Submitted URL: http://probable-zipper.sa.com/
Effective URL: https://probable-zipper.sa.com/
Submission Tags: @phish_report
Submission: On January 09 via api from FI — Scanned from AU

Summary

This website contacted 31 IPs in 5 countries across 26 domains to perform 96 HTTP transactions. The main IP is 172.67.180.177, located in United States and belongs to CLOUDFLARENET, US. The main domain is probable-zipper.sa.com.
TLS certificate: Issued by GTS CA 1P5 on November 29th 2023. Valid for: 3 months.
This is the only time probable-zipper.sa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.18.60 13335 (CLOUDFLAR...)
8 172.67.180.177 13335 (CLOUDFLAR...)
1 195.186.209.232 3303 (SWISSCOM ...)
10 18.67.111.38 16509 (AMAZON-02)
2 13.227.74.114 16509 (AMAZON-02)
14 151.101.30.208 54113 (FASTLY)
12 104.18.130.236 13335 (CLOUDFLAR...)
4 23.198.63.128 16625 (AKAMAI-AS)
2 3 18.67.93.14 16509 (AMAZON-02)
1 13.35.147.68 16509 (AMAZON-02)
1 52.223.29.147 16509 (AMAZON-02)
2 104.18.12.192 13335 (CLOUDFLAR...)
1 18.67.107.130 16509 (AMAZON-02)
1 65.8.161.92 16509 (AMAZON-02)
1 104.18.32.137 13335 (CLOUDFLAR...)
1 34.205.113.238 14618 (AMAZON-AES)
2 18.67.111.88 16509 (AMAZON-02)
2 104.26.12.18 13335 (CLOUDFLAR...)
1 2 13.227.74.12 16509 (AMAZON-02)
5 18.67.111.111 16509 (AMAZON-02)
1 7 3.33.138.253 16509 (AMAZON-02)
2 99.83.230.239 16509 (AMAZON-02)
2 142.250.66.194 15169 (GOOGLE)
1 151.101.65.229 54113 (FASTLY)
1 13.35.147.108 16509 (AMAZON-02)
3 104.18.43.90 13335 (CLOUDFLAR...)
2 172.67.68.225 13335 (CLOUDFLAR...)
1 18.67.111.82 16509 (AMAZON-02)
4 88.198.62.154 24940 (HETZNER-AS)
1 13.224.181.84 16509 (AMAZON-02)
1 104.18.13.192 13335 (CLOUDFLAR...)
96 31
Apex Domain
Subdomains
Transfer
14 imgix.net
production-livingdocs-bluewin-ch.imgix.net — Cisco Umbrella Rank: 800489
221 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 625
246 KB
10 onet.pl
lib.onet.pl — Cisco Umbrella Rank: 43134
sgqcvfjvr.onet.pl — Cisco Umbrella Rank: 47271
csr.onet.pl — Cisco Umbrella Rank: 39602 Failed
cdp.ems.onet.pl — Cisco Umbrella Rank: 56642
147 KB
10 bluewin.ch
cdn.bluewin.ch — Cisco Umbrella Rank: 891150
486 KB
9 sa.com
probable-zipper.sa.com
79 KB
7 ocdn.eu
events.ocdn.eu — Cisco Umbrella Rank: 35578
2 KB
6 push.delivery
cdn-swisscom.push.delivery
swisscom.push.delivery
170 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 572
119 KB
3 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2295
123 KB
3 skyjs.org
cdn.skyjs.org — Cisco Umbrella Rank: 782791
qcdn.skyjs.org
94 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
4 KB
2 adnz.co
cdn.adnz.co — Cisco Umbrella Rank: 103655
api.adnz.co — Cisco Umbrella Rank: 67625
11 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
166 KB
2 cwi.re
cdn.cwi.re — Cisco Umbrella Rank: 259112
3 KB
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3842
18 KB
1 ethinking.de
push.delivery.ethinking.de
22 KB
1 codevelop.network
cdn.codevelop.network — Cisco Umbrella Rank: 300583
105 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
1 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1643
201 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 950
315 B
1 yieldlove.com
cdn-a.yieldlove.com — Cisco Umbrella Rank: 23361
134 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2311
15 KB
1 mpod.ch
end.mpod.ch — Cisco Umbrella Rank: 127247
304 B
1 ringier-advertising.ch
