URL: https://blog.store.correo.airflowapp.com/
Submission Tags: @phishunt_io
Submission: On September 07 via api from DE

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 31 HTTP transactions. The main IP is 95.217.36.249, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is blog.store.correo.airflowapp.com.
TLS certificate: Issued by R3 on September 7th 2021. Valid for: 3 months.
This is the only time blog.store.correo.airflowapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 95.217.36.249 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
31 5
Domain Requested by
23 blog.store.correo.airflowapp.com blog.store.correo.airflowapp.com
3 cdn.paddle.com blog.store.correo.airflowapp.com
cdn.paddle.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com blog.store.correo.airflowapp.com
1 checkout.paddle.com cdn.paddle.com
31 5

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
license.airflow.app
Subject Issuer Validity Valid
blog.store.correo.airflowapp.com
R3
2021-09-07 -
2021-12-06
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-08-16 -
2021-11-08
3 months crt.sh
*.paddle.com
Sectigo RSA Domain Validation Secure Server CA
2019-07-30 -
2021-10-27
2 years crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-16 -
2021-11-08
3 months crt.sh

This page contains 1 frames:

Primary Page: https://blog.store.correo.airflowapp.com/
Frame ID: 036091CB4B155E496B115F77019D63D1
Requests: 37 HTTP requests in this frame

Screenshot

Page Title

Airflow

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

31
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

359 kB
Transfer

663 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
blog.store.correo.airflowapp.com/
14 KB
5 KB
Document
General
Full URL
https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
8dc3196bdf6a6c6e7fb4399ce83934b27faf4eaaf208569617f1c6c69353ff60

Request headers

:method
GET
:authority
blog.store.correo.airflowapp.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Sep 2021 23:05:32 GMT
content-type
text/html
content-length
4610
last-modified
Thu, 08 Oct 2020 15:01:57 GMT
etag
"3805-5b12a1d028340-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
style.css
blog.store.correo.airflowapp.com/
18 KB
4 KB
Stylesheet
General
Full URL
https://blog.store.correo.airflowapp.com/style.css
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
55b94786d8e4074a1332ede723581b9e01a6b50e7f47ddc691ea43a8c80c5ba6

Request headers

:path
/style.css
pragma
no-cache
origin
https://blog.store.correo.airflowapp.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://blog.store.correo.airflowapp.com
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 15:01:58 GMT
server
openresty
etag
"494f-5b12a1d11c580-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3869
css2
fonts.googleapis.com/
22 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;1,200;1,300;1,400;1,600;1,800&display=swap
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63cc54f5e327d5185696a59b95828cb880ff62b6327726165ce2ca57934b29d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 23:05:32 GMT
server
ESF
date
Tue, 07 Sep 2021 23:05:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Sep 2021 23:05:32 GMT
css2
fonts.googleapis.com/
13 KB
711 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,200;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a8d64a07b61739bde9d535bcc79316188cd938d616d423fe432065e9809ec49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 23:05:32 GMT
server
ESF
date
Tue, 07 Sep 2021 23:05:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Sep 2021 23:05:32 GMT
icon.svg
blog.store.correo.airflowapp.com/images/
3 KB
1 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/icon.svg
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
a6acd0d85347f4efcbbdd9747bbfb605eeae29cdc33e955bcb384feb537aeee3

Request headers

:path
/images/icon.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 17:25:26 GMT
server
openresty
etag
W/"d2f-5ac24a84d6d80"
vary
Accept-Encoding
content-type
image/svg+xml
chromecast.svg
blog.store.correo.airflowapp.com/images/
5 KB
2 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/chromecast.svg
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
f89bb390948c0e19f7a79a7819576b1c7e5ac676ba3909da48a23602290485d3

Request headers

:path
/images/chromecast.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 17:25:26 GMT
server
openresty
etag
W/"15df-5ac24a84d6d80"
vary
Accept-Encoding
content-type
image/svg+xml
air-play.svg
blog.store.correo.airflowapp.com/images/
15 KB
6 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/air-play.svg
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
449a2c2687fd26ee8336c50a0a8b0ba145d53e19f8d79a70e3b8b7d881d0381e

