalon.com%2F&if=false&ts=1716448721460&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716448721459.1963557507&ler=other&cdl=API_unavailable&it=1716448721376&coo=false&rqm=FGET
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x54ce431924c6c1c5","source_keys":["1","2"]},{"key_piece":"0x9c6993f18c92e057","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 23 May 2024 07:18:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=6856, tp=-1, tpl=-1, uplat=167, ullat=0
pragma
no-cache
x-fb-debug
t1FWgNef4X8mobwwuW52uytgarSQUzAFWMN9aOGVcmO2GdijdBqFc+TQ1N13L6q+PKxlts+Yg+03zIi99FqK9w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=541164370529087&ev=Scroll_50&dl=https%3A%2F%2Fhisayo-ohta.com%2F01252024%2Fmailgun-00-connect%2F%23angelique.kleynhans%40sappi.com&rl=https%3A%2F%2Fcentre-hairsalon.com%2F&if=false&ts=1716448721461&sw=1600&sh=1200&v=2.9.156&r=stable&ec=1&o=4126&fbp=fb.1.1716448721459.1963557507&ler=other&cdl=API_unavailable&it=1716448721376&coo=false&rqm=GET
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2834, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 May 2024 07:18:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
4 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=541164370529087&ev=Scroll_50&dl=https%3A%2F%2Fhisayo-ohta.com%2F01252024%2Fmailgun-00-connect%2F%23angelique.kleynhans%40sappi.com&rl=https%3A%2F%2Fcentre-hairsalon.com%2F&if=false&ts=1716448721461&sw=1600&sh=1200&v=2.9.156&r=stable&ec=1&o=4126&fbp=fb.1.1716448721459.1963557507&ler=other&cdl=API_unavailable&it=1716448721376&coo=false&rqm=FGET
Requested by
Host: hisayo-ohta.com
URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6f9deeddc5edcf4d","source_keys":["1","2"]},{"key_piece":"0x3846355ca2c0d4aa","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 23 May 2024 07:18:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=3183, tp=-1, tpl=-1, uplat=166, ullat=0
pragma
no-cache
x-fb-debug
uxz0vpQ2M/JIRald+WuTTaHUCdRqKQGDs02gWOpnUH88oM7foneYaNs3gaIpdk8YLpEUkw3ich5+1LJZJJyfzw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
c.6sc.co/
7 B
192 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-147-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:41 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://hisayo-ohta.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/
20 B
310 B
XHR
General
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::5f64:9219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b2e3fc362f86c882c8655f7d26cc8dde4c201cd22be17745cbff4357b2b8677d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 23 May 2024 07:18:41 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://hisayo-ohta.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2a03:1b20:6:f011::5e
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1716448721741_1600426517_691070356_21_1028_22_45_219";dur=1
content-length
20
expires
Thu, 23 May 2024 07:18:41 GMT
/
www.facebook.com/tr/
0
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=541164370529087&ev=Scroll_50&dl=https%3A%2F%2Fhisayo-ohta.com%2F01252024%2Fmailgun-00-connect%2F%23angelique.kleynhans%40sappi.com&rl=https%3A%2F%2Fcentre-hairsalon.com%2F&if=false&ts=1716448721708&sw=1600&sh=1200&v=2.9.156&r=stable&ec=2&o=4126&fbp=fb.1.1716448721459.1963557507&ler=other&cdl=API_unavailable&it=1716448721376&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=7432, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 May 2024 07:18:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
273 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=541164370529087&ev=Scroll_50&dl=https%3A%2F%2Fhisayo-ohta.com%2F01252024%2Fmailgun-00-connect%2F%23angelique.kleynhans%40sappi.com&rl=https%3A%2F%2Fcentre-hairsalon.com%2F&if=false&ts=1716448721708&sw=1600&sh=1200&v=2.9.156&r=stable&ec=2&o=4126&fbp=fb.1.1716448721459.1963557507&ler=other&cdl=API_unavailable&it=1716448721376&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6f9deeddc5edcf4d","source_keys":["1","2"]},{"key_piece":"0x3846355ca2c0d4aa","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 23 May 2024 07:18:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=7577, tp=-1, tpl=-1, uplat=37, ullat=0
pragma
no-cache
x-fb-debug
ETJCQqwn9rR5oejhBvlcMAdGsBtZMTItR35CS7u+M8bJQSi/hiseI1Q3mUQhZI3koKvyvoJdDYYFWtIOw2Xm5Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.png
login.mailgun.com/login/static/
798 B
875 B
Other
General
Full URL
https://login.mailgun.com/login/static/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.160.13.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.13.160.34.bc.googleusercontent.com
Software
TwistedWeb/22.10.0 /
Resource Hash
b34ec5d4d9a445f64bbc44b30cfaff64ed32a6d24e76230dec4576f40fdafa4d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hisayo-ohta.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:18:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 08 May 2024 16:01:53 GMT
server
TwistedWeb/22.10.0
etag
"1715184113.0-798-1443897428"
content-type
image/png
cache-control
no-cache
content-disposition
inline; filename=favicon.png
content-length
798
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
x.clearbitjs.com
URL
https://x.clearbitjs.com/v2/pk_54258638e2140e223e87c6c868ec9a93/tracking.min.js
Domain
x.clearbitjs.com
URL
https://x.clearbitjs.com/v2/pk_54258638e2140e223e87c6c868ec9a93/destinations.min.js
Domain
td.google.com
URL
https://td.google.com/
Domain
login.mailgun.com
URL
https://login.mailgun.com/login/static/roboto-v27-latin-regular.woff