cdn.ringier-advertising.ch — Cisco Umbrella Rank: 166779
120 KB
1 scsstatic.ch
rcp.scsstatic.ch — Cisco Umbrella Rank: 607257
4 KB
0 geojs.io Failed
get.geojs.io Failed
96 26
Domain Requested by
14 production-livingdocs-bluewin-ch.imgix.net probable-zipper.sa.com
12 cdn.cookielaw.org rcp.scsstatic.ch
cdn.cookielaw.org
probable-zipper.sa.com
10 cdn.bluewin.ch probable-zipper.sa.com
cdn.bluewin.ch
9 probable-zipper.sa.com 1 redirects probable-zipper.sa.com
7 events.ocdn.eu 1 redirects probable-zipper.sa.com
sgqcvfjvr.onet.pl
5 sgqcvfjvr.onet.pl lib.onet.pl
4 swisscom.push.delivery cdn-swisscom.push.delivery
4 assets.adobedtm.com rcp.scsstatic.ch
assets.adobedtm.com
3 cdn.confiant-integrations.net cdn.ringier-advertising.ch
cdn-a.yieldlove.com
cdn.confiant-integrations.net
3 sb.scorecardresearch.com 2 redirects probable-zipper.sa.com
2 securepubads.g.doubleclick.net cdn.ringier-advertising.ch
securepubads.g.doubleclick.net
2 cdp.ems.onet.pl sgqcvfjvr.onet.pl
2 cdn.cwi.re 1 redirects probable-zipper.sa.com
2 cdn.brandmetrics.com cdn.ringier-advertising.ch
cdn.brandmetrics.com
2 lib.onet.pl cdn.ringier-advertising.ch
lib.onet.pl
2 cdn.skyjs.org cdn.bluewin.ch
cdn.skyjs.org
2 cdn-swisscom.push.delivery probable-zipper.sa.com
1 api.adnz.co cdn.adnz.co
1 qcdn.skyjs.org cdn.skyjs.org
1 push.delivery.ethinking.de
1 cdn.codevelop.network cdn.ringier-advertising.ch
1 cdn.adnz.co cdn.ringier-advertising.ch
1 cdn.jsdelivr.net cdn-a.yieldlove.com
1 csr.onet.pl sgqcvfjvr.onet.pl
1 ping.chartbeat.net probable-zipper.sa.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 cdn-a.yieldlove.com cdn.ringier-advertising.ch
1 static.chartbeat.com probable-zipper.sa.com
1 end.mpod.ch probable-zipper.sa.com
1 cdn.ringier-advertising.ch probable-zipper.sa.com
1 rcp.scsstatic.ch probable-zipper.sa.com
0 get.geojs.io Failed cdn.ringier-advertising.ch
96 32
Subject Issuer Validity Valid
probable-zipper.sa.com
GTS CA 1P5
2023-11-29 -
2024-02-27
3 months crt.sh
rcp.production.scsstatic.ch
SwissSign RSA TLS OV ICA 2021 - 1
2023-08-03 -
2024-08-03
a year crt.sh
cdn.bluewin.ch
Amazon RSA 2048 M02
2023-06-19 -
2024-07-17
a year crt.sh
*.push.delivery
Amazon RSA 2048 M02
2023-10-19 -
2024-11-15
a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-12-07 -
2025-01-07
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-11 -
2024-08-10
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
cdn.ringier-advertising.ch
Amazon RSA 2048 M03
2023-11-27 -
2024-12-25
a year crt.sh
skyjs.org
E1
2023-12-16 -
2024-03-15
3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2023-05-16 -
2024-06-06
a year crt.sh
cdn-a.yieldlove.com
Amazon RSA 2048 M02
2023-09-12 -
2024-10-09
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1
2023-11-20 -
2024-12-20
a year crt.sh
*.onet.pl
GeoTrust TLS ECC CA G1
2023-07-11 -
2024-05-14
10 months crt.sh
brandmetrics.com
GTS CA 1P5
2024-01-02 -
2024-04-01
3 months crt.sh
*.ems.onet.pl
R3
2023-12-21 -
2024-03-20
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
confiant-integrations.net
GTS CA 1P5
2023-11-19 -
2024-02-17
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-04 -
2024-05-03
a year crt.sh
cdn.codevelop.network
Amazon RSA 2048 M01
2023-08-14 -
2024-09-11
a year crt.sh
*.ocdn.eu
GeoTrust TLS RSA CA G1
2023-12-21 -
2024-12-20
a year crt.sh
push.delivery.ethinking.de
Amazon RSA 2048 M02
2023-03-30 -
2024-04-27
a year crt.sh

