blog.casual.pm Open in urlscan Pro
13.115.92.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://blog.casual.pm/
Effective URL:
https://blog.casual.pm/
Submission: On October 25 via api (October 25th 2022, 9:09:15 am UTC) from US — Scanned from JP

Summary HTTP 46 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 20 domains to perform 46 HTTP transactions. The main IP is 13.115.92.205, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is blog.casual.pm.
TLS certificate: Issued by R3 on August 22nd 2022. Valid for: 3 months.

This is the only time blog.casual.pm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	13.115.92.205 13.115.92.205	16509 (AMAZON-02) (AMAZON-02)
7	13.33.21.65 13.33.21.65	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:81f::200a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:823::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.173.81 13.225.173.81	16509 (AMAZON-02) (AMAZON-02)
1	99.84.142.17 99.84.142.17	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:2142:d800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.53.78.202 52.53.78.202	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:824::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4004:824::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	184.26.254.81 184.26.254.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2600:9000:21b... 2600:9000:21b7:e000:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.114.95.219 3.114.95.219	16509 (AMAZON-02) (AMAZON-02)
5	52.8.161.210 52.8.161.210	16509 (AMAZON-02) (AMAZON-02)
2 2	13.251.228.157 13.251.228.157	16509 (AMAZON-02) (AMAZON-02)
2 2	18.176.247.126 18.176.247.126	16509 (AMAZON-02) (AMAZON-02)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	106.10.236.147 106.10.236.147	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
46	20

2 13.115.92.205 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-92-205.ap-northeast-1.compute.amazonaws.com

blog.casual.pm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.33.21.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-21-65.lax53.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81f::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:823::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.173.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-173-81.nrt57.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.142.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-142-17.nrt57.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2142:d800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.53.78.202 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-53-78-202.us-west-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:813::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.26.254.81 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-26-254-81.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:21b7:e000:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.114.95.219 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-95-219.ap-northeast-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.8.161.210 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-161-210.us-west-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.228.157 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-228-157.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.176.247.126 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-247-126.ap-northeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.10.236.147 (Singapore, Singapore) 1 redirects

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spcms.pbp.vip.sg3.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	sharethis.com 1 redirects platform-api.sharethis.com — Cisco Umbrella Rank: 5048 buttons-config.sharethis.com — Cisco Umbrella Rank: 5931 l.sharethis.com — Cisco Umbrella Rank: 4781 t.sharethis.com — Cisco Umbrella Rank: 6335 platform-cdn.sharethis.com — Cisco Umbrella Rank: 10629 sync.sharethis.com — Cisco Umbrella Rank: 3364	70 KB
7	webflow.com uploads-ssl.webflow.com — Cisco Umbrella Rank: 12072	280 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 344	489 B
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1665	467 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 356	923 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1010	1 KB
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 818	898 B
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1270	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	111 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	gstatic.com fonts.gstatic.com	62 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	96 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 44	7 KB
2	casual.pm 1 redirects blog.casual.pm	4 KB
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 871	827 B
1	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 20613	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	2 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
46	20

	Domain	Requested by
10	platform-cdn.sharethis.com
7	uploads-ssl.webflow.com	blog.casual.pm
5	sync.sharethis.com
3	t.sharethis.com	platform-api.sharethis.com t.sharethis.com
2	idsync.rlcdn.com	2 redirects
2	ml314.com	1 redirects
2	match.adsrvr.org	2 redirects
2	ps.eyeota.net	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	loadus.exelator.com	2 redirects
2	www.facebook.com	blog.casual.pm
2	connect.facebook.net	blog.casual.pm connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	l.sharethis.com	1 redirects blog.casual.pm
2	www.googletagmanager.com	blog.casual.pm
2	blog.casual.pm	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	www.google.co.jp	blog.casual.pm
1	www.google.com	blog.casual.pm
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	blog.casual.pm
1	platform-api.sharethis.com	blog.casual.pm
1	ajax.googleapis.com	blog.casual.pm
46	26

This site contains links to these domains. Also see Links.

Domain
casual.pm
help.casual.pm
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
blog.casual.pm R3	`2022-08-22` - `2022-11-20`	3 months	crt.sh
uploads-ssl.webflow.com Amazon	`2022-08-28` - `2023-09-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sharethis.com Amazon	`2022-06-19` - `2023-07-18`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-03` - `2022-11-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
cert1.a1.atm.aqfer.net R3	`2022-10-20` - `2023-01-18`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://blog.casual.pm/
Frame ID: D351351BD8AF0928E906026ADA5AA01C
Requests: 38 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1074.23347&cid=c010&cls=B
Frame ID: 704C29378C84B731DC00B22BB4B4A333
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1074.23347/a/JP/t_.js?cid=c010&cls=B
Frame ID: 621ABA9CBB930136C35CE0AC3BBC0CA7
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Casual.PM Blog

Page URL History Show full URLs

http://blog.casual.pm/ HTTP 301
https://blog.casual.pm/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

85 %
HTTPS

46 %
IPv6

20
Domains

26
Subdomains

20
IPs

4
Countries

683 kB
Transfer

1466 kB
Size

21
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://casual.pm/
Title: about