Request headers

:path
/images/air-play.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 17:25:26 GMT
server
openresty
etag
W/"3c95-5ac24a84d6d80"
vary
Accept-Encoding
content-type
image/svg+xml
screenshot.png
blog.store.correo.airflowapp.com/images/
23 KB
23 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/screenshot.png
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
e664a8e9b05051251f5984c0eae4c4552a54dd2f3d256012bcee1687ddc28588

Request headers

:path
/images/screenshot.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
last-modified
Wed, 15 Jul 2020 11:26:08 GMT
server
openresty
accept-ranges
bytes
etag
"5aa3-5aa7930ad9400"
content-length
23203
content-type
image/png
pipeline.svg
blog.store.correo.airflowapp.com/images/
4 KB
1 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/pipeline.svg
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
b56512fe7f08808aa71c562dcd4d9bf4b19fa19bc5be09131616c22e47dd5fe7

Request headers

:path
/images/pipeline.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 17:25:26 GMT
server
openresty
etag
W/"109b-5ac24a84d6d80"
vary
Accept-Encoding
content-type
image/svg+xml
device.png
blog.store.correo.airflowapp.com/images/
4 KB
4 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/device.png
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
36cc4b682fd962d7bb873d86befbd50840422d87b0a4d3bd47e2202149170f3d

Request headers

:path
/images/device.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
last-modified
Wed, 15 Jul 2020 12:22:30 GMT
server
openresty
accept-ranges
bytes
etag
"fbc-5aa79fa42cd80"
content-length
4028
content-type
image/png
settings.png
blog.store.correo.airflowapp.com/images/
22 KB
22 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/settings.png
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
50e88442d82db93121eda7f86b7dc76882298b0d80c797ade327cbd53dc8190b

Request headers

:path
/images/settings.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
last-modified
Wed, 15 Jul 2020 12:22:30 GMT
server
openresty
accept-ranges
bytes
etag
"5907-5aa79fa42cd80"
content-length
22791
content-type
image/png
audio-delay.png
blog.store.correo.airflowapp.com/images/
9 KB
10 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/audio-delay.png
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
7972038e82a0b4c64ce4eb739c3b11ebc2b8d8c8e85afc5203a95a65faa54743

Request headers

:path
/images/audio-delay.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
last-modified
Wed, 15 Jul 2020 12:24:58 GMT
server
openresty
accept-ranges
bytes
etag
"259f-5aa7a03151a80"
content-length
9631
content-type
image/png
subtitle-menu.png
blog.store.correo.airflowapp.com/images/
8 KB
8 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/subtitle-menu.png
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
7631d5504f249da38759f959a63c9b452086eb646af1a52246f6b4d3546d1d74

Request headers

:path
/images/subtitle-menu.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
last-modified
Wed, 15 Jul 2020 15:19:33 GMT
server
openresty
accept-ranges
bytes
etag
"2025-5aa7c7370eb40"
content-length
8229
content-type
image/png
sub-search.png
blog.store.correo.airflowapp.com/images/
13 KB
13 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/sub-search.png
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
03b8b73100608c0fdc195de2e46d48aed238328739a24226e5f5adba950b1bc4

Request headers

:path
/images/sub-search.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
last-modified
Wed, 15 Jul 2020 12:54:00 GMT
server
openresty
accept-ranges
bytes
etag
"34d2-5aa7a6ae9ea00"
content-length
13522
content-type
image/png
vobsub.png
blog.store.correo.airflowapp.com/images/
3 KB
4 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/vobsub.png
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
fec9bcd6bac6d25724dfdc2d7138874cfa4b7b5119e90dff4f0329c373c66f88

Request headers

:path
/images/vobsub.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
last-modified
Wed, 15 Jul 2020 15:30:56 GMT
server
openresty
accept-ranges
bytes
etag
"df0-5aa7c9c26ac00"
content-length
3568
content-type
image/png
down-arrow.svg
blog.store.correo.airflowapp.com/images/
1 KB
880 B
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/down-arrow.svg
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
8c8aee8891a3d93a2f3b19102a097f84a2af7323cd88aea650d0298620a16f69