This page contains 1 frames:

Primary Page: https://probable-zipper.sa.com/
Frame ID: BFA232CE8C53A2D3FC1637F47C2BEEFB
Requests: 94 HTTP requests in this frame

Screenshot

Page Title

Ecco chi prenderà il posto che è stato per oltre un decennio di Barbara D’Urso | blue NewsBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://probable-zipper.sa.com/ HTTP 301
    https://probable-zipper.sa.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

96
Requests

95 %
HTTPS

0 %
IPv6

26
Domains

32
Subdomains

31
IPs

5
Countries

2290 kB
Transfer

6485 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://probable-zipper.sa.com/ HTTP 301
    https://probable-zipper.sa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://sb.scorecardresearch.com/b?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704797462531&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.193.9&cs_fpid=1704797462466_41445020&mp_login=3&mp_tax=432&mp_format=1026&c7=https%3A%2F%2Fprobable-zipper.sa.com%2F&c8=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso%20%7C%20blue%20News&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704797462531&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.193.9&cs_fpid=1704797462466_41445020&mp_login=3&mp_tax=432&mp_format=1026&c7=https%3A%2F%2Fprobable-zipper.sa.com%2F&c8=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso%20%7C%20blue%20News&c9= HTTP 302
  • https://end.mpod.ch/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704797462531&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.193.9&cs_fpid=1704797462466_41445020&mp_login=3&mp_tax=432&mp_format=1026&c7=https%3A%2F%2Fprobable-zipper.sa.com%2F&c8=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso%20%7C%20blue%20News&c9=&cs_rdr_ts=1704797462&cs_rdr_uid=15946188e31382baf82b6771704797462
Request Chain 43
  • https://cdn.cwi.re/publishers/bluewin.ch-IT/cwire.min.js HTTP 301
  • https://cdn.cwi.re/artifacts/creatives/creatives-loader/creatives-loader-compat.js
Request Chain 50
  • https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ts=1704797463759 HTTP 302
  • https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ts=1704797463759&_ca=1&uuid=202401091151041784108312

96 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
probable-zipper.sa.com/
Redirect Chain
  • http://probable-zipper.sa.com/
  • https://probable-zipper.sa.com/
88 KB
19 KB
Document
General
Full URL
https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b457485bca64def0f66f2bb621ada5e17a82997b661207f05eecdd3ba0559f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
842c1f655ae3a93e-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 10:51:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuBCKWOVmSL%2FV6ABecojgY2zlbvpL5tE1%2FAAe5C19gNfrpRy7SneY4qxFW3VpiHAUBGeeauBfbEkfM%2F1MNKqfsVco%2F8w0KEzFdfiI38GNfGrMwlyjkXIhoYU4227jGbe1Zv8ks6aEgiU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
842c1f61cea0a94a-SYD
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 10:51:01 GMT
Location
https://probable-zipper.sa.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XW%2FL8Ial4Nr13ITirSCdh0%2Bah4O6FSUcbdTCQGRnDSOd%2B7jDuaqGWOYHDv0KK2xYES3tM6PnCyFStUVcMxmN1TX8gtClDkmr1t33xrAfkC9IV%2F4FffDAG%2FFIna8Rc%2FvJf8Iq2QXUcfjd"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
alt-svc
h3=":443"; ma=86400
datalayer-sync-min.js
rcp.scsstatic.ch/content/dam/swisscomsite/static1httl/cdn/
7 KB
4 KB
Script
General
Full URL
https://rcp.scsstatic.ch/content/dam/swisscomsite/static1httl/cdn/datalayer-sync-min.js
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.186.209.232 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
9c2bdbff042e3c61e76290aa2e8b3e1730ce5dbe7143e24e7f26f124a6ba5901
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 10:51:02 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
age
0
grace
X-Cache-Status
uncacheable
X-Cache
HIT - 18601
Connection
keep-alive
Content-Length
3613
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=7,8,9,EDGE
Referrer-Policy
origin
Last-Modified
Tue, 09 Jan 2024 10:08:13 GMT
X-TTL
3600.000
Vary
Accept-Encoding
Access-Control-Allow-Methods
OPTIONS, POST
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=3600
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Robots-Tag
noindex
X-Cache-Hits
18601
styles.css
cdn.bluewin.ch/6.1.7/
391 KB
55 KB
Stylesheet
General
Full URL
https://cdn.bluewin.ch/6.1.7/styles.css
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99eefcb1c7a04d9c87d638bd2455b8bda0be845b69cd2515585bd89ae5d15700