Search URL Search Domain Scan URL

URL: https://casual.pm/signup
Title: Try Casual For Free

Search URL Search Domain Scan URL

URL: https://help.casual.pm/
Title: Learn More about Casual

Search URL Search Domain Scan URL

URL: https://www.facebook.com/casual.pm

Search URL Search Domain Scan URL

URL: https://twitter.com/casualpm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://blog.casual.pm/ HTTP 301
https://blog.casual.pm/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://l.sharethis.com/pview?event=pview&hostname=blog.casual.pm&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fblog.casual.pm%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Casual.PM%20Blog&cms=unknown&publisher=607810e128c9e8001a88d7b9&sop=true&version=st_sop.js&lang=en&description=Our%20stories%20are%20about%20project%20management%20and%20teamwork.%20Also%20we%20post%20product%20updates%20for%20Casual.PM%2C%20a%20visual%20and%20simple%20project%20management%20tool. HTTP 301
https://l.sharethis.com/sc?event=pview&hostname=blog.casual.pm&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fblog.casual.pm%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Casual.PM%20Blog&cms=unknown&publisher=607810e128c9e8001a88d7b9&sop=true&version=st_sop.js&lang=en&description=Our%20stories%20are%20about%20project%20management%20and%20teamwork.%20Also%20we%20post%20product%20updates%20for%20Casual.PM%2C%20a%20visual%20and%20simple%20project%20management%20tool.&samesite=None

Request Chain 38

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=67be63a3e12a3c71c4f3fffa3d0bc6e1

Request Chain 39

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHkAC2NXp7YAAAAIZ8OGAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHkAC2NXp7YAAAAIZ8OGAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.sharethis.com/int/lotame?uid=3fe2960be5d9024572a024bca204b03e&gdpr=0&gdpr_consent=

Request Chain 40

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2YM227BP7erl74XuU8rb1w-YCpiNkSkNbp8lD6g7UIsM&gdpr=0&gdpr_consent=

Request Chain 41

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=fe1e9212-221d-405e-8632-614dfe252f6e&gdpr=0&gdpr_consent=

Request Chain 42

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHkAC2NXp7YAAAAIZ8OGAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3630998248814018638 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMDk5ODI0ODgxNDAxODYzOBAAGg0Its_emgYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=c7587824d7f2f1ec858c28b4bf06fe592acf09f7c62a9ecb048998e30f4615a2f4cb09cee1a4f8eb&person_id=3630998248814018638&eid=50082

Request Chain 43

https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
https://sync.sharethis.com/yahoo?uid=y-qpD9XitE2oPfKRiWFxyG5NXtiMPHoegqtS8-~A

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.casual.pm/
Redirect Chain

http://blog.casual.pm/
https://blog.casual.pm/

10 KB
4 KB

46ms
10ms

Document
text/html

13.115.92.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.casual.pm/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.115.92.205 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-92-205.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 866737dbf89f02af852234ebe62d8f2afe943d5e4499708d1f3fafaf4b57622d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 33905
content-encoding: gzip
content-length: 3378
content-type: text/html
date: Tue, 25 Oct 2022 09:09:09 GMT
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 4, 1
x-cluster-name: ap-northeast-1-prod-edge-blue
x-lambda-id: d6d7c953-38e4-4338-91af-67873c1def4e
x-served-by: cache-iad-kcgs7200068-IAD, cache-tyo11928-TYO
x-timer: S1666688950.541267,VS0,VE1

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Tue, 25 Oct 2022 09:09:09 GMT
Location: https://blog.casual.pm/
Server: openresty

GET
H2 200 casual-blog.webflow.d143ead04.min.css
uploads-ssl.webflow.com/5e8879d6acdbb5e72b35e9dc/css/ 47 KB
11 KB 353ms
123ms Stylesheet
text/css 13.33.21.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/5e8879d6acdbb5e72b35e9dc/css/casual-blog.webflow.d143ead04.min.css
Requested by: Host: blog.casual.pm
URL: https://blog.casual.pm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.21.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-21-65.lax53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ec043598babd88dd9e155a542834aef043742b224d8a95b8f83d834369fa525

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:14:44 GMT
content-encoding: gzip
via: 1.1 0391390c8a406ba1a7bd713ed630aaa8.cloudfront.net (CloudFront)
x-amz-version-id: 3IX22oRMJjmXVKZy5Vzu5mI8J1Rr62ln
age: 68066
x-amz-cf-pop: LAX53-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11120
last-modified: Tue, 11 Jan 2022 11:20:05 GMT
server: AmazonS3
etag: "a72bde01cfdbb3f24ecef26c76406944"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ZZBsImtp0RaleQ4I3Hc8gE3bjHfnbyl1f68gO030yu8pq9I5XxPszA==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 48ms
5ms Script
text/javascript 2404:6800:4004:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: blog.casual.pm
URL: https://blog.casual.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 14:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 14:45:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 96ms
54ms Script
application/javascript 2404:6800:4004:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31028033-3

Requested by

Host: blog.casual.pm
URL: https://blog.casual.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

604ae40236839a37ee2d67229a6d84577e21938efc441ffca4c053acb72bdf7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:09:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 25 Oct 2022 09:09:09 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 192 KB
43 KB 24ms
3ms Script
text/javascript 13.225.173.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: blog.casual.pm
URL: https://blog.casual.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.173.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-173-81.nrt57.r.cloudfront.net

Software

Resource Hash

174b53c7c0344f80ea27f8cb3eec4e98c9502c48eb040f5d902176d2fc99bc01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:03:54 GMT
content-encoding: gzip
via: 1.1 632eb0a30868eceed91db73a67cea410.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: NRT57-C4
age: 315
etag: W/"2fe41-B6RUASRBT1G2X6u3Ue+hBuA9DqQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: gDBPvRbXbiteP_1hxDQkglOuBPzJF54vvgtZ-v_u_w7z6C9cFYWhKQ==