Request headers

:path
/images/down-arrow.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 17:25:26 GMT
server
openresty
etag
W/"5f1-5ac24a84d6d80"
vary
Accept-Encoding
content-type
image/svg+xml
speed-test.png
blog.store.correo.airflowapp.com/images/
3 KB
4 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/speed-test.png
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
966464b949cf8c53a08650452aa9cdf0ffd4010bfeb2f30b8d17660074591486

Request headers

:path
/images/speed-test.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
last-modified
Wed, 15 Jul 2020 18:52:24 GMT
server
openresty
accept-ranges
bytes
etag
"dad-5aa7f6ca6ea00"
content-length
3501
content-type
image/png
screenshot-remote-app.png
blog.store.correo.airflowapp.com/images/
15 KB
15 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/screenshot-remote-app.png
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
4e88486bc77e879c5c6b2d27115f143c541b829977262bf94c2cbfcdb2f65530

Request headers

:path
/images/screenshot-remote-app.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
last-modified
Fri, 24 Jul 2020 16:20:11 GMT
server
openresty
accept-ranges
bytes
etag
"3ce5-5ab3258dac4c0"
content-length
15589
content-type
image/png
appstore.svg
blog.store.correo.airflowapp.com/images/
3 KB
1 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/appstore.svg
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
78cfcdc39223b117331c5542790b803a93ba38f4257d3980cf67365cc2321d21

Request headers

:path
/images/appstore.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 20:38:01 GMT
server
openresty
etag
W/"a6d-5aa80e65ddc40"
vary
Accept-Encoding
content-type
image/svg+xml
googleplay_alt.svg
blog.store.correo.airflowapp.com/images/
3 KB
1 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/googleplay_alt.svg
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
329c9abd5b904c2234a6852da94194eb78e2782edcde6da1b1457f57a2694660

Request headers

:path
/images/googleplay_alt.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 20:38:01 GMT
server
openresty
etag
W/"ae4-5aa80e65ddc40"
vary
Accept-Encoding
content-type
image/svg+xml
mac.svg
blog.store.correo.airflowapp.com/images/
2 KB
1 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/mac.svg
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
1b3a25df10c66e8eb6c6d0b45a49e0440a12e446830bb1c63d3c22d63b24ae39

Request headers

:path
/images/mac.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 17:25:26 GMT
server
openresty
etag
W/"9d7-5ac24a84d6d80"
vary
Accept-Encoding
content-type
image/svg+xml
windows.svg
blog.store.correo.airflowapp.com/images/
1018 B
652 B
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/windows.svg
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
25e1ab9ec68adb195fb3d07ef9d19a50d2aabb7763517bf603a9d551b97bcf27

Request headers

:path
/images/windows.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 17:25:26 GMT
server
openresty
etag
W/"3fa-5ac24a84d6d80"
vary
Accept-Encoding
content-type
image/svg+xml
paddle.js
cdn.paddle.com/paddle/
100 KB
25 KB
Script
General
Full URL
https://cdn.paddle.com/paddle/paddle.js
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3bee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9035cfaf659a79c2acee412fe20cd3cc0b7c58e7ddd063b2a6d54947d736e72a

Request headers

Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
via
1.1 59d5785a1d012a54118141e7e216a493.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
321
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-encoding
br
last-modified
Tue, 17 Aug 2021 08:36:10 GMT
server
cloudflare
etag
W/"7801a1d387fbf9fb60e53ace8d3064fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-pop
FRA56-P2
cf-ray
68b395194e7d0ebb-FRA
x-amz-cf-id
V7QLy5kHeX0h8k9roL-64yixWCtbwfxXRCyJRgUWvj0CdYJ1rP0whg==
cf-bgj
minify
all.js
blog.store.correo.airflowapp.com/
92 KB
33 KB
Script
General
Full URL
https://blog.store.correo.airflowapp.com/all.js
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
7e936de98cd5fcd64a31a9d76b1a89588ed284a4f446af2445e81512af11a43e

Request headers

:path
/all.js
pragma
no-cache
origin
https://blog.store.correo.airflowapp.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://blog.store.correo.airflowapp.com
Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
gzip
last-modified
Sun, 26 Jul 2020 20:46:27 GMT
server
openresty
etag
"16eef-5ab5e4cc7eec0-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
33098
popover-shadow.png
blog.store.correo.airflowapp.com/images/
2 KB
2 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/popover-shadow.png
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
f469c88b97b63f22b6e279f99a8ad9e47a7d55eb9f35194380564a9cda536537