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 21:41:52 GMT
content-encoding
gzip
via
1.1 5e473a5e64c6a2f7bc916721cc188252.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 08:41:20 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
47351
x-amz-server-side-encryption
AES256
etag
W/"08a3887a17ee8d4b33b5bdd7ace58428"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
Ej2aTFa_J1FKiB1Ji1Y8ZGBzaS1zipXkhJQo__DRtuboOOxFzoWtqw==
init_advertising.0333f5d9e6e3704ac591.js
probable-zipper.sa.com/assets/dist/
42 KB
18 KB
Script
General
Full URL
https://probable-zipper.sa.com/assets/dist/init_advertising.0333f5d9e6e3704ac591.js
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b8380e40488d1ae6b638910b3fe7265594d958ad860b79a4749577c53134fe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://probable-zipper.sa.com/
Origin
https://probable-zipper.sa.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 09 Jan 2024 10:50:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AAV7VQdiTPunSwoSCExRKjgfaShS%2BGPW5GCNoEs3YEFl7bFfVC0cIr6IQQCd0orMyYFXN72VdoeQtS3ZEYgafde0DlxUrAUN5G1njUWSndnWbEdla5WEFrocKYSF%2F%2FLf%2BHZ1bEY3cSv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
842c1f69af72a93e-SYD
webpush-production.js
cdn-swisscom.push.delivery/bluewin/3.1.2/
137 KB
137 KB
Script
General
Full URL
https://cdn-swisscom.push.delivery/bluewin/3.1.2/webpush-production.js?v=5.193.9
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-114.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3451828e75cf4087bc16a1b4185714833a6d85fe359b8c642c47b377c88b20d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
iwn.a85uVQzKY9gBxWUsfKP4bgJTNtPF
date
Sun, 07 Jan 2024 23:27:51 GMT
via
1.1 f94de31c777bc3bf7b8976bac21b4482.cloudfront.net (CloudFront)
last-modified
Mon, 13 Sep 2021 04:09:53 GMT
server
AmazonS3
x-amz-cf-pop
SFO20-C1
age
127392
etag
"2824d4d8f69acc93fd2047947cbbb960"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=172800
accept-ranges
bytes
content-length
140017
x-amz-cf-id
EG6SddMNKYF_iocH7UxuFBiWsz6lbl1k-Zvqk2bToUZw7WiNh5kqrg==
safaripush.js
probable-zipper.sa.com/safaripush/
32 KB
10 KB
Script
General
Full URL
https://probable-zipper.sa.com/safaripush/safaripush.js
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1d12de4da3f2ce9fda12c2ecc15797a0e2c793d8cee52702c47c612b0d54bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 09 Jan 2024 10:50:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P224NwA2b2AfZGwvxDGTqXhKS5FDkMjQWG5J1gCpzIvZiUYI%2F1iz36PLNS3Y051RPTB6eGu49Hf53bjivoqXfCFps8km%2BCx6Lyto%2Bwbqae8oNXVCtR0b9gi%2FhAICdEVr3Z%2FHnB8SzFN%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
842c1f6c5a99a93e-SYD
c99d5c62-f4ac-49d1-9ea6-06df02ba028c.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/
6 KB
6 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/c99d5c62-f4ac-49d1-9ea6-06df02ba028c.png?w=994&auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
5fc34aea4402cdd1a7a0c4db8c058f753b9651cd29bdf3541db4bcd515f764f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:01 GMT
x-content-type-options
nosniff
age
2878162
x-cache
HIT, HIT
x-imgix-id
5aa88d9d32116bc33800104c5df3bc3be9595305
cross-origin-resource-policy
cross-origin
content-length
6092
x-served-by
cache-sjc10064-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Thu, 07 Dec 2023 03:21:40 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
4c624246-9e3f-46d5-8e2b-714f570430c6.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/
8 KB
8 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/4c624246-9e3f-46d5-8e2b-714f570430c6.png?w=994&auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
6b015dfc27a823d4b0eb9d73499fa3a76e6a5bf0da5fd6b1476e71e2934197d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:02 GMT
x-content-type-options
nosniff
age
986935
x-cache
HIT, HIT
x-imgix-id
24ae6f3670d08e18390e5e18b3b52df87303cefc
cross-origin-resource-policy
cross-origin
content-length
8232
x-served-by
cache-sjc10037-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Fri, 29 Dec 2023 00:42:06 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
92c7237a-10c0-4ad6-840f-ca1263fd6b8f.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/
23 KB
23 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/92c7237a-10c0-4ad6-840f-ca1263fd6b8f.png?w=994&auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
883d31370eea7b9848e1bdb8331d2fc00354545ab7173d093387619f87a467ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:02 GMT
x-content-type-options
nosniff
age
1073559
x-cache
HIT, HIT
x-imgix-id
e9a77d9f5fd75ba865aae21ec62fde6fcd54eb33
cross-origin-resource-policy
cross-origin
content-length
23076
x-served-by
cache-sjc10051-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Thu, 28 Dec 2023 00:38:22 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
185ff123-9d0c-4cc9-bc87-000464f8d38b.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/