GET
H2 200 5e8879d6eaf48754664663a6_social-03.svg
uploads-ssl.webflow.com/5e8879d6acdbb5e72b35e9dc/ 725 B
1 KB 117ms
113ms Image
image/svg+xml 13.33.21.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5e8879d6acdbb5e72b35e9dc/5e8879d6eaf48754664663a6_social-03.svg
Requested by: Host: blog.casual.pm
URL: https://blog.casual.pm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.21.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-21-65.lax53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2aca86bedf0889362f15edabada395be48935bd342df9bf09c2312c8c208816c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:21:02 GMT
x-amz-version-id: 5K_KpsmaoGlx7c_FVMaEupkM4g8pnS5w
via: 1.1 0391390c8a406ba1a7bd713ed630aaa8.cloudfront.net (CloudFront)
last-modified: Sat, 04 Apr 2020 12:13:12 GMT
server: AmazonS3
age: 12134887
x-amz-cf-pop: LAX53-P2
etag: "7df6fefeebc8e7bbcda3f21d69df74ed"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 725
x-amz-cf-id: rLdiVkAnmOUtoRPiMVX92OwgLMxLLPlKCMbkwMh7fgdeoQ9k4rvPCQ==

GET
H2 200 5e8879d6eaf487613e46635f_social-18.svg
uploads-ssl.webflow.com/5e8879d6acdbb5e72b35e9dc/ 1 KB
1 KB 116ms
113ms Image
image/svg+xml 13.33.21.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5e8879d6acdbb5e72b35e9dc/5e8879d6eaf487613e46635f_social-18.svg
Requested by: Host: blog.casual.pm
URL: https://blog.casual.pm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.21.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-21-65.lax53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20f25e7e1943a0660b5ad9a450026fce8bc98f57c6178ebf562e8d423e8201e3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 16:59:55 GMT
content-encoding: gzip
via: 1.1 0391390c8a406ba1a7bd713ed630aaa8.cloudfront.net (CloudFront)
x-amz-version-id: un3OUCUauXN4qytD29qOAIIdhEsSs541
last-modified: Sat, 04 Apr 2020 12:13:12 GMT
server: AmazonS3
age: 11981355
x-amz-cf-pop: LAX53-P2
etag: W/"fdf513e96a881f72284023c5bb47efde"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: PKiKyhNbfNJFOnpOL31N1nMHXAwfoF-fZqHBFzIgYrmuMNremXkqtQ==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 20ms
4ms Script
application/javascript 99.84.142.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5e8879d6acdbb5e72b35e9dc
Requested by: Host: blog.casual.pm
URL: https://blog.casual.pm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.142.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-142-17.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://blog.casual.pm/
Origin: https://blog.casual.pm
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 17:42:23 GMT
content-encoding: gzip
via: 1.1 ec7e029564542f4eb6196ab046d31626.cloudfront.net (CloudFront)
age: 55725
x-amz-cf-pop: NRT57-C3
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: wscL6zgjCBAL7fNCpA6DY3lEjDrhDR6DZ8_THFPs-OY8TabitHwi3A==

GET
H2 200 webflow.e650418f9.js Show response
uploads-ssl.webflow.com/5e8879d6acdbb5e72b35e9dc/js/ 53 KB
18 KB 314ms
159ms Script
text/javascript 13.33.21.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/5e8879d6acdbb5e72b35e9dc/js/webflow.e650418f9.js
Requested by: Host: blog.casual.pm
URL: https://blog.casual.pm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.21.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-21-65.lax53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2306421b392301e9c2af639a7438a058c9e13367e8b151d47ad8feeeda43d3d6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 17:30:53 GMT
content-encoding: gzip
via: 1.1 0391390c8a406ba1a7bd713ed630aaa8.cloudfront.net (CloudFront)
x-amz-version-id: IzH7s6NhcrHJhPaw38qJlhiQ24WvuEsG
age: 56297
x-amz-cf-pop: LAX53-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18117
last-modified: Tue, 11 Jan 2022 11:20:05 GMT
server: AmazonS3
etag: "85c7f761ee7345ec7556218dfd22fb1b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 4y2EidD6Yiz23rFHQlMj40mcvUAExyOoZ4cb_rpiFHRgpPxPOwzKCQ==

GET
H2 200 css
fonts.googleapis.com/ 28 KB
1 KB 89ms
44ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4cbff064f2433da9faabb19d323686578f36896857d3f01f0f8fbcdea7873a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 09:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 09:06:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 09:09:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
53 KB 78ms
55ms Script
application/javascript 2404:6800:4004:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5NZMLX

Requested by

Host: blog.casual.pm
URL: https://blog.casual.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71cd16a2fdd5a3aeb08a2b70c9a95704e205f812f54b683a7734e4c5f0429f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:09:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 54314
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 25 Oct 2022 09:09:09 GMT

GET
H2 200 60140feee1bb43fbf2203c5d_8%20Critical%20Elements%20Of%20Successful%20Project%20Planning-p-1080.jpeg
uploads-ssl.webflow.com/5e8879d6eaf4878b50466352/ 104 KB
105 KB 125ms
125ms Image
image/jpeg 13.33.21.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5e8879d6eaf4878b50466352/60140feee1bb43fbf2203c5d_8%20Critical%20Elements%20Of%20Successful%20Project%20Planning-p-1080.jpeg
Requested by: Host: blog.casual.pm
URL: https://blog.casual.pm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.21.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-21-65.lax53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17596a3beda06f006fdd9ad845a5397af24e25682e24dd0c7ccfc0c74d9dc65e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 10:27:58 GMT
x-amz-version-id: uGZ.yhwJ5KvGJdJtSm5BU6zxDCyCRDgW
via: 1.1 0391390c8a406ba1a7bd713ed630aaa8.cloudfront.net (CloudFront)
age: 3105673
x-amz-cf-pop: LAX53-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 106837
last-modified: Fri, 29 Jan 2021 13:39:01 GMT
server: AmazonS3
etag: "6933bb5276a13763e441ec32b0f510a5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: AhdWbqlqCwNjzewotS-2FtCvPi8OgoJcMkTPjwaE3zLt5izTahHqcQ==

