marceli.safeway.sunship.dev Open in urlscan Pro
195.78.66.235 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://marceli.safeway.sunship.dev/
Submission: On September 27 via automatic, source certstream-suspicious (September 27th 2022, 10:07:17 am UTC) — Scanned from DE

Summary HTTP 49 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 12 domains to perform 49 HTTP transactions. The main IP is 195.78.66.235, located in Poland and belongs to CF-GDA, PL. The main domain is marceli.safeway.sunship.dev.
TLS certificate: Issued by R3 on September 27th 2022. Valid for: 3 months.

This is the only time marceli.safeway.sunship.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	195.78.66.235 195.78.66.235	41079 (CF-GDA) (CF-GDA)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.111.250.82 104.111.250.82	16625 (AKAMAI-AS) (AKAMAI-AS)
12 24	2606:4700:20:... 2606:4700:20::681a:51e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
3	13.225.78.71 13.225.78.71	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:5600:1:90b1:7a80:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:6000:14:ad8b:440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
2	18.66.97.43 18.66.97.43	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:402::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
49	17

4 195.78.66.235 (Poland)

ASN41079 (CF-GDA, PL)
PTR: s131.cyber-folks.pl

marceli.safeway.sunship.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.111.250.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-82.deploy.static.akamaitechnologies.com

www.washingtonpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:51e (United States) 12 redirects

ASN13335 (CLOUDFLARENET, US)

picsum.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.picsum.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-71.fra2.r.cloudfront.net

d1pz6dax0t5mop.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:5600:1:90b1:7a80:21 (United States)

ASN16509 (AMAZON-02, US)

d2p9l91d5g68ru.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:6000:14:ad8b:440:93a1 (United States)

ASN16509 (AMAZON-02, US)

video-api.washingtonpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-43.fra56.r.cloudfront.net

d21rhj7n383afu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	picsum.photos 12 redirects picsum.photos — Cisco Umbrella Rank: 67140 i.picsum.photos — Cisco Umbrella Rank: 100080	724 KB
13	washingtonpost.com www.washingtonpost.com — Cisco Umbrella Rank: 8405 video-api.washingtonpost.com — Cisco Umbrella Rank: 83586	417 KB
6	cloudfront.net d1pz6dax0t5mop.cloudfront.net d2p9l91d5g68ru.cloudfront.net d21rhj7n383afu.cloudfront.net	157 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	20 KB
4	sunship.dev marceli.safeway.sunship.dev	678 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 797	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	180 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6352	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	450 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 654	30 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 691	7 KB
49	12

	Domain	Requested by
12	i.picsum.photos	marceli.safeway.sunship.dev
12	picsum.photos	12 redirects
12	www.washingtonpost.com	marceli.safeway.sunship.dev www.washingtonpost.com code.jquery.com d1pz6dax0t5mop.cloudfront.net
4	marceli.safeway.sunship.dev	marceli.safeway.sunship.dev
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	unpkg.com	2 redirects marceli.safeway.sunship.dev
3	d1pz6dax0t5mop.cloudfront.net	marceli.safeway.sunship.dev d1pz6dax0t5mop.cloudfront.net
2	region1.google-analytics.com	www.googletagmanager.com
2	d21rhj7n383afu.cloudfront.net	marceli.safeway.sunship.dev
2	www.googletagmanager.com	marceli.safeway.sunship.dev www.googletagmanager.com
1	www.google.de	marceli.safeway.sunship.dev
1	www.google.com	marceli.safeway.sunship.dev
1	stats.g.doubleclick.net	www.google-analytics.com
1	video-api.washingtonpost.com	d1pz6dax0t5mop.cloudfront.net
1	d2p9l91d5g68ru.cloudfront.net	d1pz6dax0t5mop.cloudfront.net
1	code.jquery.com	marceli.safeway.sunship.dev
1	maxcdn.bootstrapcdn.com	marceli.safeway.sunship.dev
49	17

This site contains links to these domains. Also see Links.

Domain
www.washingtonpost.com
subscribe.washingtonpost.com
help.washingtonpost.com
www.facebook.com
www.twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
marceli.safeway.sunship.dev R3	`2022-09-27` - `2022-12-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
www.washingtonpost.com Entrust Certification Authority - L1M	`2022-03-23` - `2023-04-22`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.washingtonpost.com Entrust Certification Authority - L1K	`2022-04-16` - `2023-05-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://marceli.safeway.sunship.dev/
Frame ID: ACC3CEE53785AB68CE647264B91F8393
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

[[ wp:data title.rendered ]]

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

71 %
HTTPS

75 %
IPv6

12
Domains

17
Subdomains

17
IPs

5
Countries

2497 kB
Transfer

5610 kB
Size

5
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://www.washingtonpost.com/?tid=tst_homelink
Title: Home

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/politics/?nid=top_nav_politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/opinions/?nid=top_nav_opinions
Title: Opinions

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/january-6-capitol-riot/?nid=top_nav_jan.6insurrection
Title: Jan. 6 Insurrection

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/world/ukraine-russia/?nid=top_nav_warinukraine
Title: War in Ukraine

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/coronavirus/?nid=top_nav_coronavirus
Title: Coronavirus

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/national/investigations/?nid=top_nav_investigations
Title: Investigations

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/business/technology/?nid=top_nav_tech
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/lifestyle/?nid=top_nav_lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/world/?nid=top_nav_world
Title: World

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/local/?nid=top_nav_d.c.,md.-amp;va.
Title: D.C., Md. & Va.

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/sports/?nid=top_nav_sports
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/
Title: The Washington Post logo Democracy Dies in Darkness

Search URL Search Domain Scan URL

URL: https://subscribe.washingtonpost.com/acquisition/?nid=top_pb_subscribe&promo=o2&oscode=RPWH&p=s_v&s_l=ONSITE_HEADER_FRONT&acqEntType=mktg_onsite_homepage&destination=https://www.washingtonpost.com&tid=nav_subscribe_logged_out
Title: Try 1 month for $1

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/subscribe/signin/?tid=nav_sign_in
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/my-post/#/?tid=nav_acctmgnt_menu
Title: My Post

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/my-post/#/my-reading-list?tid=nav_acctmgnt_menu
Title: My Reading List

Search URL Search Domain Scan URL

URL: https://subscribe.washingtonpost.com/profile/#/?destination=https://www.washingtonpost.com/?refresh=true&tid=nav_acctmgnt_menu
Title: Account Settings

Search URL Search Domain Scan URL

URL: https://subscribe.washingtonpost.com/newsletters?tid=nav_acctmgnt_menu
Title: Newsletters & alerts

Search URL Search Domain Scan URL

URL: https://subscribe.washingtonpost.com/acquisition/?p=g_v?promo=g_d&tid=nav_acctmgnt_menu
Title: Gift subscriptions

Search URL Search Domain Scan URL

URL: http://help.washingtonpost.com/ics/support/ticketnewwizard.asp?tid=nav_acctmgnt_menu
Title: Contact us

Search URL Search Domain Scan URL

URL: http://help.washingtonpost.com/ics/support/KBSplash.asp?tid=nav_acctmgnt_menu
Title: Help desk

Search URL Search Domain Scan URL

URL: http://www.washingtonpost.com/externalTopper/?outputType=accessibility&nid=menu_nav_accessibilityforscreenreader
Title: Accessibility for screenreader

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/brand-studio/archive/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=[[%20wp:data%20meta.social_facebook.link%20]]

Search URL Search Domain Scan URL

URL: http://www.twitter.com/intent/tweet?text=[[%20wp:data%20meta.social_twitter.description%20]]&url=[[%20wp:data%20meta.social_twitter.link%20]]&hashtags=[[%20wp:data%20meta.social_twitter.hashtag%20]]

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=[[%20wp:data%20meta.social_linkedin.link%20]]

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/brandstudio/optum/a-choreographer-with-a-chronic-condition/

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/brandstudio/optum/a-second-chance-with-a-second-opinion/

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/brandstudio/optum/building-a-life-while-battling-chronic-disease/

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/brand-studio/wp/2020/07/13/feature/changing-us-health-care-for-good/

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/brand-studio/wp/2020/08/13/feature/why-every-aspect-of-your-life-impacts-how-healthy-you-are/

Search URL Search Domain Scan URL

URL: http://www.washingtonpost.com/brand-studio/wp/2020/08/31/delivering-cohesive-care-with-data

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/brandstudio/optum/treating-the-whole-person/

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/privacy-policy/2011/11/18/gIQASIiaiN_story.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/privacy-policy/2011/11/18/gIQASIiaiN_story.html#CALIFORNIA
Title: CA Notice of Collection

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/my-post/privacy-settings/
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/terms-of-service/2011/11/18/gIQAldiYiN_story.html
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://picsum.photos/id/10/230/150?grayscale.jpg HTTP 302
https://i.picsum.photos/id/10/230/150.jpg?hmac=cxqXU5R0wK0AGAYf7egavQ4d9oGiVXoXtENxTvljD2Y