9 KB
9 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/185ff123-9d0c-4cc9-bc87-000464f8d38b.png?w=994&auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
6351200898e8b79dab49d74ccb927791de5c727d886cadc0304255ec669803c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:02 GMT
x-content-type-options
nosniff
age
1836532
x-cache
HIT, HIT
x-imgix-id
20ef99f11213c3a4e0fa1728880fc325996e2906
cross-origin-resource-policy
cross-origin
content-length
9385
x-served-by
cache-sjc1000121-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Tue, 19 Dec 2023 04:42:10 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
dff60eca-f62c-4778-8302-2c4670073f0a.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/
14 KB
14 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/dff60eca-f62c-4778-8302-2c4670073f0a.png?w=994&auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
d45c4de013bb60a63e1f5b97e5071063fbfe4e37638d953e33b4df57ffda1242
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:02 GMT
x-content-type-options
nosniff
age
526864
x-cache
HIT, HIT
x-imgix-id
166dac206fd38e8b7fdc424b977d782dc6f366eb
cross-origin-resource-policy
cross-origin
content-length
14111
x-served-by
cache-sjc1000136-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Wed, 03 Jan 2024 08:29:57 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
5882c254-82e6-4b96-b1f7-9a69199bf83c.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/
17 KB
17 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/5882c254-82e6-4b96-b1f7-9a69199bf83c.png?w=994&auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
3ba42fda49d776824fe03332e4edc3e2ddc35afedb497896c5e4e5a68e8d42a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:02 GMT
x-content-type-options
nosniff
age
1511946
x-cache
HIT, HIT
x-imgix-id
e37bf71768a75c3699ea87e33c24813552dfee54
cross-origin-resource-policy
cross-origin
content-length
17652
x-served-by
cache-sjc10026-SJC, cache-syd10150-SYD
x-imgix-render-farm
02.139816
last-modified
Fri, 22 Dec 2023 22:51:56 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
email-decode.min.js
probable-zipper.sa.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://probable-zipper.sa.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5e9qIfseAOMRlRx%2BC7yVYQQ3v82Fwi6hnyY1%2FKn%2F3m2zwwDpiZz4DEX%2B%2BDv4BEIHnBSpLN%2B7VPshuodKrvyjlIwZqPeFQ1SN55amJu2Ff0PCIvhVjAgHQhgp6%2BRMl6VxX5BO%2BxrImZmJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
842c1f699f69a93e-SYD
expires
Thu, 11 Jan 2024 10:51:02 GMT
scripts.js
cdn.bluewin.ch/6.1.7/
642 KB
152 KB
Script
General
Full URL
https://cdn.bluewin.ch/6.1.7/scripts.js
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac19153f171aba47b1ca406b861ef01f69c3046a3164c094d938a02027433e1e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:34:59 GMT
content-encoding
br
via
1.1 5e473a5e64c6a2f7bc916721cc188252.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 08:41:19 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
62164
etag
W/"e3a7bd241be9e5e21b44dd70410117cc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
5I3BUuIdOGbD05wg5UclG9I3U5Gqt0lw9OsLbVdje_N3j2Hvs8jy8Q==
delivery.0d52ba0956378443c009.js
probable-zipper.sa.com/assets/dist/
72 KB
27 KB
Script
General
Full URL
https://probable-zipper.sa.com/assets/dist/delivery.0d52ba0956378443c009.js
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e35bc435fc8eca0b4dcb5a268e3773cfaa62ec5aaa9a85bce13e3d698c7f627b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://probable-zipper.sa.com/
Origin
https://probable-zipper.sa.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 09 Jan 2024 10:50:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrPbS%2BDBwc4J8pFxUrc2gLvY%2FbjtliEf6QB9L41%2F1shPHrwWv3QCBdhL4PkILgHHD2QE2cAFuK4IJcwtrEYfv6xGt6XUGH2zlkbGRw234r0YTdMFfDk0BCje7kaZW0s4dZzjjBCngdGU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
842c1f6c7aa9a93e-SYD
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: rcp.scsstatic.ch
URL: https://rcp.scsstatic.ch/content/dam/swisscomsite/static1httl/cdn/datalayer-sync-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FWT01iLvZ++xUAz3aesSug==
age
65712
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:06:28 GMT
server
cloudflare
etag
0x8DC0D69051ECA4A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cdf020d4-701e-0068-5a84-3f5f13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842c1f6e5d57aae4-SYD
launch-5c478d1148ab.min.js
assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/
352 KB
106 KB
Script
General
Full URL
https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/launch-5c478d1148ab.min.js
Requested by
Host: rcp.scsstatic.ch
URL: https://rcp.scsstatic.ch/content/dam/swisscomsite/static1httl/cdn/datalayer-sync-min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
987fe16a06480857707ae20da4ad1207a246d68f87c400f5c06af8eb6d910317