GET
H2 200 5fe60092c0be2432ba6b98b2_7%20Best%20Project%20Planning%20Tools-p-1080.jpeg
uploads-ssl.webflow.com/5e8879d6eaf4878b50466352/ 68 KB
68 KB 535ms
534ms Image
image/jpeg 13.33.21.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5e8879d6eaf4878b50466352/5fe60092c0be2432ba6b98b2_7%20Best%20Project%20Planning%20Tools-p-1080.jpeg
Requested by: Host: blog.casual.pm
URL: https://blog.casual.pm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.21.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-21-65.lax53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04f54d8c7e89dcfeb393ae9ac77da46a1cebc542985dd5a8998533987041dd2f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:09:11 GMT
x-amz-version-id: L8rqguvXGhk.eUV87OFt8ZYU5VdDlLHy
via: 1.1 0391390c8a406ba1a7bd713ed630aaa8.cloudfront.net (CloudFront)
last-modified: Fri, 25 Dec 2020 15:09:15 GMT
server: AmazonS3
x-amz-cf-pop: LAX53-P2
etag: "f7f69fd5f6b7d58fd6779f0c15d819ac"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 69206
x-amz-cf-id: DDzFQ-cH7DgO9ZLB3DklxfQm5yMPM7ja1M7h2TnvC-mu---SnMzwXA==

GET
H2 200 5f4ceb14d6e1ac9f87f99d1d_Employee%20Onboarding%20101%20A%20Step-by-Step%20Guide%20to%20Employee%20Onboarding%20Process-p-1080.jpeg
uploads-ssl.webflow.com/5e8879d6eaf4878b50466352/ 75 KB
75 KB 481ms
480ms Image
image/jpeg 13.33.21.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5e8879d6eaf4878b50466352/5f4ceb14d6e1ac9f87f99d1d_Employee%20Onboarding%20101%20A%20Step-by-Step%20Guide%20to%20Employee%20Onboarding%20Process-p-1080.jpeg
Requested by: Host: blog.casual.pm
URL: https://blog.casual.pm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.21.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-21-65.lax53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22f626baeb52f93a6e8808cb240d040a95a6d61c1d75bbd74f19c84ad176f0b0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:09:11 GMT
x-amz-version-id: JwAyyTGDNSoNxNh.JkdCrr925s4Haw6Q
via: 1.1 0391390c8a406ba1a7bd713ed630aaa8.cloudfront.net (CloudFront)
last-modified: Mon, 31 Aug 2020 12:20:45 GMT
server: AmazonS3
x-amz-cf-pop: LAX53-P2
etag: "8dd43c3f22a2f03664b1975ca528f4bf"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 76665
x-amz-cf-id: FWzUfOyt7Mm_JXZ_zyqyzqbgmuyunuaOy_BTQRloZTYDJSkCAKt9pA==

GET
H2 200 607810e128c9e8001a88d7b9.js Show response
buttons-config.sharethis.com/js/ 575 B
1019 B 670ms
617ms Script
text/javascript 2600:9000:2142:d800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/607810e128c9e8001a88d7b9.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2142:d800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c31ef1ac2d947ae5a87870537c198ca854b80dcb92df106d888aaf3c3292aa1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:09:11 GMT
via: 1.1 e547c32d3950bb9fc00d08713c96bea4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 15 Apr 2021 10:17:47 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C3
x-amz-server-side-encryption: AES256
etag: "3abc158ec4e6ff61437b3296f8d941b1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 575
x-amz-cf-id: 4ZuA0ektj94CTYsbedHAtRJ5paU3c51QBJc6AZhOnBGDWAwBdo7tvg==

GET
H/1.1

200
OK

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&hostname=blog.casual.pm&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fblog.casual.pm%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segme...
https://l.sharethis.com/sc?event=pview&hostname=blog.casual.pm&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fblog.casual.pm%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmenti...

160 B
680 B

119ms
119ms

XHR
text/plain

52.53.78.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/sc?event=pview&hostname=blog.casual.pm&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fblog.casual.pm%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Casual.PM%20Blog&cms=unknown&publisher=607810e128c9e8001a88d7b9&sop=true&version=st_sop.js&lang=en&description=Our%20stories%20are%20about%20project%20management%20and%20teamwork.%20Also%20we%20post%20product%20updates%20for%20Casual.PM%2C%20a%20visual%20and%20simple%20project%20management%20tool.&samesite=None

Requested by

Host: blog.casual.pm
URL: https://blog.casual.pm/

Protocol

HTTP/1.1

Server

52.53.78.202 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-53-78-202.us-west-1.compute.amazonaws.com

Software

Resource Hash

289103061d51c90517048db320bd609fee7c64f3e028764fb59c60efb27c083d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 09:09:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://blog.casual.pm
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Stid: ZHkAC2NXp7YAAAAIZ8OGAw==
Access-Control-Allow-Headers: *
Content-Length: 160
X-Robots-Tag: noindex, nofollow