Request Chain 5

https://picsum.photos/id/100/230/150?grayscale.jpg HTTP 302
https://i.picsum.photos/id/100/230/150.jpg?hmac=dxisRlWnFnm_IrQGkrM6Rz6xhbjrvIX9MdbRqNM6taE

Request Chain 6

https://picsum.photos/id/1019/230/150?grayscale.jpg HTTP 302
https://i.picsum.photos/id/1019/230/150.jpg?hmac=E_yCPsFlnouLMURb6f5uxoHT_VYCxQyHHNi1lIDdV6Y

Request Chain 7

https://picsum.photos/id/1006/230/150?grayscale.jpg HTTP 302
https://i.picsum.photos/id/1006/230/150.jpg?hmac=3odsBA8F8clRG-GkQN67JbQqsKWe5zGbMyjd0gIWCIc

Request Chain 8

https://picsum.photos/id/1015/230/150?grayscale.jpg HTTP 302
https://i.picsum.photos/id/1015/230/150.jpg?hmac=yWFYUp01uwN_BsKnHkUnFNb3daKbXiKnrPsa-KssNLU

Request Chain 9

https://picsum.photos/id/1018/230/150?grayscale.jpg HTTP 302
https://i.picsum.photos/id/1018/230/150.jpg?hmac=UhTq5PpQ4thi9IAgHW1U148aPtG0DsJrACfISTZudXk

Request Chain 10

https://picsum.photos/id/1021/230/150?grayscale.jpg HTTP 302
https://i.picsum.photos/id/1021/230/150.jpg?hmac=NtAY93-7NyFOfaDTGvwaGrf8Kk86kpUSkOZ2sh6wJNI

Request Chain 15

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@3.0.2 HTTP 302
https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js

Request Chain 46

https://picsum.photos/750/1154?grayscale.webp HTTP 302
https://i.picsum.photos/id/921/750/1154.jpg?hmac=yGZb6vlXdcmZdM821h-_2VeVZCOhncMwNMP0GghKYCI

Request Chain 48

https://picsum.photos/id/100/1920/900?grayscale.webp HTTP 302
https://i.picsum.photos/id/100/1920/900.jpg?hmac=KhkJPcTzbMQLhOjNxdsyzHjC8JOpKkeKW5vGfHA4PNo

Request Chain 49

https://picsum.photos/id/1006/1920/900?grayscale.webp HTTP 302
https://i.picsum.photos/id/1006/1920/900.jpg?hmac=3xLg9owHlw3Ct25IVdyW40_9SK6eyOiUW_YndYsevi8

Request Chain 50

https://picsum.photos/id/1002/1920/900?grayscale.webp HTTP 302
https://i.picsum.photos/id/1002/1920/900.jpg?hmac=xFY57Ib4J4QkORz_bN1V6ec17zIsvta6_aYaAh4EQRQ

Request Chain 51

https://picsum.photos/id/1052/1920/900?grayscale.webp HTTP 302
https://i.picsum.photos/id/1052/1920/900.jpg?hmac=F2egtbg834YYxZCWqkov5xKiOS3N7aX51K2lpHxYgsY

49 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
marceli.safeway.sunship.dev/ 79 KB
15 KB 228ms
48ms Document
text/html 195.78.66.235
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://marceli.safeway.sunship.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.66.235 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s131.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: d48b7ba8f107de7ec0bb0374abd06f715d0337e24f7ee8f38a4b6f92fe1d863f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 15264
content-type: text/html
date: Tue, 27 Sep 2022 10:07:08 GMT
etag: "13be7-6332c48e-99aff243a05513ce;br"
last-modified: Tue, 27 Sep 2022 09:38:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 41ms
21ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 19189454
cdn-cachedat: 2021-06-08 19:04:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cf-ray: 75136e3f8bf4699f-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main.css
marceli.safeway.sunship.dev/css/ 441 KB
232 KB 54ms
53ms Stylesheet
text/css 195.78.66.235
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://marceli.safeway.sunship.dev/css/main.css?v=0
Requested by: Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.66.235 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s131.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: eff3f7cbc95fa788a2f0e697cfed2b1909a12ee1f40b62373df9aaf770f44131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:08 GMT
content-encoding: br
last-modified: Tue, 27 Sep 2022 09:38:22 GMT
server: LiteSpeed
etag: "6e44a-6332c48e-64bd1c2deea56a04;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 236985
expires: Tue, 04 Oct 2022 10:07:08 GMT

GET
H2 200 5c997d2bed.css
www.washingtonpost.com/pb/gr/c/ssi/rJ04Gw1q7DIIFp/css/ 569 KB
298 KB 167ms
20ms Stylesheet
text/css 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.washingtonpost.com/pb/gr/c/ssi/rJ04Gw1q7DIIFp/css/5c997d2bed.css?_=cde14

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

adfee7356f1e76d771022f1513d408d4dc3cc6a826677c8a62eaeeb77d2431f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 2592000, 2592000, 2592000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: W/"e5122"
x-akamai-ro-tunnel-origin-edge-control: max-age=30d, downstream-ttl=30d
content-length: 304400
x-served-by: pb-resources
last-modified: Tue, 09 Aug 2022 15:59:44 GMT
server: Akamai Resource Optimizer
date: Tue, 27 Sep 2022 10:07:08 GMT
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-origin-cache: MISS
x-origin-upstream-status: 200
expires: Thu, 27 Oct 2022 10:07:08 GMT

GET
H2 200 style.css
www.washingtonpost.com/pb/gr/p/ssi/rJ04Gw1q7DIIFp/ 96 KB
12 KB 177ms
30ms Stylesheet
text/css 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.washingtonpost.com/pb/gr/p/ssi/rJ04Gw1q7DIIFp/style.css?_=c12a0

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

edfa3fe891598fedc12fd94f2c4655cc84b1c95edf853ef35d2eb98c45e9d4e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 2592000, 2592000, 2592000, 2592000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: W/"cdc8f"
x-akamai-ro-tunnel-origin-edge-control: max-age=30d, downstream-ttl=30d
content-length: 11436
x-served-by: pb-resources
last-modified: Tue, 28 Jun 2022 03:41:23 GMT
server: Akamai Resource Optimizer
date: Tue, 27 Sep 2022 10:07:08 GMT
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-origin-cache: MISS
x-origin-upstream-status: 200
expires: Thu, 27 Oct 2022 10:07:08 GMT

GET
H2

200

150.jpg
i.picsum.photos/id/10/230/
Redirect Chain

https://picsum.photos/id/10/230/150?grayscale.jpg
https://i.picsum.photos/id/10/230/150.jpg?hmac=cxqXU5R0wK0AGAYf7egavQ4d9oGiVXoXtENxTvljD2Y

6 KB
6 KB

230ms
230ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/10/230/150.jpg?hmac=cxqXU5R0wK0AGAYf7egavQ4d9oGiVXoXtENxTvljD2Y

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d49808067569536ce8755e36ce7770dcea96f37c04e04287707091425b3caa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-expose-headers: Picsum-ID
picsum-id: 10
content-disposition: inline; filename="10-230x150.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 10:07:09 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjk2zyy3fjSswjSP3gXW5Iq%2BDQj%2F%2FA4j8MvjOHVn%2FaUzE5aIYJd42eukVTdbvVgE5Y13AoIf4D2Iyp96sJXGcejJF8zFWHj4MbVPfh9xgaZFIpPrKGOtfWkJ2ZsB8DrcwQHPU9lhrcygNmmHvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e405afd6904-FRA
cf-bgj: h2pri

Redirect headers

date: Tue, 27 Sep 2022 10:07:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/10/230/150.jpg?hmac=cxqXU5R0wK0AGAYf7egavQ4d9oGiVXoXtENxTvljD2Y
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B60LbUQClhTwO7KiOFsBDn%2B3745H4jmLPkUTlN1AinjQaao9LOP2qGX8JK6jtmAWa4Xr22KOU%2F7fky8vWM%2BLnuNIUjhW3TTmvIVQD5h4B1AOWMLleBhUzH8A9nT6bhG14hCB%2FZ5E2e7vnIk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e3fd9c16904-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

200

150.jpg
i.picsum.photos/id/100/230/
Redirect Chain

https://picsum.photos/id/100/230/150?grayscale.jpg
https://i.picsum.photos/id/100/230/150.jpg?hmac=dxisRlWnFnm_IrQGkrM6Rz6xhbjrvIX9MdbRqNM6taE

5 KB
5 KB

62ms
45ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/100/230/150.jpg?hmac=dxisRlWnFnm_IrQGkrM6Rz6xhbjrvIX9MdbRqNM6taE