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:02 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 19:59:31 GMT
server
AkamaiNetStorage
etag
"042bb880d57ae26662fc21cae6477cad:1697572771.785707"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://probable-zipper.sa.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
107996
expires
Tue, 09 Jan 2024 11:51:02 GMT
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-14.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 23:10:43 GMT
content-encoding
gzip
via
1.1 903696f43fdfc4019d7102b6711e9fca.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
42020
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
vMdD-oC1HA0qTgX4R1EhG_2NDvfAiL3mhlqsjQH4NT0hYk7nvcA5sw==
TheSansB_500_.d7955bec1417e0168f42adfe7ceaf8b5.woff2
cdn.bluewin.ch/6.1.7/
51 KB
51 KB
Font
General
Full URL
https://cdn.bluewin.ch/6.1.7/TheSansB_500_.d7955bec1417e0168f42adfe7ceaf8b5.woff2
Requested by
Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.7/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6010e95e45ae8c7c0064724e1ea3ac9495ae55a6241633446db052364c06f5f3

Request headers

Referer
https://cdn.bluewin.ch/6.1.7/styles.css
Origin
https://probable-zipper.sa.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:50:48 GMT
via
1.1 4ab519b4cd27a1b8a4b258d7f39bbc7e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
14
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
52044
last-modified
Fri, 22 Dec 2023 08:41:14 GMT
server
AmazonS3
etag
"d7955bec1417e0168f42adfe7ceaf8b5"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag
accept-ranges
bytes
x-amz-cf-id
Q3vqaAH6F03rbSejty0aEgbmyI9E4TOe3qfNESjLum6eXrMtWjIuIg==
sdx-icons.1f2718c892af58d0486a4216e56eb717.woff2
cdn.bluewin.ch/6.1.7/
20 KB
21 KB
Font
General
Full URL
https://cdn.bluewin.ch/6.1.7/sdx-icons.1f2718c892af58d0486a4216e56eb717.woff2
Requested by
Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.7/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6f337768e0e2b4df4002bb6a9a7d63198338ff583e49f78611a3f91dc7d8b8a

Request headers

Referer
https://cdn.bluewin.ch/6.1.7/styles.css
Origin
https://probable-zipper.sa.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:50:48 GMT
via
1.1 4ab519b4cd27a1b8a4b258d7f39bbc7e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
14
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
20772
last-modified
Fri, 22 Dec 2023 08:41:19 GMT
server
AmazonS3
etag
"1f2718c892af58d0486a4216e56eb717"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag
accept-ranges
bytes
x-amz-cf-id
UEID3zOThhO9wnpv1f3T_SCn15FUM1QlsuOdKMrs71Nrwae5ZyvVlw==
TheSansB_600_.a54202ef3bf0e3da19bca052e636ca9c.woff2
cdn.bluewin.ch/6.1.7/
54 KB
54 KB
Font
General
Full URL
https://cdn.bluewin.ch/6.1.7/TheSansB_600_.a54202ef3bf0e3da19bca052e636ca9c.woff2
Requested by
Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.7/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e39a8bb7dc50616b9f41997f90bbb8330be6eb35bb973995618c38a0e3c21f4

Request headers

Referer
https://cdn.bluewin.ch/6.1.7/styles.css
Origin
https://probable-zipper.sa.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:50:48 GMT
via
1.1 4ab519b4cd27a1b8a4b258d7f39bbc7e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
14
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
55008
last-modified
Fri, 22 Dec 2023 08:41:14 GMT
server
AmazonS3
etag
"a54202ef3bf0e3da19bca052e636ca9c"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag
accept-ranges
bytes
x-amz-cf-id
1TjkPkItpqklzfIeQBQvFgWK1lDrQgFnk0vJjub-Dvz9KYwDp8bjEA==
TheSansB_700_.7dac4ba6f5bfb4ba199e7fe3454a6780.woff2
cdn.bluewin.ch/6.1.7/
48 KB
49 KB
Font
General
Full URL
https://cdn.bluewin.ch/6.1.7/TheSansB_700_.7dac4ba6f5bfb4ba199e7fe3454a6780.woff2
Requested by
Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.7/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09525fb3b4747dfbceaa9401af3c089fae3aa045934b77ec444cfe62c0efd3da

Request headers

Referer
https://cdn.bluewin.ch/6.1.7/styles.css
Origin
https://probable-zipper.sa.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:50:48 GMT
via
1.1 4ab519b4cd27a1b8a4b258d7f39bbc7e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
14
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
49592
last-modified
Fri, 22 Dec 2023 08:41:14 GMT
server
AmazonS3
etag
"7dac4ba6f5bfb4ba199e7fe3454a6780"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag
accept-ranges
bytes
x-amz-cf-id
yrHZzDpsxi8yZSxhC2KylOopIYwbniJvlYs6HttwXXagCQcvRV-IFw==
TheSansB_400_.4f0d59a18ca1c88dcfbbce6510b21da5.woff2
cdn.bluewin.ch/6.1.7/
50 KB
50 KB
Font
General
Full URL
https://cdn.bluewin.ch/6.1.7/TheSansB_400_.4f0d59a18ca1c88dcfbbce6510b21da5.woff2
Requested by
Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.7/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0cc4ee9dc83925f474ab0b5ed3a5395038c979e157d4bae8e67225f1b0922d8