Redirect headers

Date: Tue, 25 Oct 2022 09:09:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://blog.casual.pm
Location: /sc?event=pview&hostname=blog.casual.pm&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fblog.casual.pm%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Casual.PM%20Blog&cms=unknown&publisher=607810e128c9e8001a88d7b9&sop=true&version=st_sop.js&lang=en&description=Our%20stories%20are%20about%20project%20management%20and%20teamwork.%20Also%20we%20post%20product%20updates%20for%20Casual.PM%2C%20a%20visual%20and%20simple%20project%20management%20tool.&samesite=None
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Stid: ZHkAC2NXp7YAAAAIZ8OGAw==
Access-Control-Allow-Headers: *
Content-Length: 599
X-Robots-Tag: noindex, nofollow

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 89ms
21ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.casual.pm
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 14:54:06 GMT
x-content-type-options: nosniff
age: 497704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 14:54:06 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 31 KB
32 KB 77ms
11ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.casual.pm
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:57:11 GMT
x-content-type-options: nosniff
age: 141119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31760
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Oct 2023 17:57:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
10ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31028033-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 07:38:52 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5418
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 25 Oct 2022 09:38:52 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963269399/ 2 KB
2 KB 106ms
50ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963269399/?random=1666688950050&cv=11&fst=1666688950050&bg=ffffff&guid=ON&async=1&gtm=2wgaj0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fblog.casual.pm%2F&tiba=Casual.PM%20Blog&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NZMLX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fafbeab5e9bf5ab757daaa6574a5ab891b995e5f8d03d9b9699baff06fe5425b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 09:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 932
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 28ms
9ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blog.casual.pm
URL: https://blog.casual.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Oct 2022 09:09:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27027
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: lORhCl4xZM5u2qxBnLWG33cX3doDrRh62xRrL8KhCs9ns2zc3pz2JnWzbaeLRVrzABLvAj9b2QU+32sS4IFW7Q==
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1632455780417577 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 169ms
168ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1632455780417577?v=2.9.87&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

464c466a8a95ca801fd593b0af41c16d8a250c0a892566906ac9355dcbc449a7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Oct 2022 09:09:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: HSDJBncwRKKybyhksRbanFE+inAtYUhyr1tBQtPlfLkb3KybVmfk1R4H5gGmXrzoO4j029UqY8C3FB68PYRWBQ==
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 82ms
39ms XHR
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1112977732&t=pageview&_s=1&dl=https%3A%2F%2Fblog.casual.pm%2F&ul=en-us&de=UTF-8&dt=Casual.PM%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1964212278&gjid=320363849&cid=1086312020.1666688950&tid=UA-31028033-3&_gid=553601456.1666688950&_r=1&gtm=2ouaj0&z=892225400

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.casual.pm/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 09:09:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.casual.pm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/963269399/ 42 B
548 B 98ms
44ms Image
image/gif 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963269399/?random=1666688950050&cv=11&fst=1666688400000&bg=ffffff&guid=ON&async=1&gtm=2wgaj0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fblog.casual.pm%2F&tiba=Casual.PM%20Blog&fmt=3&is_vtc=1&random=1460122386&rmt_tld=0&ipr=y

Requested by

Host: blog.casual.pm
URL: https://blog.casual.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 09:09:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.jp/pagead/1p-user-list/963269399/ 42 B
548 B 94ms
41ms Image
image/gif 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/963269399/?random=1666688950050&cv=11&fst=1666688400000&bg=ffffff&guid=ON&async=1&gtm=2wgaj0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fblog.casual.pm%2F&tiba=Casual.PM%20Blog&fmt=3&is_vtc=1&random=1460122386&rmt_tld=1&ipr=y

Requested by

Host: blog.casual.pm
URL: https://blog.casual.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 09:09:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 34ms
6ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1632455780417577&ev=PageView&dl=https%3A%2F%2Fblog.casual.pm%2F&rl=&if=false&ts=1666688950448&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666688950445.1971932474&it=1666688950094&coo=false&rqm=GET

Requested by

Host: blog.casual.pm
URL: https://blog.casual.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Oct 2022 09:09:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 50ms
7ms Script
application/javascript 184.26.254.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=blog.casual.pm&rnd=1666688950580

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.26.254.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-26-254-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

4da7aa66a270c83393eea8e9e0e485fe9dd24024a9f3848cecdd424dda9b36d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 09:09:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1363
Expires: Tue, 25 Oct 2022 10:09:10 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 704C 2 KB
1 KB 5ms
4ms Document
text/html 184.26.254.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1074.23347&cid=c010&cls=B

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=blog.casual.pm&rnd=1666688950580

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.26.254.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-26-254-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://blog.casual.pm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 25 Oct 2022 09:09:10 GMT
Expires: Tue, 01 Nov 2022 09:09:10 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1074.23347/a/JP/ Frame 621A 22 KB
9 KB 15ms
15ms Script
text/javascript 184.26.254.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1074.23347/a/JP/t_.js?cid=c010&cls=B

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1074.23347&cid=c010&cls=B

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.26.254.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-26-254-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

98ccabac9c43d8bb63f6895383b4f08752c097202daf1e5b92821575eb14154b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1074.23347&cid=c010&cls=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 09:09:10 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 9335
Expires: Tue, 01 Nov 2022 09:09:10 GMT