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c0a25e56d577437a049dc04a90b9dce34b75bfe3807463bed54ecf6d9e1f5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-expose-headers: Picsum-ID
picsum-id: 100
content-disposition: inline; filename="100-230x150.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 10:07:08 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4W%2FUvwH4VtKy1WqcAJ4r5REPSqpBQof23otW2RvzvtfRwtYWKsN%2Fn%2FFhlQYfguB0ZQ9wRANUQ49Zv1G1LJ3FhwaeU9Kzx7uBSp8Nsbqm4zqoPkrZGmFHzN6%2FuOvzqdsYihuhy%2F6exdBrlE5eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e404adc6904-FRA
cf-bgj: h2pri

Redirect headers

date: Tue, 27 Sep 2022 10:07:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/100/230/150.jpg?hmac=dxisRlWnFnm_IrQGkrM6Rz6xhbjrvIX9MdbRqNM6taE
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gjw4wM2aP8H5bR2xAxU7vI90nxIssskjc4k%2BL3qLF8%2F3XnpNKhFm%2Fd3Wa1UxEqqLZx8NKwc56IIz%2F6MrphCkpm2uPpJeAwbmmNsDkII%2BJLjnJGhl%2BKBGJ2w53N%2B7w4uQX75kcN%2FxSjdhvV4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e3fd9c66904-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3

200

150.jpg
i.picsum.photos/id/1019/230/
Redirect Chain

https://picsum.photos/id/1019/230/150?grayscale.jpg
https://i.picsum.photos/id/1019/230/150.jpg?hmac=E_yCPsFlnouLMURb6f5uxoHT_VYCxQyHHNi1lIDdV6Y

5 KB
5 KB

611ms
611ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/1019/230/150.jpg?hmac=E_yCPsFlnouLMURb6f5uxoHT_VYCxQyHHNi1lIDdV6Y

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d0c17b302f3427ed454df7152cd7c28477212f9152a9dcf4faa012ce70ec9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-expose-headers: Picsum-ID
picsum-id: 1019
content-disposition: inline; filename="1019-230x150.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 10:07:09 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQn5zp%2FjjBAPoB8P7Cm41ayWEkHH4iB650rg3B3DbrzsV1hHROcqWEzqZXZATcTD34FeeXgEjPNdsOMjotG3WI0tb2SQbuVrZ7axFVmu7t9kRdxaQENxWjbyyvI6JmuKKznLehwoe%2F24j3H1rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e414c3f5be1-FRA
cf-bgj: h2pri

Redirect headers

date: Tue, 27 Sep 2022 10:07:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/1019/230/150.jpg?hmac=E_yCPsFlnouLMURb6f5uxoHT_VYCxQyHHNi1lIDdV6Y
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G5%2F%2F1Ims%2BjgXjv87d2a55nCSzI6Vs889tdmtsI19OuToiwJ7WCvKp1FGbstxdQo7ssXD%2Fs90bVrTYmq8q8sv1KyXeV7pti%2FBvJ7HPCAbzxYG0PaH7L7kzC%2F1d2fjkbF7NHW%2BTVm8UADt1Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e3fd9c96904-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

200

150.jpg
i.picsum.photos/id/1006/230/
Redirect Chain

https://picsum.photos/id/1006/230/150?grayscale.jpg
https://i.picsum.photos/id/1006/230/150.jpg?hmac=3odsBA8F8clRG-GkQN67JbQqsKWe5zGbMyjd0gIWCIc

5 KB
6 KB

223ms
223ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/1006/230/150.jpg?hmac=3odsBA8F8clRG-GkQN67JbQqsKWe5zGbMyjd0gIWCIc

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98c9f405c1612f8256fb9c664613f239674fc5bdb7af96906e3c779ed2630a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-expose-headers: Picsum-ID
picsum-id: 1006
content-disposition: inline; filename="1006-230x150.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 10:07:09 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b65qLCEKc%2Bv9U5pXjU2XsH3f4lqBaKruJF73DaaHdqKKIJD5KtMWT6wjR67gZjVyQFA5qqTXKIULm9SM3PwUqflUwdnECHdazOS1S8a%2FiB%2BiqicbMAUUHRwQfZmW432sVQVV%2FxqSrLoEB3qzMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e405aea6904-FRA
cf-bgj: h2pri

Redirect headers

date: Tue, 27 Sep 2022 10:07:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/1006/230/150.jpg?hmac=3odsBA8F8clRG-GkQN67JbQqsKWe5zGbMyjd0gIWCIc
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQ2RRINGFDMAMJ1QUNA2qRb%2F7TJ%2BacI%2B1sEZOeGyF%2BNwQvue2bV%2FhXANUsK3VCiVvaOhL9rnKr3%2BEFoHaSPRYQemc2p9r%2FI3c8gZqksbr%2BMDxLgLiCjXcLfVqgK5K9GTXWI7Uj3ZM1Sh0%2FU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e3fd9cd6904-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

200

150.jpg
i.picsum.photos/id/1015/230/
Redirect Chain

https://picsum.photos/id/1015/230/150?grayscale.jpg
https://i.picsum.photos/id/1015/230/150.jpg?hmac=yWFYUp01uwN_BsKnHkUnFNb3daKbXiKnrPsa-KssNLU

9 KB
9 KB

1106ms
1089ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/1015/230/150.jpg?hmac=yWFYUp01uwN_BsKnHkUnFNb3daKbXiKnrPsa-KssNLU

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f49f90253fa07827c2ad5db55f0168998ecc68090e298f7427186c2877fe977f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-expose-headers: Picsum-ID
picsum-id: 1015
content-disposition: inline; filename="1015-230x150.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 10:07:09 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gdu19scQdb7yWJhZozmqtLd5YGswVFWXKCpBOOGPby0NtLMPIQvU0w6QlDFzGDmy0ASCMJZ2cb0IsLi%2BQf%2FLKMUf9lq4WdV1yp9FnSYfqHOfoA%2FdnOLOxVmlh5gEBD7fOf4pcLcoeuHHC4Sxqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e404ade6904-FRA
cf-bgj: h2pri

Redirect headers

date: Tue, 27 Sep 2022 10:07:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/1015/230/150.jpg?hmac=yWFYUp01uwN_BsKnHkUnFNb3daKbXiKnrPsa-KssNLU
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rC6IKlubOR%2BQrUlEj8Lg6C5H8LPelv29O5mZfte8RVwFkh66ZcCpT3L5ip1YVGDFjcSqeal2XbVoZN3ZfeOtVVTVPWGCqfJ55eqeTgufcQHopcSS7AUy%2FeyjF6a%2BRCYnnkyZ0CqeIesA2DA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e3fd9d16904-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

200

150.jpg
i.picsum.photos/id/1018/230/
Redirect Chain

https://picsum.photos/id/1018/230/150?grayscale.jpg
https://i.picsum.photos/id/1018/230/150.jpg?hmac=UhTq5PpQ4thi9IAgHW1U148aPtG0DsJrACfISTZudXk

6 KB
6 KB

579ms
579ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/1018/230/150.jpg?hmac=UhTq5PpQ4thi9IAgHW1U148aPtG0DsJrACfISTZudXk

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

263e7ec35f0d1137704fbda1b0daf5514c76094f45d67a7e67031694c779a44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-expose-headers: Picsum-ID
picsum-id: 1018
content-disposition: inline; filename="1018-230x150.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 10:07:09 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IB0pE%2FL2QtixUvubY9DNKRSsEKVpXbvugHNJWd67wpy9H0DAwCJJlk27F4fKcrwqmuP%2B5BBLOSslCb%2Bccmvy1nc5IXV7zgNjcDvBTshZkRW%2FhYT47%2BE6fD6l%2BulC4pWZqOr%2BtDL9owPip0m%2F4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e405af66904-FRA
cf-bgj: h2pri

Redirect headers

date: Tue, 27 Sep 2022 10:07:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/1018/230/150.jpg?hmac=UhTq5PpQ4thi9IAgHW1U148aPtG0DsJrACfISTZudXk
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxRDWjctLgUHlWYNOLNBXSTlRyy%2B7qYEwxdCfOvstyAVXhmqirFSfOaPz4keEg4q5InpGhpMXAcrwwV27w%2B0i59r7lw%2FL2wABT0fUtmdQwY0S%2FyrhO4vAVmBQ4vNAv4bWAJyW9ChX8xlQUU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e3fd9d66904-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3

200

150.jpg
i.picsum.photos/id/1021/230/
Redirect Chain

https://picsum.photos/id/1021/230/150?grayscale.jpg
https://i.picsum.photos/id/1021/230/150.jpg?hmac=NtAY93-7NyFOfaDTGvwaGrf8Kk86kpUSkOZ2sh6wJNI

5 KB
5 KB

77ms
62ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/1021/230/150.jpg?hmac=NtAY93-7NyFOfaDTGvwaGrf8Kk86kpUSkOZ2sh6wJNI

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b895bda66835c576fa6adf1a0a9fd35fb71b891e9b455da3ad8e69a904dbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-expose-headers: Picsum-ID
picsum-id: 1021
content-disposition: inline; filename="1021-230x150.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 10:07:08 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BQbHEtR5Ew5AZs%2Fmykn7YfO4XPWH3pph7eAYW6iJ%2By1ZrV5OLTl6buggCCpxB0dGyddNg6lOlg4xD15bhs%2BjglnQJS4QvmLAj8UbAksylwNDDg%2FHNaowK6pCunPbP%2Fb2Fian%2FvhDEryom0K9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e40bb415be1-FRA
cf-bgj: h2pri