Request headers

Referer
https://cdn.bluewin.ch/6.1.7/styles.css
Origin
https://probable-zipper.sa.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:50:48 GMT
via
1.1 4ab519b4cd27a1b8a4b258d7f39bbc7e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
14
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
50708
last-modified
Fri, 22 Dec 2023 08:41:14 GMT
server
AmazonS3
etag
"4f0d59a18ca1c88dcfbbce6510b21da5"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag
accept-ranges
bytes
x-amz-cf-id
GB-IrgfqbVKA3kVCV-Mrfd0a7d3ksHinGUxCx3cBpA_OUM7Fh35rfg==
TheSansB_400i.33ba31da9b75b8d3eb8f86d6d8b2ca57.woff2
cdn.bluewin.ch/6.1.7/
49 KB
49 KB
Font
General
Full URL
https://cdn.bluewin.ch/6.1.7/TheSansB_400i.33ba31da9b75b8d3eb8f86d6d8b2ca57.woff2
Requested by
Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.7/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d210ae97241d56e7785760f06e1f93cb44693f79dc4ba351f3aa695400f9e8f

Request headers

Referer
https://cdn.bluewin.ch/6.1.7/styles.css
Origin
https://probable-zipper.sa.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:50:48 GMT
via
1.1 4ab519b4cd27a1b8a4b258d7f39bbc7e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
14
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
50052
last-modified
Fri, 22 Dec 2023 08:41:14 GMT
server
AmazonS3
etag
"33ba31da9b75b8d3eb8f86d6d8b2ca57"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag
accept-ranges
bytes
x-amz-cf-id
IRqF0W6uVDytkzmtIe4KJmKk4xivldV5bDWxTFNI-Sdr71zeUdzfYA==
li-icons.9e8640181583ce45efe867eac3c03c3b.woff
cdn.bluewin.ch/6.1.7/
2 KB
3 KB
Font
General
Full URL
https://cdn.bluewin.ch/6.1.7/li-icons.9e8640181583ce45efe867eac3c03c3b.woff
Requested by
Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.7/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2267e82969e7da8b2fee71c9a5699c507c30dcdb91c732a45298ec2b4b8c8459

Request headers

Referer
https://cdn.bluewin.ch/6.1.7/styles.css
Origin
https://probable-zipper.sa.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:50:48 GMT
via
1.1 4ab519b4cd27a1b8a4b258d7f39bbc7e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
14
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2236
last-modified
Fri, 22 Dec 2023 08:41:19 GMT
server
AmazonS3
etag
"9e8640181583ce45efe867eac3c03c3b"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
ETag
accept-ranges
bytes
x-amz-cf-id
oP4N5OwXFFfSIho1vGECjMAKkUFh13zDir1HsqAJIBRaIniSOWpUvQ==
atm.js
cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/
560 KB
120 KB
Script
General
Full URL
https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/assets/dist/init_advertising.0333f5d9e6e3704ac591.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-68.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9910673a361834d1d7e2bf06a15753aa8a9059896af3acceaac9b1d6c786a350

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
ff1r4RyLSTX.INL.OQkirJ3AWNgAqVff
content-encoding
gzip
via
1.1 ff9e105aa8810f98f1f8f9ec61929886.cloudfront.net (CloudFront)
date
Tue, 09 Jan 2024 10:50:49 GMT
last-modified
Thu, 04 Jan 2024 15:22:42 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
14
x-amz-server-side-encryption
AES256
etag
W/"700b292d4fccbe8bcad17f6aabca0b1a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=900
x-amz-cf-id
j-f6vkH2l7dfYP6DXAbsa5qydGx5C8Sk1jFCKZmd7a4BkQ0Q9W33xA==
b2
end.mpod.ch/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704797462531&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.193.9&cs_fpid=1704797462466_41445020...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704797462531&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.193.9&cs_fpid=1704797462466_4144502...
  • https://end.mpod.ch/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704797462531&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.193.9&cs_fpid=1704797462466_41445020&mp_login=3&...
43 B
304 B
Image
General
Full URL
https://end.mpod.ch/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704797462531&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.193.9&cs_fpid=1704797462466_41445020&mp_login=3&mp_tax=432&mp_format=1026&c7=https%3A%2F%2Fprobable-zipper.sa.com%2F&c8=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso%20%7C%20blue%20News&c9=&cs_rdr_ts=1704797462&cs_rdr_uid=15946188e31382baf82b6771704797462
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Server
52.223.29.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac99c40bc9e28338c.awsglobalaccelerator.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 19 Jul 2018 15:06:53 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
etag
"5b50a90d-2b"
content-type
image/gif
accept-ranges
bytes
content-length
43
x-xss-protection
1; mode=block