Request headers

:path
/images/popover-shadow.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
last-modified
Sun, 05 Jul 2020 20:17:02 GMT
server
openresty
accept-ranges
bytes
etag
"6f0-5a9b770e94b80"
content-length
1776
content-type
image/png
7Au-p_0qiz-afTf2LwLT.woff2
fonts.gstatic.com/s/muli/v22/
31 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Au-p_0qiz-afTf2LwLT.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,200;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6da5de9026948f45aeb44407505e5e46bdcc118aaea9b6821a6d3a6b3be8625
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.store.correo.airflowapp.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 15:18:13 GMT
x-content-type-options
nosniff
age
114439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32120
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:49:54 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 15:18:13 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,200;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.store.correo.airflowapp.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 11:07:24 GMT
x-content-type-options
nosniff
age
129488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31120
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:50:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 11:07:24 GMT
animate.css
cdn.paddle.com/paddle/assets/css/
73 KB
5 KB
Stylesheet
General
Full URL
https://cdn.paddle.com/paddle/assets/css/animate.css
Requested by
Host: cdn.paddle.com
URL: https://cdn.paddle.com/paddle/paddle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3bee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0088f7df1fcef1a00f1d69412203b45ff534250e4c61c2bd29f4f5c54bece19c

Request headers

Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c63.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
319
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-encoding
br
last-modified
Tue, 17 Aug 2021 08:36:10 GMT
server
cloudflare
etag
W/"6b0b1b3d169eb424f5898cad70ee4496"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
x-amz-cf-pop
FRA56-P2
cf-ray
68b3951a3f4b0ebb-FRA
x-amz-cf-id
4me_HZChGXaZdfayglsnnFYZ6VR_40yDwKM_siT4AA8K4WU4E5IPww==
paddle.css
cdn.paddle.com/paddle/assets/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdn.paddle.com/paddle/assets/css/paddle.css
Requested by
Host: cdn.paddle.com
URL: https://cdn.paddle.com/paddle/paddle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3bee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee045f79318a3e9f7399436dbb71f2d142f9f017a5e5462564209adcb3fde271

Request headers

Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
316
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-encoding
br
last-modified
Tue, 17 Aug 2021 08:36:10 GMT
server
cloudflare
etag
W/"e1a29f42baac80002fd8189d0cc5760f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
x-amz-cf-pop
FRA56-P2
cf-ray
68b3951a3f4d0ebb-FRA
x-amz-cf-id
jGnGdhamaahXnWgTsPvkKFKOfCNai9vtJxc1aBR8WDHn5VN2gSYkIw==
prices
checkout.paddle.com/api/1.0/
141 B
605 B
Script
General
Full URL
https://checkout.paddle.com/api/1.0/prices?product_id=583009&quantity=1&callback=_jsonp_4100635
Requested by
Host: cdn.paddle.com
URL: https://cdn.paddle.com/paddle/paddle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3bee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb36c5a4b0a77da60739f333d93beb2faf678b66108c67a0d4b3c6cc3f86a2f

Request headers

Referer
https://blog.store.correo.airflowapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host
p3p
CP="CAO CUR ADMa DEVa TAIa OUR DELa STP ONL NAV STA PUR"
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, private
cf-ray
68b3951a5f520ebb-FRA
truncated
/
203 B
203 B
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/jp2
truncated
/
121 B
121 B
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/vnd.ms-photo
truncated
/
44 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/webp
scrubbing-preview.webp
blog.store.correo.airflowapp.com/images/
96 KB
96 KB
Image
General
Full URL
https://blog.store.correo.airflowapp.com/images/scrubbing-preview.webp
Requested by
Host: blog.store.correo.airflowapp.com
URL: https://blog.store.correo.airflowapp.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.217.36.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.36.217.95.clients.your-server.de
Software
openresty /
Resource Hash
58b19d53442e6d5631cd430a8b75d3829c1f1b0132a786b47ea276ead6a5c503