Redirect headers

date: Tue, 27 Sep 2022 10:07:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/1021/230/150.jpg?hmac=NtAY93-7NyFOfaDTGvwaGrf8Kk86kpUSkOZ2sh6wJNI
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bM87YJBL1JDQxc21%2BYWHBM4n8dNB%2FcWT8jIB08qCgsQNcBaluTzDHJbDc4DodsDFFEf2Uxq8e0QrYL55i9WSLNISSLHkNpKDBtUj57kQLrkw1FjaIBoucfsT9M1qhkcUd80op9MmzZu1bpY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e400a376904-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 241ms
162ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://marceli.safeway.sunship.dev/
Origin: https://marceli.safeway.sunship.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:08 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
x-hw: 1664273228.dop246.fr8.t,1664273228.cds138.fr8.hn,1664273228.cds280.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 powaBoot.js Show response
d1pz6dax0t5mop.cloudfront.net/prod/ 47 KB
17 KB 80ms
12ms Script
application/javascript 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pz6dax0t5mop.cloudfront.net/prod/powaBoot.js
Requested by: Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb1812ee079a962d758165d818e868e82879ab3ac3c8bc344cd53a6dcbfd039d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:08 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 19:37:47 GMT
server: AmazonS3
age: 219
etag: W/"443eeeb97b95aa3913065f0f21cc018e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: BLWFlxC_cw8tPCS6W6ABL57jZ_qsYl_kAAvAcgs5123MjokgA5Pv9w==

GET
H2 200 script.js Show response
marceli.safeway.sunship.dev/js/ 326 KB
101 KB 96ms
94ms Script
application/javascript 195.78.66.235
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://marceli.safeway.sunship.dev/js/script.js?v=0
Requested by: Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.66.235 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s131.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 21790aa9cc61c7d613053e15f44b536a0fea2d491c051a58d093d22992cd3dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:08 GMT
content-encoding: br
last-modified: Tue, 27 Sep 2022 09:38:22 GMT
server: LiteSpeed
etag: "519be-6332c48e-8a7d57fe677ecb54;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 103532
expires: Tue, 04 Oct 2022 10:07:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 528 KB
116 KB 59ms
18ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHNNX8B

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc6c596208c632af4f42e89d03d9391f99d09eae9ba260a896f2b81d815169e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118591
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Sep 2022 10:07:08 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.0.2/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@3.0.2
https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js

7 KB
3 KB

39ms
39ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:09 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1050286
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1a22-hgiiFG7C7LJYmxvR7SzubSsy+G8"
fly-request-id: 01GCZX03SRV64695B35XW958F3-fra
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75136e412fe5bbf2-FRA

Redirect headers

date: Tue, 27 Sep 2022 10:07:08 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GCZX03Q8A0PT955RQQ8ZKDV1-fra
server: cloudflare
age: 1050285
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@3.0.2/dist/web-vitals.iife.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 75136e40beb5bbf2-FRA
access-control-allow-origin: *

GET
H2 200 wp_import-nd.js Show response
www.washingtonpost.com/pb/resources/wp_import/ 112 KB
35 KB 19ms
18ms Script
application/javascript 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.washingtonpost.com/pb/resources/wp_import/wp_import-nd.js

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

cd5a41d6bb33e83882808a22298804923f531cce0087a2fdcacf77a97b4808ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 2592000, 2592000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: W/"95525"
x-akamai-ro-tunnel-origin-edge-control: max-age=30d, downstream-ttl=30d
content-length: 35706
x-served-by: pb-resources
last-modified: Tue, 28 Jun 2022 03:28:38 GMT
server: Akamai Resource Optimizer
date: Tue, 27 Sep 2022 10:07:08 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-origin-cache: MISS
x-origin-upstream-status: 200
expires: Thu, 27 Oct 2022 10:07:08 GMT

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca8a449dd0bcd9c17177e33b1c1568f01f3dbde6fc594efd5a74dca8bb2a8d39

Request headers

Referer
Origin: https://marceli.safeway.sunship.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83a81b982d9bb2fa230513f88ee5ff0682cd6105f91e0cac07b5582e321b3cf1

Request headers

Referer
Origin: https://marceli.safeway.sunship.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 icons.woff2
www.washingtonpost.com/pb/resources/assets/fonts/custom/latest/fonts/ 18 KB
18 KB 44ms
22ms Font
application/octet-stream 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.washingtonpost.com/pb/resources/assets/fonts/custom/latest/fonts/icons.woff2?_=20190930

Requested by

Host: www.washingtonpost.com
URL: https://www.washingtonpost.com/pb/gr/c/ssi/rJ04Gw1q7DIIFp/css/5c997d2bed.css?_=cde14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

374dc0a10265318c45b0ef32223103627e60468b9909a80920d336bf4accc90c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.washingtonpost.com/pb/gr/c/ssi/rJ04Gw1q7DIIFp/css/5c997d2bed.css?_=cde14
Origin: https://marceli.safeway.sunship.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 2592000, 2592000
date: Tue, 27 Sep 2022 10:07:08 GMT
content-encoding: gzip
server: openresty
etag: "0ec4a"
x-served-by: pb-resources
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests
content-length: 18276
x-origin-cache: MISS
x-origin-upstream-status: 200
expires: Thu, 27 Oct 2022 10:07:08 GMT

GET
DATA 200
OK truncated
/ 62 KB
62 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b95a41e9c98adce9d8a75e19f727aa556bcf32540008614c5ee8ca1a3008cd2

Request headers

Referer
Origin: https://marceli.safeway.sunship.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 86 KB
86 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f08b1e37f4c4aa6895de20e0383aa86039ae2327279254da9a136118d19a95e

Request headers

Referer
Origin: https://marceli.safeway.sunship.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0928044219c15858ed1be69039e1f4fa1181df2a865e854b3a7da5a5fc6e3fed

Request headers

Referer
Origin: https://marceli.safeway.sunship.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b963023efb31fe2c85f778a21c811c5c3871f20a5fc63712befbd6f25c454cd4

Request headers

Referer
Origin: https://marceli.safeway.sunship.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://marceli.safeway.sunship.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d84e20753de3aad6a7dd002777c11a5473835c2cfd1e3d0d18f1addbc0082c36

Request headers

Referer
Origin: https://marceli.safeway.sunship.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 3163f38baa.js Show response
www.washingtonpost.com/pb/gr/c/ssi/rJ04Gw1q7DIIFp/load_immediately/ 77 KB
19 KB 17ms
17ms Script
application/javascript 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.washingtonpost.com/pb/gr/c/ssi/rJ04Gw1q7DIIFp/load_immediately/3163f38baa.js?_=5e196

Requested by

Host: www.washingtonpost.com
URL: https://www.washingtonpost.com/pb/resources/wp_import/wp_import-nd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c062e137034c451233e49939b2f6d6681a2608f4d9ce9db74721cd897cdc5da2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 2592000, 2592000, 2592000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: W/"c1ed7"
x-akamai-ro-tunnel-origin-edge-control: max-age=30d, downstream-ttl=30d
content-length: 18618
x-served-by: pb-resources
last-modified: Tue, 28 Jun 2022 03:46:21 GMT
server: Akamai Resource Optimizer
date: Tue, 27 Sep 2022 10:07:09 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-origin-cache: MISS
x-origin-upstream-status: 200
expires: Thu, 27 Oct 2022 10:07:09 GMT

GET
H2 200 wapo.js Show response
d1pz6dax0t5mop.cloudfront.net/prod/org/ 467 KB
137 KB 22ms
21ms Script
application/javascript 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pz6dax0t5mop.cloudfront.net/prod/org/wapo.js?org=wapo
Requested by: Host: d1pz6dax0t5mop.cloudfront.net
URL: https://d1pz6dax0t5mop.cloudfront.net/prod/powaBoot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6906050e35971264e910e12736133e0a54cdfd792f957cbd00b39ba22f2c4fca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:04:53 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 19:37:47 GMT
server: AmazonS3
age: 137
etag: W/"4bacd1d7033fc9a85c2f29eb92ffa734"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: SLRAE3iyo6ACAs0gCsnhckxyzjFw0GCP9lx_4OASEsORDMbEAWq7jQ==

GET
H2 200 hi-pri-render.js Show response
www.washingtonpost.com/pb/gr/p/ssi/rJ04Gw1q7DIIFp/ 20 KB
5 KB 19ms
18ms Script
application/javascript 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.washingtonpost.com/pb/gr/p/ssi/rJ04Gw1q7DIIFp/hi-pri-render.js?_=c12a0