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
744 B 78ms
3ms Image
image/svg+xml 2600:9000:21b7:e000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b7:e000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 07:10:44 GMT
via: 1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: NRT57-C4
age: 1735107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: sQaI_TJ6kY_-oa88sUyKAP83P3wlgKzWd6oc0E5h4JYLC5XGRME4SA==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 78ms
3ms Image
image/svg+xml 2600:9000:21b7:e000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b7:e000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 17:23:35 GMT
via: 1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: NRT57-C4
age: 2130336
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 731
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "0af2fb38987598376c99e21af17ade45"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: ys8uwqcdcRrQnXRl9n44nis1gSahENDZhNr-o9wsiptFUROVJ6A3_w==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 79ms
4ms Image
image/svg+xml 2600:9000:21b7:e000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/pinterest.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b7:e000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 23:42:04 GMT
via: 1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: NRT57-C4
age: 2280427
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 771
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "2b10a062e719c64b686e2e8fcdc216dc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: tjc9NjNz6e_8tPa99K6oK5jTSrLoi6nZUM3JazwQ-0BbzTt6E3LTHQ==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
957 B 79ms
4ms Image
image/svg+xml 2600:9000:21b7:e000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sharethis.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b7:e000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 17:29:06 GMT
via: 1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: NRT57-C4
age: 2043605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 514
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "deecdaa377907db5cc1722fc831670a1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: lBU0LzTxwqtqfdrA37kh6g6O_MCgZjNWkjybjO09wihDumTwRzF2gw==

GET
H2 200 linkedin.svg
platform-cdn.sharethis.com/img/ 456 B
899 B 79ms
5ms Image
image/svg+xml 2600:9000:21b7:e000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/linkedin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b7:e000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:10:51 GMT
via: 1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: NRT57-C4
age: 1151900
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 456
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "fa43b4ede18498b114fc7185993f6da7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: foDXL_P6HmlFepbUg9TCTTYrfkAIsdg2G9QM2w3Bh47w-WVi-KxvUg==

GET
H2 200 reddit.svg
platform-cdn.sharethis.com/img/ 910 B
1 KB 79ms
5ms Image
image/svg+xml 2600:9000:21b7:e000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/reddit.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b7:e000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 13:25:35 GMT
via: 1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: NRT57-C4
age: 1626216
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 910
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "78d796ca648d8a5e665b48ed0217c56a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 2nujMCINJvB7NEaTB6QdtyGmbmxCzUp99rrUQn65qhNZ4RRzb7znDg==

GET
H2 200 pocket.svg
platform-cdn.sharethis.com/img/ 1 KB
1 KB 7ms
5ms Image
image/svg+xml 2600:9000:21b7:e000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/pocket.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b7:e000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

91b46344b07b21705a4e6292d8f457efbe1191faea34647efd679eb298213d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:42:10 GMT
content-encoding: gzip
via: 1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C4
age: 1301221
etag: W/"9f86a059c84f31f01a79c393cc5ee166"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: AL-LhQc7raV_MN044e1zm3E28jepkAqbNlCPAhqNqrBHBtztLq4q7w==

GET
H2 200 flipboard.svg
platform-cdn.sharethis.com/img/ 685 B
1 KB 7ms
6ms Image
image/svg+xml 2600:9000:21b7:e000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/flipboard.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b7:e000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f16c647500bbb475fe82d4287ccfca4d5a2f7ce8b40d6a768dca2f407ac5960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 13:43:05 GMT
via: 1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C4
age: 761166
etag: "6dd768f3333d2936881d1498f2d27237"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 685
x-amz-cf-id: F4nVEbtsr8m9u3gN8ygJtOefXyJ4xxIZuQYxQSzXxLR0f77LAOTwtQ==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
1008 B 5ms
4ms Image
image/svg+xml 2600:9000:21b7:e000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_left.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b7:e000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:27:04 GMT
via: 1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: NRT57-C4
age: 1845727
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 565
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "b55d8d2b9321e381a3c38a4bddb74037"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 1qNr8qa773DmspvoUe8zAhUzvkxxK3mjAN_e7SQht8QT-PwQ9jXIRg==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
1007 B 5ms
5ms Image
image/svg+xml 2600:9000:21b7:e000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_right.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b7:e000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:20:54 GMT
via: 1.1 1eaa44d3cb0c85af04bf84d0f0c5256e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: NRT57-C4
age: 143315
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 565
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "9928d025bd5792b718ee0a185f62e67c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: IL1EdhjO23OJOP2Rjd8e1iIvO7J53zfcj6x6w8MuW-onv20VSUDAXw==

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame 621A
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=67be63a3e12a3c71c4f3fffa3d0bc6e1

42 B
297 B

291ms
112ms

Image
image/gif

52.8.161.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=67be63a3e12a3c71c4f3fffa3d0bc6e1

Protocol

HTTP/1.1

Server

52.8.161.210 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-161-210.us-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 09:09:11 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHkAC2NXp7YAAAAIZ8OGAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

date: Tue, 25 Oct 2022 09:09:11 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=67be63a3e12a3c71c4f3fffa3d0bc6e1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

lotame
sync.sharethis.com/int/ Frame 621A
Redirect Chain

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHkAC2NXp7YAAAAIZ8OGAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHkAC2NXp7YAAAAIZ8OGAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_...
https://sync.sharethis.com/int/lotame?uid=3fe2960be5d9024572a024bca204b03e&gdpr=0&gdpr_consent=

42 B
297 B

303ms
113ms

Image
image/gif

52.8.161.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/int/lotame?uid=3fe2960be5d9024572a024bca204b03e&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.8.161.210 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-161-210.us-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 09:09:11 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHkAC2NXp7YAAAAIZ8OGAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 09:09:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.sharethis.com/int/lotame?uid=3fe2960be5d9024572a024bca204b03e&gdpr=0&gdpr_consent=
cache-control: no-cache
x-server: 10.42.25.106
content-length: 0
expires: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 621A
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2YM227BP7erl74XuU8rb1w-YCpiNkSkNbp8lD6g7UIsM&gdpr=0&gdpr_consent=