Request headers

:path
/images/scrubbing-preview.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.store.correo.airflowapp.com
referer
https://blog.store.correo.airflowapp.com/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.store.correo.airflowapp.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:05:32 GMT
last-modified
Sun, 05 Jul 2020 20:17:02 GMT
server
openresty
accept-ranges
bytes
etag
"17fac-5a9b770e94b80"
content-length
98220

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| loadedScripts object| EMAIL_REGEX function| _Paddle string| PaddleScriptLocation object| Paddle object| mobileViewportControl boolean| PaddleCompletedSetup function| scrubbingPreview function| updatePlatform function| $ function| jQuery object| Modernizr function| updateScrubbingPreview

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.store.correo.airflowapp.com
cdn.paddle.com
checkout.paddle.com
fonts.googleapis.com
fonts.gstatic.com
2606:4700:10::6814:3bee
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
95.217.36.249
0088f7df1fcef1a00f1d69412203b45ff534250e4c61c2bd29f4f5c54bece19c
03b8b73100608c0fdc195de2e46d48aed238328739a24226e5f5adba950b1bc4
1b3a25df10c66e8eb6c6d0b45a49e0440a12e446830bb1c63d3c22d63b24ae39
25e1ab9ec68adb195fb3d07ef9d19a50d2aabb7763517bf603a9d551b97bcf27
329c9abd5b904c2234a6852da94194eb78e2782edcde6da1b1457f57a2694660
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36cc4b682fd962d7bb873d86befbd50840422d87b0a4d3bd47e2202149170f3d
3a8d64a07b61739bde9d535bcc79316188cd938d616d423fe432065e9809ec49
449a2c2687fd26ee8336c50a0a8b0ba145d53e19f8d79a70e3b8b7d881d0381e
4e88486bc77e879c5c6b2d27115f143c541b829977262bf94c2cbfcdb2f65530
50e88442d82db93121eda7f86b7dc76882298b0d80c797ade327cbd53dc8190b
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
55b94786d8e4074a1332ede723581b9e01a6b50e7f47ddc691ea43a8c80c5ba6
58b19d53442e6d5631cd430a8b75d3829c1f1b0132a786b47ea276ead6a5c503
63cc54f5e327d5185696a59b95828cb880ff62b6327726165ce2ca57934b29d8
7631d5504f249da38759f959a63c9b452086eb646af1a52246f6b4d3546d1d74
78cfcdc39223b117331c5542790b803a93ba38f4257d3980cf67365cc2321d21
7972038e82a0b4c64ce4eb739c3b11ebc2b8d8c8e85afc5203a95a65faa54743
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7e936de98cd5fcd64a31a9d76b1a89588ed284a4f446af2445e81512af11a43e
8c8aee8891a3d93a2f3b19102a097f84a2af7323cd88aea650d0298620a16f69
8dc3196bdf6a6c6e7fb4399ce83934b27faf4eaaf208569617f1c6c69353ff60
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
9035cfaf659a79c2acee412fe20cd3cc0b7c58e7ddd063b2a6d54947d736e72a
966464b949cf8c53a08650452aa9cdf0ffd4010bfeb2f30b8d17660074591486
a6acd0d85347f4efcbbdd9747bbfb605eeae29cdc33e955bcb384feb537aeee3
b56512fe7f08808aa71c562dcd4d9bf4b19fa19bc5be09131616c22e47dd5fe7
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
d6da5de9026948f45aeb44407505e5e46bdcc118aaea9b6821a6d3a6b3be8625
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e664a8e9b05051251f5984c0eae4c4552a54dd2f3d256012bcee1687ddc28588
ee045f79318a3e9f7399436dbb71f2d142f9f017a5e5462564209adcb3fde271
f469c88b97b63f22b6e279f99a8ad9e47a7d55eb9f35194380564a9cda536537
f89bb390948c0e19f7a79a7819576b1c7e5ac676ba3909da48a23602290485d3
fbb36c5a4b0a77da60739f333d93beb2faf678b66108c67a0d4b3c6cc3f86a2f
fec9bcd6bac6d25724dfdc2d7138874cfa4b7b5119e90dff4f0329c373c66f88