Requested by

Host: www.washingtonpost.com
URL: https://www.washingtonpost.com/pb/resources/wp_import/wp_import-nd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e8387ae311dcd3a1b7ed5b17409d2a65b621d693105e0450fb3febb3fbea7ae3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 2592000, 2592000, 2592000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: W/"e24ca"
x-akamai-ro-tunnel-origin-edge-control: max-age=30d, downstream-ttl=30d
date: Tue, 27 Sep 2022 10:07:09 GMT
content-length: 4694
x-served-by: pb-resources
last-modified: Tue, 28 Jun 2022 06:29:41 GMT
server: Akamai Resource Optimizer
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-origin-cache: MISS
x-origin-upstream-status: 200
expires: Thu, 27 Oct 2022 10:07:09 GMT

GET
H2 200 render.js Show response
www.washingtonpost.com/pb/gr/p/ssi/rJ04Gw1q7DIIFp/ 11 KB
3 KB 30ms
28ms Script
application/javascript 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.washingtonpost.com/pb/gr/p/ssi/rJ04Gw1q7DIIFp/render.js?_=c12a0

Requested by

Host: www.washingtonpost.com
URL: https://www.washingtonpost.com/pb/resources/wp_import/wp_import-nd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

524c1f2d6f411cf4533e7c89658404c05f9a21670ded7b20123b6bebf16df737

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 2592000, 2592000, 2592000, 2592000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: W/"5c90b"
x-akamai-ro-tunnel-origin-edge-control: max-age=30d, downstream-ttl=30d
date: Tue, 27 Sep 2022 10:07:09 GMT
content-length: 2348
x-served-by: pb-resources
last-modified: Tue, 28 Jun 2022 03:36:49 GMT
server: Akamai Resource Optimizer
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-origin-cache: MISS
x-origin-upstream-status: 200
expires: Thu, 27 Oct 2022 10:07:09 GMT

GET
H2 200 instance.js Show response
www.washingtonpost.com/pb/gr/p/ssi/rJ04Gw1q7DIIFp/ 0
356 B 42ms
40ms Script
application/javascript 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.washingtonpost.com/pb/gr/p/ssi/rJ04Gw1q7DIIFp/instance.js?_=c12a0

Requested by

Host: www.washingtonpost.com
URL: https://www.washingtonpost.com/pb/resources/wp_import/wp_import-nd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 900, 900
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
access-control-allow-origin: *
etag: "d41d8"
x-served-by: pb-resources
content-type: application/javascript;charset=UTF-8
x-edgeconnect-cache-status: 1
cache-control: max-age=2592000
date: Tue, 27 Sep 2022 10:07:09 GMT
content-length: 0
x-origin-cache: MISS
x-origin-upstream-status: 200
expires: Thu, 27 Oct 2022 10:07:09 GMT

GET
H2 200 prod.js Show response
d2p9l91d5g68ru.cloudfront.net/LiveConfig/ 1 KB
1 KB 72ms
12ms Script
application/javascript 2600:9000:21f3:5600:1:90b1:7a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2p9l91d5g68ru.cloudfront.net/LiveConfig/prod.js?cb=powaCallbackLiveConfig
Requested by: Host: d1pz6dax0t5mop.cloudfront.net
URL: https://d1pz6dax0t5mop.cloudfront.net/prod/org/wapo.js?org=wapo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5600:1:90b1:7a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f39b58bfd74d9a1636f22c57f56b71b085b78c08af8d365d86e91bdd4aaed5c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:09 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 19:17:43 GMT
server: AmazonS3
age: 8
etag: W/"81627a7419a2eaa08e50ce053517d075"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Xwa0F0L3paAEa1FY16Ko8qqkkC0x_ZJuXnNoqQDxfGstK4k1Z4xVxg==

GET
H2 200 findByUuid Show response
video-api.washingtonpost.com/api/v1/ansvideos/ 9 KB
3 KB 207ms
144ms Fetch
application/json 2600:9000:20eb:6000:14:ad8b:440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video-api.washingtonpost.com/api/v1/ansvideos/findByUuid?uuid=e5b4df29-dc0c-4dae-a64b-e080537a8286&domain=sunship.dev
Requested by: Host: d1pz6dax0t5mop.cloudfront.net
URL: https://d1pz6dax0t5mop.cloudfront.net/prod/org/wapo.js?org=wapo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6000:14:ad8b:440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f717146619a127dcb735511a66e26dd2385ef2214345607496435abd19736c81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:09 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 19:49:48 GMT
server: nginx
x-amz-cf-pop: FRA2-C1
etag: W/"0ef9b483796d93c67f345751c12eebf4e"
vary: Accept-Encoding
pb-canonical-redirect: https://www.washingtonpost.com/video/
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: W16cQF8mrvzz3hEZwVlQ6p8hC42X_zRvLNJ9YXqXjpF7TmltgIhk_A==
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)

GET subscription-acquisition
www.washingtonpost.com/pb/api/v2/render/feature/page/ 0
0

GET
H2 200 vid_exclusions.min.js Show response
www.washingtonpost.com/wp-stat/advertising/pseudo-static/vidExclusions/ 11 KB
3 KB 24ms
23ms Script
text/javascript 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.washingtonpost.com/wp-stat/advertising/pseudo-static/vidExclusions/vid_exclusions.min.js

Requested by

Host: d1pz6dax0t5mop.cloudfront.net
URL: https://d1pz6dax0t5mop.cloudfront.net/prod/org/wapo.js?org=wapo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

696f173234c5871df0fcf099d407b83f68e8df4643fed176b4bf60b1584dae40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 900
x-edgeconnect-origin-mex-latency: 33
x-amz-version-id: BJQiW547pCoecgT8rTE6mNL0Lv.6xNoo
content-encoding: gzip
etag: "e10f996b5b9e4c2a870001929de3322d"
x-amz-cf-pop: DFW53-C1
x-edgeconnect-midmile-rtt: 0
date: Tue, 27 Sep 2022 10:07:09 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2662
last-modified: Thu, 31 Mar 2022 21:08:44 GMT
server: AmazonS3
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
accept-ranges: bytes
x-amz-cf-id: NiKQhw8ShTkrcVh-JwAxWXH2HBaqUXImiZHZXbFkaHHhSxkeU7ii-w==
expires: Tue, 27 Sep 2022 10:12:09 GMT

GET
H2 200 VideoAnalytics.js Show response
www.washingtonpost.com/videoscripts/VideoAnalytics/prod/ 68 KB
20 KB 40ms
40ms Script
application/javascript 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.washingtonpost.com/videoscripts/VideoAnalytics/prod/VideoAnalytics.js

Requested by

Host: d1pz6dax0t5mop.cloudfront.net
URL: https://d1pz6dax0t5mop.cloudfront.net/prod/org/wapo.js?org=wapo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

23e53a079b8fb3470803734643a7c783df426da5019a4aec54fa38749ea1a256

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 300, 300, 300, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900, 900
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: gzip
etag: W/"83ec2d8162722802e1cc9236a5c67fc1"
x-amz-cf-pop: DFW55-C1
x-edgeconnect-cache-status: 1
date: Tue, 27 Sep 2022 10:07:09 GMT
content-length: 18937
last-modified: Mon, 08 Aug 2022 22:14:23 GMT
server: AmazonS3
device_detected_ismobilephone: 1
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: ygQSa28GDRa2EzYVv4JI8BgukzcctxGhBXNi6HxX1n_8Rwe8rUAztg==
expires: Tue, 27 Sep 2022 10:12:09 GMT

GET
H2 206 tiny.mp4
d1pz6dax0t5mop.cloudfront.net/asset/ 1 KB
2 KB 9ms
8ms Media
video/mp4 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pz6dax0t5mop.cloudfront.net/asset/tiny.mp4?org=wapo
Requested by: Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: https://marceli.safeway.sunship.dev/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 23 Sep 2022 20:38:45 GMT
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
last-modified: Tue, 08 Dec 2020 15:21:32 GMT
server: AmazonS3
age: 307705
etag: "ee4e90be549c5614ac6282a5b80a506b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-1492/1493
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
Content-Length: 1493
x-amz-cf-id: XuqnJbsNrzeX46pvhtqj48ICOBl2FrUht5R9Te1JOUJOA865zyHKHA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 104ms
25ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHNNX8B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 5977
date: Tue, 27 Sep 2022 08:27:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Tue, 27 Sep 2022 10:27:32 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 44ms
24ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-WRCN68Y2LD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHNNX8B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18bacb47d2a78aa41104d669d476d6af0cb9026b8b69005043d959eb8d291c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65614
x-xss-protection: 0
expires: Tue, 27 Sep 2022 10:07:09 GMT