42 B
297 B

445ms
110ms

Image
image/gif

52.8.161.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2YM227BP7erl74XuU8rb1w-YCpiNkSkNbp8lD6g7UIsM&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.8.161.210 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-161-210.us-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 09:09:11 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHkAC2NXp7YAAAAIZ8OGAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2YM227BP7erl74XuU8rb1w-YCpiNkSkNbp8lD6g7UIsM&gdpr=0&gdpr_consent=
Date: Tue, 25 Oct 2022 09:09:10 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 621A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=fe1e9212-221d-405e-8632-614dfe252f6e&gdpr=0&gdpr_consent=

42 B
297 B

454ms
113ms

Image
image/gif

52.8.161.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=fe1e9212-221d-405e-8632-614dfe252f6e&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.8.161.210 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-161-210.us-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 09:09:11 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHkAC2NXp7YAAAAIZ8OGAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 09:09:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=fe1e9212-221d-405e-8632-614dfe252f6e&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 215

GET
H3

200

csync.ashx
ml314.com/ Frame 621A
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHkAC2NXp7YAAAAIZ8OGAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3630998248814018638
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMDk5ODI0ODgxNDAxODYzOBAAGg0Its_emgYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=c7587824d7f2f1ec858c28b4bf06fe592acf09f7c62a9ecb048998e30f4615a2f4cb09cee1a4f8eb&person_id=3630998248814018638&eid=50082

43 B
60 B

45ms
36ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=c7587824d7f2f1ec858c28b4bf06fe592acf09f7c62a9ecb048998e30f4615a2f4cb09cee1a4f8eb&person_id=3630998248814018638&eid=50082
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 09:09:10 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Wed, 26 Oct 2022 05:09:11 GMT

Redirect headers

date: Tue, 25 Oct 2022 09:09:11 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=c7587824d7f2f1ec858c28b4bf06fe592acf09f7c62a9ecb048998e30f4615a2f4cb09cee1a4f8eb&person_id=3630998248814018638&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

yahoo
sync.sharethis.com/ Frame 621A
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent=
https://sync.sharethis.com/yahoo?uid=y-qpD9XitE2oPfKRiWFxyG5NXtiMPHoegqtS8-~A

42 B
297 B

383ms
111ms

Image
image/gif

52.8.161.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/yahoo?uid=y-qpD9XitE2oPfKRiWFxyG5NXtiMPHoegqtS8-~A

Protocol

HTTP/1.1

Server

52.8.161.210 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-161-210.us-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 09:09:11 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHkAC2NXp7YAAAAIZ8OGAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