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| GoogleTagManager_RS object| _6si function| lintrk boolean| _already_called_lintrk function| redditNormalizeEmail object| regeneratorRuntime object| twttr object| rudderanalytics object| google_tag_manager object| google_tag_data object| dataLayer function| postscribe object| google_tag_manager_external object| growsumo boolean| google_noFurtherRedirects function| ga object| gaplugins object| ORIBILI function| fbq function| _fbq string| hash function| onYouTubeIframeAPIReady

10 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.linkedin.com/ Name: bcookie
Value: "v=2&8c3c4b2b-7242-4f57-8086-9610c6b0dfbb"
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=3034:u=1:x=1:i=1716448721:t=1716535121:v=2:sig=AQEid9yeBnG8T0ygFOea88W0wZnAzbJq"
.t.co/ Name: muc_ads
Value: c0cd1127-3016-45c3-bcb3-9342d01f0259
.twitter.com/ Name: guest_id_marketing
Value: v1%3A171644872118035919
.twitter.com/ Name: guest_id_ads
Value: v1%3A171644872118035919
.twitter.com/ Name: personalization_id
Value: "v1_3W6kDQ62nSiNPmacWnKhfw=="
.twitter.com/ Name: guest_id
Value: v1%3A171644872118035919
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTY0NDg3MjE7MjswMjFzjEz8K3rlDMtnpIkplKwYsCQdIKYtpLcWNOl/SSm04Q==
.hisayo-ohta.com/ Name: _fbp
Value: fb.1.1716448721459.1963557507

17 Console Messages

Source Level URL
Text
network error URL: https://x.clearbitjs.com/v1/pk_54258638e2140e223e87c6c868ec9a93/forms.js?page_path=%2FC%3A%2FUsers%2FAdministrator%2FDesktop%2FNEW%2520ERA%2FMAILGUNPAGE%25202023%2Fpage%2Findex.html
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tag.clearbitscripts.com/v1/pk_54258638e2140e223e87c6c868ec9a93/tags.js
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com(Line 220)
Message:
Origin trial controlled feature not enabled: 'join-ad-interest-group'.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://hisayo-ohta.com/01252024/mailgun-00-connect/#angelique.kleynhans@sappi.com
Message:
Access to font at 'https://login.mailgun.com/login/static/roboto-v27-latin-regular.woff' from origin 'https://hisayo-ohta.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://login.mailgun.com/login/static/roboto-v27-latin-regular.woff
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
c.6sc.co
cdn.rudderlabs.com
cdnjs.cloudflare.com
centre-hairsalon.com
code.jquery.com
connect.facebook.net
get.sinchemail.com
googleads.g.doubleclick.net
hisayo-ohta.com
ipv6.6sc.co
j.6sc.co
linklock.titanhq.com
login.mailgun.com
oauth052124-mailgun000-82fe84acbf3144fdb106bsaed364b.gunny2024-1.workers.dev
px.ads.linkedin.com
secure.aadcdn.microsoftonline-p.com
snap.licdn.com
stackpath.bootstrapcdn.com
static.ads-twitter.com
t.co
tag.clearbitscripts.com
td.google.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.redditstatic.com
x.clearbitjs.com
login.mailgun.com
td.google.com
x.clearbitjs.com
103.141.96.49
104.17.24.14
104.18.11.207
104.244.42.3
104.244.42.69
142.250.186.130
146.75.120.157
162.43.120.3
172.67.172.72
2.17.147.176
2600:9000:2394:ae00:7:d7d6:3c40:93a1
2600:9000:2447:b800:16:a497:9700:93a1
2606:4700::6812:ad4
2620:1ec:21::14
2620:1ec:46::45
2a00:1450:4001:803::200e
2a00:1450:4001:82f::2008
2a02:26f0:3500:16::215:1490
2a02:26f0:e300::5f64:9219
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::649
2a04:4e42:400::396
3.127.196.46
3.69.98.154
34.160.13.42
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
0447a16b013d19042b42be1a4eaadf522f4dac16ef6867ed8664ec53a80b1500
049da0a4f46184fa1f4992d8b69043a47575650adaa74ed164b1c35d07a4e84a
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
299b761a2d6d256ad49ffcacd2157ae1a21662b4a697a2a34867030febe5d66e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
5ff64f26131ac71b98b1b9e53792dc52829776b067880af130a0c9f1c454fc27
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
789b45eda067d65646ff665c1c2446d75db4c6a2eab5c8dbaaa9162e90691ebd
80bd7b20f15dc6413930798722e85f86c4aaabd66055f73332ed91f44a24acf3
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
94c2930b734d6fbe51744402e21501fabf6aa6fb65b79b0f0160094358bd32f0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae5e30d9456ea22f434ea810b9e50e39dbbb0d4f1e368a1c4f2bcaff51064eaf
b2e3fc362f86c882c8655f7d26cc8dde4c201cd22be17745cbff4357b2b8677d
b34ec5d4d9a445f64bbc44b30cfaff64ed32a6d24e76230dec4576f40fdafa4d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cb1da2f299572bf2acce785fef2ee323c1c39ae079ff8db5c85b6486dd71e0d4
db044c817671941d2a3f2cffc8825f3d749e521807f558a47449d8b085d21551
dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f6b949bf5fa09cc51057ca475494a6b9ccf2af4717086a2db9e8798095fbd
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
f6eb637a9a2a1c431bfab681a01c03c45c4835a1b9c2058eebb76a2be4ca9558
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a