GET
H2 206 file_1920x1080-5400-v4.mp4
d21rhj7n383afu.cloudfront.net/washpost-production/WP_BRANDSTUDIO/20220414/625864bed0bbdf45714d2a85/6283fc3500e1586bfbaf8c12/ 644 KB
0 578ms
536ms Media
video/mp4 18.66.97.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21rhj7n383afu.cloudfront.net/washpost-production/WP_BRANDSTUDIO/20220414/625864bed0bbdf45714d2a85/6283fc3500e1586bfbaf8c12/file_1920x1080-5400-v4.mp4
Requested by: Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-43.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://marceli.safeway.sunship.dev/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 27 Sep 2022 10:07:10 GMT
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
Content-Range: bytes 0-5501640/5501641
Content-Length: 5501641
last-modified: Tue, 17 May 2022 19:49:28 GMT
server: AmazonS3
etag: "19d4e5b969c8392c58594cee4162d942"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: 4eb5GUq2sktrO9Trz4Wfm-RghPVUzcYuQRgLvNf8sraSvUSrV487vQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
355 B 65ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WRCN68Y2LD&gtm=2oe9l0&_p=139675864&cid=195252966.1664273230&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664273229&sct=1&seg=0&dl=https%3A%2F%2Fmarceli.safeway.sunship.dev%2F&dt=%5B%5B%20wp%3Adata%20title.rendered%20%5D%5D&en=video_autoplay&_fv=1&_nsi=1&_ss=1&ep.av_name=Rolex%20Biome%20leaf%20background%20video&ep.av_producer=Danielle%20Saunders%20&ep.av_ad_meta=length%3A0%3B&ep.av_host=(not%20set)&ep.av_section=Climate%20%26%20Environment&ep.av_source=WP%20BRANDSTUDIO&ep.av_player=powa-loopingVideo&epn.av_length=15.239&ep.av_arc_id=e5b4df29-dc0c-4dae-a64b-e080537a8286&ep.av_type=sponsoredvideo&ep.av_contributors=(not%20set)&ep.av_tags=sponsored%3Bforce-hd&ep.av_publish_date=2022-04-14&ep.av_keywords=sponsored&ep.av_ad_attribute=adNotSupported&ep.av_player_type=posttv-embed-LoopingVideo&ep.av_test_group=(not%20set)&ep.av_exp=looping-embed&ep.category=video&ep.progress_threshold=(not%20set)
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-WRCN68Y2LD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 10:07:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marceli.safeway.sunship.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 100ms
50ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=139675864&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmarceli.safeway.sunship.dev%2F&dr=&ul=en-us&de=UTF-8&dt=%5B%5B%20wp%3Adata%20title.rendered%20%5D%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=video-autoplay&el=looping-embed&_u=YADAAEABAAAAAC~&jid=504330529&gjid=603625590&cid=195252966.1664273230&tid=UA-133956668-1&_gid=134948273.1664273230&_r=1&gtm=2wg9l0WHNNX8B&cd1=(not%20set)&cd2=(not%20set)&cd3=(not%20set)&cd4=(not%20set)&cd5=(not%20set)&cd6=(not%20set)&cd7=(not%20set)&cd8=(not%20set)&cd9=(not%20set)&cd10=(not%20set)&cd11=(not%20set)&cd12=(not%20set)&cd13=(NOT%20SET)&cd14=(not%20set)&cd15=(not%20set)&cd16=(not%20set)&cd17=(not%20set)&cd19=(not%20set)&cd20=&cd21=&cd22=(not%20set)&cd23=(not%20set)&cd24=(not%20set)&cd25=(not%20set)&cd26=(not%20set)&cd27=(not%20set)&cd28=(not%20set)&cd29=(not%20set)&cd37=(not%20set)&cd38=undefined&cd39=undefined&cd40=(not%20set)&cd41=(not%20set)&cd42=(not%20set)&cd43=(not%20set)&cd44=(not%20set)&cd45=(not%20set)&cd46=(not%20set)&cd47=(not%20set)&cd48=(not%20set)&cd49=(not%20set)&cd50=(not%20set)&cd51=website&cd52=(not%20set)&cd53=(not%20set)&cd54=(not%20set)&cd55=(not%20set)&cd56=(not%20set)&cd57=(not%20set)&cd58=&cd59=&cd60=(not%20set)&cd61=(not%20set)&cd62=(not%20set)&cd63=(not%20set)&cd64=video-autoplay&cd65=38&cd66=(not%20set)&cd68=(not%20set)&cd69=(not%20set)&cd70=(not%20set)&cd71=(not%20set)&cd72=(not%20set)&cd73=(not%20set)&cd74=(not%20set)&cd75=(not%20set)&cd76=(not%20set)&cd77=(not%20set)&cd78=(not%20set)&cd79=&cd80=Rolex%20Biome%20leaf%20background%20video&cd81=Danielle%20Saunders%20&cd82=length%3A0%3B&cd83=(not%20set)&cd84=Climate%20%26%20Environment&cd85=WP%20BRANDSTUDIO&cd86=powa-loopingVideo&cd87=15.239&cd88=e5b4df29-dc0c-4dae-a64b-e080537a8286&cd89=sponsoredvideo&cd90=(not%20set)&cd91=(not%20set)&cd92=(not%20set)&cd93=(not%20set)&cd94=sponsored%3Bforce-hd&cd95=image&cd96=(not%20set)&cd97=2022-04-14&cd98=sponsored&cd99=adNotSupported&cd100=(not%20set)&cd101=posttv-embed-LoopingVideo&cd103=(not%20set)&cd104=mty2ndi3mziyotuwoq&cd105=(not%20set)&cd106=(not%20set)&cd107=(not%20set)&cd108=(not%20set)&cd109=(not%20set)&cd110=(not%20set)&cd111=(not%20set)&cd112=(not%20set)&cd113=(not%20set)&cd115=(not%20set)&cd116=(not%20set)&cd117=(not%20set)&cd118=(not%20set)&cd119=(not%20set)&cd120=(not%20set)&cd121=(not%20set)&cd122=(not%20set)&cd123=(not%20set)&cd124=(not%20set)&cd125=(not%20set)&cd128=(not%20set)&cd138=(not%20set)&cd139=(not%20set)&cd140=GTM-WHNNX8B&cd141=(not%20set)&cd142=(not%20set)&cd143=(not%20set)&cd150=(not%20set)&cd152=event&cd154=(not%20set)&cd156=(not%20set)&cd183=(not%20set)&cd184=false&cd185=(not%20set)&cd186=(not%20set)&cd187=(not%20set)&z=1072174936

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://marceli.safeway.sunship.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 10:07:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marceli.safeway.sunship.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 54ms
19ms XHR
text/plain 2a00:1450:4025:402::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-133956668-1&cid=195252966.1664273230&jid=504330529&gjid=603625590&_gid=134948273.1664273230&_u=YADAAEAAAAAAAC~&z=23772793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://marceli.safeway.sunship.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Sep 2022 10:07:09 GMT
content-type: text/plain
access-control-allow-origin: https://marceli.safeway.sunship.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 139ms
59ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-133956668-1&cid=195252966.1664273230&jid=504330529&_u=YADAAEAAAAAAAC~&z=1957691563

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 10:07:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 69ms
34ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-133956668-1&cid=195252966.1664273230&jid=504330529&_u=YADAAEAAAAAAAC~&z=1957691563

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 10:07:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.png
www.washingtonpost.com/wp-stat/ 68 B
507 B 26ms
26ms Image
image/png 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.washingtonpost.com/wp-stat/ga.png

Requested by

Host: marceli.safeway.sunship.dev
URL: https://marceli.safeway.sunship.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 120, 120
x-amz-version-id: 9VXG.UxCHmFR9R1H13sE5qQbnPwSwCCu
last-modified: Thu, 20 Aug 2020 17:18:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "978c1bee49d7ad5fc1a4d81099b13e18"
content-type: image/png
cache-control: max-age=1
date: Tue, 27 Sep 2022 10:07:09 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=7, origin; dur=2
accept-ranges: bytes
content-length: 68
x-amz-cf-id: M1BtvRZjFIgeY1jLjxTc6d_7YOkeIGBxKUx_l7-Hs-lpEQftPIzVcQ==
expires: Tue, 27 Sep 2022 10:07:10 GMT

GET
H3

200

1154.jpg
i.picsum.photos/id/921/750/
Redirect Chain

https://picsum.photos/750/1154?grayscale.webp
https://i.picsum.photos/id/921/750/1154.jpg?hmac=yGZb6vlXdcmZdM821h-_2VeVZCOhncMwNMP0GghKYCI

97 KB
97 KB

834ms
834ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/921/750/1154.jpg?hmac=yGZb6vlXdcmZdM821h-_2VeVZCOhncMwNMP0GghKYCI

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a75ef823cc07748fb3d753db745985535b26ead9c3bcc9224c8946d55fae1d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
picsum-id: 921
content-disposition: inline; filename="921-750x1154.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 10:07:11 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2vCNkplPe4asvT84Qqa%2FEH4okg9a9XVosPMkuqDHXpE%2BTFBPityR1LTDB7k5wUsHNZ5oV632b6sE0tu%2ByXtJekR7DtZleobsNuxbVeEwh0bQByJjoZVcMQ7dDpkbERMBheD%2FOM960ZsE1TV3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e4ade445be1-FRA
access-control-expose-headers: Picsum-ID