date: Tue, 25 Oct 2022 09:09:10 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0104.pbp.sg3.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://sync.sharethis.com/yahoo?uid=y-qpD9XitE2oPfKRiWFxyG5NXtiMPHoegqtS8-~A
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 13ms
4ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1632455780417577&ev=Microdata&dl=https%3A%2F%2Fblog.casual.pm%2F&rl=&if=false&ts=1666688950956&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Casual.PM%20Blog%22%2C%22meta%3Adescription%22%3A%22Our%20stories%20are%20about%20project%20management%20and%20teamwork.%20Also%20we%20post%20product%20updates%20for%20Casual.PM%2C%20a%20visual%20and%20simple%20project%20management%20tool.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Casual.PM%20Blog%22%2C%22og%3Adescription%22%3A%22Our%20stories%20are%20about%20project%20management%20and%20teamwork.%20Also%20we%20post%20product%20updates%20for%20Casual.PM%2C%20a%20visual%20and%20simple%20project%20management%20tool.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs.casual.pm%2Fblog%2Fcasual%2520logo.png%22%2C%22twitter%3Atitle%22%3A%22Casual.PM%20Blog%22%2C%22twitter%3Adescription%22%3A%22Our%20stories%20are%20about%20project%20management%20and%20teamwork.%20Also%20we%20post%20product%20updates%20for%20Casual.PM%2C%20a%20visual%20and%20simple%20project%20management%20tool.%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fs.casual.pm%2Fblog%2Fcasual%2520logo.png%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.87&r=stable&ec=1&o=30&fbp=fb.1.1666688950445.1971932474&it=1666688950094&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.casual.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Oct 2022 09:09:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casual.pm/	1970-01-20 16:34:08	Name: _ga Value: GA1.2.1086312020.1666688950
.casual.pm/	1970-01-20 06:59:35	Name: _gid Value: GA1.2.553601456.1666688950
.casual.pm/	1970-01-20 06:58:09	Name: _gat_gtag_UA_31028033_3 Value: 1
.doubleclick.net/	1970-01-20 06:58:09	Name: test_cookie Value: CheckForPermission
.casual.pm/	1970-01-20 09:07:44	Name: _fbp Value: fb.1.1666688950445.1971932474
.sharethis.com/	1970-01-20 15:43:44	Name: __stid Value: ZHkAC2NXp7YAAAAIZ8OGAw==
.sharethis.com/	1970-01-20 15:43:44	Name: __stidv Value: 2
.casual.pm/	1970-01-20 15:43:44	Name: fpestid Value: A2-xNWG_4Dosmp8QBo6b38vjJulUwVNHoRKDXhneFZI88KfbYIep7o9x6EYI-2dSQ08YKQ
.t.sharethis.com/	1970-01-20 07:41:20	Name: pxcelPage_default_c010_B Value: 0_6_1666688950724
.adsrvr.org/	1970-01-20 15:43:44	Name: TDID Value: fe1e9212-221d-405e-8632-614dfe252f6e
.adsrvr.org/	1970-01-20 15:43:44	Name: TDCPM Value: CAEYBSABKAIyCwi4odf26ZybOxAFOAE.
.eyeota.net/	1970-01-20 15:43:44	Name: mako_uid Value: 1840e6721f7-356e0000010e5352
.eyeota.net/	1970-01-20 06:58:09	Name: SERVERID Value: 21330~DM
.ml314.com/	1970-01-20 15:43:44	Name: pi Value: 3630998248814018638
.yahoo.com/	1970-01-20 15:44:06	Name: A3 Value: d=AQABBLanV2MCEHYADH6UzuTwecfP5PXrW1oFEgEBAQH5WGNhYwAAAAAA_eMAAA&S=AQAAAuiomTuZ9-T56kjMhQSFWZY
.exelator.com/	1970-01-20 09:50:56	Name: EE Value: "67be63a3e12a3c71c4f3fffa3d0bc6e1"
.exelator.com/	1970-01-20 09:50:56	Name: ud Value: "eJxrXxzq6XKLQcHMPCnVzDjRONXQKNE42dww2STNOC0tLdE4xSAp2SzVcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAbEl%252BUWb6Iq%252BAxUUpaQyLSopPBR9iNwEA2kUqVQ%253D%253D"
.crwdcntrl.net/	1970-01-20 13:26:56	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 13:26:56	Name: _cc_id Value: 3fe2960be5d9024572a024bca204b03e
.rlcdn.com/	1970-01-20 15:43:44	Name: rlas3 Value: 7qmmfNF6O0V0ASfnvF7OmrV5fgYf979xOkAbEHFrxXM=
.rlcdn.com/	1970-01-20 08:24:32	Name: pxrc Value: CLfP3poGEgUI6AcQABIFCNtOEAA=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bcp.crwdcntrl.net
blog.casual.pm
buttons-config.sharethis.com
cms.analytics.yahoo.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idsync.rlcdn.com
l.sharethis.com
loadus.exelator.com
match.adsrvr.org
ml314.com
platform-api.sharethis.com
platform-cdn.sharethis.com
ps.eyeota.net
sync.sharethis.com
t.sharethis.com
uploads-ssl.webflow.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
106.10.236.147
13.115.92.205
13.225.173.81
13.251.228.157
13.33.21.65
18.176.247.126
184.26.254.81
2404:6800:4004:813::2003
2404:6800:4004:81f::200a
2404:6800:4004:820::2002
2404:6800:4004:823::2008
2404:6800:4004:823::200a
2404:6800:4004:824::2003
2404:6800:4004:824::2004
2404:6800:4004:825::200e
2600:9000:2142:d800:c:abe:f440:93a1
2600:9000:21b7:e000:1d:85c3:6640:93a1
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
3.114.95.219
34.111.234.236
35.190.60.146
35.71.131.137
52.53.78.202
52.8.161.210
99.84.142.17
04f54d8c7e89dcfeb393ae9ac77da46a1cebc542985dd5a8998533987041dd2f
174b53c7c0344f80ea27f8cb3eec4e98c9502c48eb040f5d902176d2fc99bc01
17596a3beda06f006fdd9ad845a5397af24e25682e24dd0c7ccfc0c74d9dc65e
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
20f25e7e1943a0660b5ad9a450026fce8bc98f57c6178ebf562e8d423e8201e3
22f626baeb52f93a6e8808cb240d040a95a6d61c1d75bbd74f19c84ad176f0b0
2306421b392301e9c2af639a7438a058c9e13367e8b151d47ad8feeeda43d3d6
289103061d51c90517048db320bd609fee7c64f3e028764fb59c60efb27c083d
2aca86bedf0889362f15edabada395be48935bd342df9bf09c2312c8c208816c
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
464c466a8a95ca801fd593b0af41c16d8a250c0a892566906ac9355dcbc449a7
4da7aa66a270c83393eea8e9e0e485fe9dd24024a9f3848cecdd424dda9b36d2
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5f16c647500bbb475fe82d4287ccfca4d5a2f7ce8b40d6a768dca2f407ac5960
604ae40236839a37ee2d67229a6d84577e21938efc441ffca4c053acb72bdf7c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71cd16a2fdd5a3aeb08a2b70c9a95704e205f812f54b683a7734e4c5f0429f49
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7ec043598babd88dd9e155a542834aef043742b224d8a95b8f83d834369fa525
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
866737dbf89f02af852234ebe62d8f2afe943d5e4499708d1f3fafaf4b57622d
91b46344b07b21705a4e6292d8f457efbe1191faea34647efd679eb298213d59
98ccabac9c43d8bb63f6895383b4f08752c097202daf1e5b92821575eb14154b
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c31ef1ac2d947ae5a87870537c198ca854b80dcb92df106d888aaf3c3292aa1e
c4cbff064f2433da9faabb19d323686578f36896857d3f01f0f8fbcdea7873a6
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
fafbeab5e9bf5ab757daaa6574a5ab891b995e5f8d03d9b9699baff06fe5425b

blog.casual.pm Open in urlscan Pro 13.115.92.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

85 %HTTPS

46 %IPv6

20 Domains

26 Subdomains

20 IPs

4 Countries

683 kBTransfer

1466 kBSize

21 Cookies

5 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.casual.pm Open in urlscan Pro
13.115.92.205 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

85 %
HTTPS

46 %
IPv6

20
Domains

26
Subdomains

20
IPs

4
Countries

683 kB
Transfer

1466 kB
Size

21
Cookies

46 HTTP transactions
0 data transactions