Redirect headers

date: Tue, 27 Sep 2022 10:07:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/921/750/1154.jpg?hmac=yGZb6vlXdcmZdM821h-_2VeVZCOhncMwNMP0GghKYCI
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aipf33PWwPYH0d4mRPrslrf9iJm3Qy%2BwQ4vLFy%2FYP0H2D%2F9dyICpvPfodTUZgqzYeOmwfz4ssAwnpN6b9MNAOKB9tUOjdFLEjWWmK6ttDhKooxQPds7%2BDrc9qYEg4HULZmJu3S9lcVNMuig%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e49bbeb5be1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 cindy01.webp
marceli.safeway.sunship.dev/media/ 330 KB
330 KB 92ms
91ms Image
image/webp 195.78.66.235
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marceli.safeway.sunship.dev/media/cindy01.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.66.235 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s131.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 0fb8b245b4862095e3601d530e578829b8146378f280f5283b30e7f053b59db4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:10 GMT
last-modified: Tue, 27 Sep 2022 09:38:22 GMT
server: LiteSpeed
etag: "527b0-6332c48e-cab5808cafef48ee;;;"
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 337840
expires: Tue, 04 Oct 2022 10:07:10 GMT

GET
H3

200

900.jpg
i.picsum.photos/id/100/1920/
Redirect Chain

https://picsum.photos/id/100/1920/900?grayscale.webp
https://i.picsum.photos/id/100/1920/900.jpg?hmac=KhkJPcTzbMQLhOjNxdsyzHjC8JOpKkeKW5vGfHA4PNo

98 KB
98 KB

492ms
492ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/100/1920/900.jpg?hmac=KhkJPcTzbMQLhOjNxdsyzHjC8JOpKkeKW5vGfHA4PNo

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2905200a24f28b443d282f89e66cc94c0f6e561fbf2e8c49ae8d53fbf8fc3360

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
picsum-id: 100
content-disposition: inline; filename="100-1920x900.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 10:07:10 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQYOWsT9boE%2FVXRgIXzPP3Df3su85fXWbT9pZ51wuyHKcGB0NKmZxyatXntB30l73THUj7ailzn43tScWg9EDCg0teOcGWKB0gPhmorXDxX6MnVOIFyW8kfTPHtRnzrTl%2BkGqoelP4Eqo7p9aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e4abe035be1-FRA
access-control-expose-headers: Picsum-ID

Redirect headers

date: Tue, 27 Sep 2022 10:07:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/100/1920/900.jpg?hmac=KhkJPcTzbMQLhOjNxdsyzHjC8JOpKkeKW5vGfHA4PNo
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzVU%2BYDLxu%2FtKJ%2FAgiw3n1YOe32rq19Jd87EyFzs5P%2FxFnPX2EDqhpK%2BXdY7jcxDBbru4DqERHM6B315oSR0VaZFqpj3T9Qd1MkWGVLRv%2F4MyetIT30wCJ1tH4qzRA%2FH00oOBnrWV7sXpaY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e49bbf05be1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3

200

900.jpg
i.picsum.photos/id/1006/1920/
Redirect Chain

https://picsum.photos/id/1006/1920/900?grayscale.webp
https://i.picsum.photos/id/1006/1920/900.jpg?hmac=3xLg9owHlw3Ct25IVdyW40_9SK6eyOiUW_YndYsevi8

137 KB
138 KB

932ms
932ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/1006/1920/900.jpg?hmac=3xLg9owHlw3Ct25IVdyW40_9SK6eyOiUW_YndYsevi8

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ee39190f3e593e947f81621386bbe3167d5544d37d878c9e4e4468227ee93c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
picsum-id: 1006
content-disposition: inline; filename="1006-1920x900.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 10:07:11 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvzAI0cAbaxJSYiApJ7nJz8fGvj7VX55SXCc%2BWlOYrtPZ3lVKU3Dru4OIwBd2mU3fQQF8lEmrCpvkehfkDcDeVjTr3TWsHW7J7lJXFEh0%2BWIygBMyYW8eAYpm3BNk3kdBVcO5TPEbYm3L1jeIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e4ace345be1-FRA
access-control-expose-headers: Picsum-ID

Redirect headers

date: Tue, 27 Sep 2022 10:07:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/1006/1920/900.jpg?hmac=3xLg9owHlw3Ct25IVdyW40_9SK6eyOiUW_YndYsevi8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2B%2BTwFg3G6lymzA9ySZoPPJdmduDubpRBkq8G9H4aIQMOK3xoLfO35wIhf%2FjQBvRBB6h8y0pqkwINzJd5Anb4Hx5HqKtDDTCq0bW2KC8Dn5efkuWsM6MEsdy%2Fq6qxg78VkHxCPEjT1CAvbc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e49bbf35be1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3

200

900.jpg
i.picsum.photos/id/1002/1920/
Redirect Chain

https://picsum.photos/id/1002/1920/900?grayscale.webp
https://i.picsum.photos/id/1002/1920/900.jpg?hmac=xFY57Ib4J4QkORz_bN1V6ec17zIsvta6_aYaAh4EQRQ

229 KB
230 KB

38ms
38ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/1002/1920/900.jpg?hmac=xFY57Ib4J4QkORz_bN1V6ec17zIsvta6_aYaAh4EQRQ

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21a1fb770c1a5f8741f605412e33bf94965c4e1d435bf5e5c17b4e02e450eeb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-expose-headers: Picsum-ID
picsum-id: 1002
content-disposition: inline; filename="1002-1920x900.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 06:18:41 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySIMG8eAm%2F8fqhwwgw2zMnji9W3%2FlNJJzZ4lh3XZBZqC16qnHUY%2F46DqabWuC3WwdwKbHOiTt36LxbPrmpYNBnsGnch7Y%2BaGM%2B%2B8Wv516yWtR2VjFrj1vgFRG%2B9bBm2goJZN%2Ff7cJG1Ko8Bshw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e4abe045be1-FRA
cf-bgj: h2pri

Redirect headers

date: Tue, 27 Sep 2022 10:07:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/1002/1920/900.jpg?hmac=xFY57Ib4J4QkORz_bN1V6ec17zIsvta6_aYaAh4EQRQ
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FfKe86owqfrV%2ByB7gO%2FFDnubSmEdzIadKUhi%2FlG0JaVC74cIFWPcOlfYgxsiXrFACt76lvcMzQA2cPg%2FPLZg2E5gPjU6y4kuSHIG9ekFKBx6fcZt6KOpGcpPRp3UOEfc%2F2W1cQTPKiUE7Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e49bbf75be1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3

200

900.jpg
i.picsum.photos/id/1052/1920/
Redirect Chain

https://picsum.photos/id/1052/1920/900?grayscale.webp
https://i.picsum.photos/id/1052/1920/900.jpg?hmac=F2egtbg834YYxZCWqkov5xKiOS3N7aX51K2lpHxYgsY

112 KB
113 KB

1005ms
1005ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/1052/1920/900.jpg?hmac=F2egtbg834YYxZCWqkov5xKiOS3N7aX51K2lpHxYgsY

Protocol

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b5c49602bf6ed8cf34a074ba66097ae14a1786367fd295a441c73a7afa5367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:07:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
picsum-id: 1052
content-disposition: inline; filename="1052-1920x900.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 10:07:11 GMT
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Po7G6qO6AgeEiv2Iq0I8qV68oie3MnirifVqK5QjEb4c%2BuwE2tss8mnwPgqNxcODaGpWHKCRy4rpK9pHxzL2HzRGCHyLl3g2pCvQkMolMh1BTEkzO0kw%2F3hQhCmVW2J3z7kK74iWYiI1YndPKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 75136e4aee525be1-FRA
access-control-expose-headers: Picsum-ID

Redirect headers

date: Tue, 27 Sep 2022 10:07:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://i.picsum.photos/id/1052/1920/900.jpg?hmac=F2egtbg834YYxZCWqkov5xKiOS3N7aX51K2lpHxYgsY
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAZExxn2clmVaXAs4M3N31G8NshvKzdiTfy2pyriqK8ihmGQfbSVdpGRUze8MQ21DHVTbCTm2QnO2KzDuLU0yLPeUOyfnuTJ9Pi87fKnrizy7XaA8PPalJZe9nNCt5klT4m9zW%2F9%2B7urUpI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15552000
cf-ray: 75136e49bbfb5be1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 51ms
51ms Ping
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://marceli.safeway.sunship.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 10:07:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://marceli.safeway.sunship.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.png
www.washingtonpost.com/wp-stat/ 68 B
507 B 25ms
25ms Image
image/png 104.111.250.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.washingtonpost.com/wp-stat/ga.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.250.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-250-82.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marceli.safeway.sunship.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 120, 120
x-amz-version-id: 9VXG.UxCHmFR9R1H13sE5qQbnPwSwCCu
last-modified: Thu, 20 Aug 2020 17:18:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "978c1bee49d7ad5fc1a4d81099b13e18"
content-type: image/png
cache-control: max-age=1
date: Tue, 27 Sep 2022 10:07:10 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=5, origin; dur=2
accept-ranges: bytes
content-length: 68
x-amz-cf-id: M1BtvRZjFIgeY1jLjxTc6d_7YOkeIGBxKUx_l7-Hs-lpEQftPIzVcQ==
expires: Tue, 27 Sep 2022 10:07:11 GMT

GET
H2 206 file_1920x1080-5400-v4.mp4
d21rhj7n383afu.cloudfront.net/washpost-production/WP_BRANDSTUDIO/20220414/625864bed0bbdf45714d2a85/6283fc3500e1586bfbaf8c12/ 413 KB
0 20ms
19ms Media
video/mp4 18.66.97.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21rhj7n383afu.cloudfront.net/washpost-production/WP_BRANDSTUDIO/20220414/625864bed0bbdf45714d2a85/6283fc3500e1586bfbaf8c12/file_1920x1080-5400-v4.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-43.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://marceli.safeway.sunship.dev/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=655360-

Response headers

date: Tue, 27 Sep 2022 10:07:11 GMT
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers
age: 1
x-cache: Hit from cloudfront
Content-Range: bytes 655360-5501640/5501641
Content-Length: 4846281
last-modified: Tue, 17 May 2022 19:49:28 GMT
server: AmazonS3
etag: "19d4e5b969c8392c58594cee4162d942"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: jtO1rzlsvw3aPNjMq2jqiw7Byp_BU8lk6VHgfVoAwlvQtnteg3rRNg==

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 46ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WRCN68Y2LD&gtm=2oe9l0&_p=139675864&cid=195252966.1664273230&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&sid=1664273229&sct=1&seg=0&dl=https%3A%2F%2Fmarceli.safeway.sunship.dev%2F&dt=%5B%5B%20wp%3Adata%20title.rendered%20%5D%5D&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-WRCN68Y2LD&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://marceli.safeway.sunship.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 10:07:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marceli.safeway.sunship.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.washingtonpost.com
URL: https://www.washingtonpost.com/pb/api/v2/render/feature/page/subscription-acquisition?outputType=embedded&async=true&customFields=%7B%22displayTemplate%22%3A%22hd%22%2C%22buttonList%22%3A%22.subscribe.button%22%7D

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.washingtonpost.com/	1970-01-20 06:17:56	Name: wp_geo Value: DE\|HE\|\|\|EEA
.sunship.dev/	1970-01-20 15:53:53	Name: _ga Value: GA1.1.195252966.1664273230
.sunship.dev/	1970-01-20 06:19:19	Name: _gid Value: GA1.2.134948273.1664273230
.sunship.dev/	1970-01-20 06:17:53	Name: _gat_UA-133956668-1 Value: 1
.sunship.dev/	1970-01-20 15:53:53	Name: _ga_WRCN68Y2LD Value: GS1.1.1664273229.1.0.1664273230.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://marceli.safeway.sunship.dev/ Message: Access to XMLHttpRequest at 'https://www.washingtonpost.com/pb/api/v2/render/feature/page/subscription-acquisition?outputType=embedded&async=true&customFields=%7B%22displayTemplate%22%3A%22hd%22%2C%22buttonList%22%3A%22.subscribe.button%22%7D' from origin 'https://marceli.safeway.sunship.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.washingtonpost.com/pb/api/v2/render/feature/page/subscription-acquisition?outputType=embedded&async=true&customFields=%7B%22displayTemplate%22%3A%22hd%22%2C%22buttonList%22%3A%22.subscribe.button%22%7D Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
d1pz6dax0t5mop.cloudfront.net
d21rhj7n383afu.cloudfront.net
d2p9l91d5g68ru.cloudfront.net
i.picsum.photos
marceli.safeway.sunship.dev
maxcdn.bootstrapcdn.com
picsum.photos
region1.google-analytics.com
stats.g.doubleclick.net
unpkg.com
video-api.washingtonpost.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.washingtonpost.com
www.washingtonpost.com
104.111.250.82
13.225.78.71
18.66.97.43
195.78.66.235
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2a
2600:9000:20eb:6000:14:ad8b:440:93a1
2600:9000:21f3:5600:1:90b1:7a80:21
2606:4700:20::681a:51e
2606:4700::6810:7caf
2606:4700::6812:bcf
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::200e
2a00:1450:4025:402::9d
0928044219c15858ed1be69039e1f4fa1181df2a865e854b3a7da5a5fc6e3fed
0a75ef823cc07748fb3d753db745985535b26ead9c3bcc9224c8946d55fae1d9
0fb8b245b4862095e3601d530e578829b8146378f280f5283b30e7f053b59db4
18bacb47d2a78aa41104d669d476d6af0cb9026b8b69005043d959eb8d291c18
21790aa9cc61c7d613053e15f44b536a0fea2d491c051a58d093d22992cd3dee
21a1fb770c1a5f8741f605412e33bf94965c4e1d435bf5e5c17b4e02e450eeb1
23e53a079b8fb3470803734643a7c783df426da5019a4aec54fa38749ea1a256
263e7ec35f0d1137704fbda1b0daf5514c76094f45d67a7e67031694c779a44d
2905200a24f28b443d282f89e66cc94c0f6e561fbf2e8c49ae8d53fbf8fc3360
374dc0a10265318c45b0ef32223103627e60468b9909a80920d336bf4accc90c
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
44b5c49602bf6ed8cf34a074ba66097ae14a1786367fd295a441c73a7afa5367
524c1f2d6f411cf4533e7c89658404c05f9a21670ded7b20123b6bebf16df737
5ee39190f3e593e947f81621386bbe3167d5544d37d878c9e4e4468227ee93c1
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6906050e35971264e910e12736133e0a54cdfd792f957cbd00b39ba22f2c4fca
696f173234c5871df0fcf099d407b83f68e8df4643fed176b4bf60b1584dae40
6b95a41e9c98adce9d8a75e19f727aa556bcf32540008614c5ee8ca1a3008cd2
6c0a25e56d577437a049dc04a90b9dce34b75bfe3807463bed54ecf6d9e1f5c3
79d0c17b302f3427ed454df7152cd7c28477212f9152a9dcf4faa012ce70ec9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a81b982d9bb2fa230513f88ee5ff0682cd6105f91e0cac07b5582e321b3cf1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
98c9f405c1612f8256fb9c664613f239674fc5bdb7af96906e3c779ed2630a97
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9f08b1e37f4c4aa6895de20e0383aa86039ae2327279254da9a136118d19a95e
adfee7356f1e76d771022f1513d408d4dc3cc6a826677c8a62eaeeb77d2431f8
b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f
b963023efb31fe2c85f778a21c811c5c3871f20a5fc63712befbd6f25c454cd4
bb1812ee079a962d758165d818e868e82879ab3ac3c8bc344cd53a6dcbfd039d
c062e137034c451233e49939b2f6d6681a2608f4d9ce9db74721cd897cdc5da2
c4b895bda66835c576fa6adf1a0a9fd35fb71b891e9b455da3ad8e69a904dbc7
ca8a449dd0bcd9c17177e33b1c1568f01f3dbde6fc594efd5a74dca8bb2a8d39
cd5a41d6bb33e83882808a22298804923f531cce0087a2fdcacf77a97b4808ff
d48b7ba8f107de7ec0bb0374abd06f715d0337e24f7ee8f38a4b6f92fe1d863f
d49808067569536ce8755e36ce7770dcea96f37c04e04287707091425b3caa84
d84e20753de3aad6a7dd002777c11a5473835c2cfd1e3d0d18f1addbc0082c36
dc6c596208c632af4f42e89d03d9391f99d09eae9ba260a896f2b81d815169e1
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8387ae311dcd3a1b7ed5b17409d2a65b621d693105e0450fb3febb3fbea7ae3
edfa3fe891598fedc12fd94f2c4655cc84b1c95edf853ef35d2eb98c45e9d4e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff3f7cbc95fa788a2f0e697cfed2b1909a12ee1f40b62373df9aaf770f44131
f39b58bfd74d9a1636f22c57f56b71b085b78c08af8d365d86e91bdd4aaed5c7
f49f90253fa07827c2ad5db55f0168998ecc68090e298f7427186c2877fe977f
f717146619a127dcb735511a66e26dd2385ef2214345607496435abd19736c81
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

marceli.safeway.sunship.dev Open in urlscan Pro 195.78.66.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

71 %HTTPS

75 %IPv6

12 Domains

17 Subdomains

17 IPs

5 Countries

2497 kBTransfer

5610 kBSize

5 Cookies

38 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

marceli.safeway.sunship.dev Open in urlscan Pro
195.78.66.235 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

71 %
HTTPS

75 %
IPv6

12
Domains

17
Subdomains

17
IPs

5
Countries

2497 kB
Transfer

5610 kB
Size

5
Cookies

49 HTTP transactions
9 data transactions