Redirect headers

date
Tue, 09 Jan 2024 10:51:02 GMT
via
1.1 903696f43fdfc4019d7102b6711e9fca.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
location
https://end.mpod.ch/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704797462531&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.193.9&cs_fpid=1704797462466_41445020&mp_login=3&mp_tax=432&mp_format=1026&c7=https%3A%2F%2Fprobable-zipper.sa.com%2F&c8=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso%20%7C%20blue%20News&c9=&cs_rdr_ts=1704797462&cs_rdr_uid=15946188e31382baf82b6771704797462
content-length
0
x-amz-cf-id
pZLw0bziWgmlZqv93GcatyMCC2G8L52gV-EiqSl583tU19-EoPT56Q==
e038ef37-dafe-47b6-a008-7d96f3a80149.json
cdn.cookielaw.org/consent/e038ef37-dafe-47b6-a008-7d96f3a80149/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/e038ef37-dafe-47b6-a008-7d96f3a80149/e038ef37-dafe-47b6-a008-7d96f3a80149.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c586fc370d54763cc38931704a8b1482e310c6b89434ef94e252bb15a5d32478
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
WhqHw4LcM+6d4bxZHP81lA==
content-length
1578
x-ms-lease-status
unlocked
last-modified
Wed, 27 Sep 2023 06:42:00 GMT
server
cloudflare
etag
0x8DBBF24DA30E83B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
652b0a65-201e-005a-44d5-415f64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842c1f70af13572d-SYD
expires
Wed, 10 Jan 2024 10:51:03 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/
34 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/launch-5c478d1148ab.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:02 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://probable-zipper.sa.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Tue, 09 Jan 2024 11:51:02 GMT
country
get.geojs.io/v1/ip/
0
0

4fcacb20-a517-40e9-bc24-f5257d178456.jpeg
production-livingdocs-bluewin-ch.imgix.net/2023/07/24/
28 KB
28 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2023/07/24/4fcacb20-a517-40e9-bc24-f5257d178456.jpeg?w=994&auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
824d3aa07cb4f2535d247538a35c9c87fd45651b064bc9f0b9b6c3d21c55851e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:03 GMT
x-content-type-options
nosniff
age
1552829
x-cache
HIT, HIT
x-imgix-id
851a0877efa128e7a0396025ba4da778631e43db
cross-origin-resource-policy
cross-origin
content-length
28397
x-served-by
cache-sjc10049-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Fri, 22 Dec 2023 11:30:34 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
974f2722-6fb0-483a-96ce-36959899f774.jpeg
production-livingdocs-bluewin-ch.imgix.net/2023/07/13/
5 KB
5 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2023/07/13/974f2722-6fb0-483a-96ce-36959899f774.jpeg?rect=0%2C0%2C5055%2C2843&w=320&auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
2401f4994c0f786c66ded8bc1544e143c0322667204ee6083b54993c20681113
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:03 GMT
x-content-type-options
nosniff
age
2475609
x-cache
HIT, HIT
x-imgix-id
c5bbbce6151588a0a03fe31689f24b383d983b53
cross-origin-resource-policy
cross-origin
content-length
4765
x-served-by
cache-sjc1000102-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Mon, 11 Dec 2023 19:10:54 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cebd3848-227a-40bd-9ff1-97de910948f7.jpeg
production-livingdocs-bluewin-ch.imgix.net/2023/07/12/
6 KB
6 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2023/07/12/cebd3848-227a-40bd-9ff1-97de910948f7.jpeg?rect=0%2C0%2C1024%2C576&w=320&auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
d098bd05ff52512b139164565e060e823f66cfdd62268d9db1cebe5370538df9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:03 GMT
x-content-type-options
nosniff
age
2210899
x-cache
HIT, HIT
x-imgix-id
5c232e1cfc7776df3a54cd46676588060de3c100
cross-origin-resource-policy
cross-origin
content-length
6302
x-served-by
cache-sjc1000123-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Thu, 14 Dec 2023 20:42:44 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
int.min.js
cdn.skyjs.org/bluewin.ch/
2 KB
2 KB
Script
General
Full URL
https://cdn.skyjs.org/bluewin.ch/int.min.js
Requested by
Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.7/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17492240142c475ee2fd7dc3d3d5eca157c49291f29870bbda35552fa2964047
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://probable-zipper.sa.com/
Origin
https://probable-zipper.sa.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000333c6531b73e8e4e-00659d24c2-471b1efc-ams3c
x-envoy-upstream-healthchecked-cluster
content-length
1069
last-modified
Tue, 24 Oct 2023 08:18:12 GMT
server
cloudflare
etag
"7c87929ec782a92ef61cbc2ddd395d8a"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-do-cdn-uuid
095c611b-18ef-4310-966e-1acbe2ac0e74
x-rgw-object-type
Normal
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
842c1f734ed6a813-SYD
chartbeat.js
static.chartbeat.com/js/
38 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/assets/dist/delivery.0d52ba0956378443c009.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.107.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-107-130.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 22:04:32 GMT
content-encoding
gzip
via
1.1 ebc52833900e41e6796b998a5877893e.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:03:21 GMT
server
nginx
x-amz-cf-pop
SYD62-P2
age
45991
etag
W/"65838ed9-9630"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
g1iTv-4eWu70j3Cl68XZMoFdKCeS_Yp3QnUxQKk0A7e_Pnk1FRXcgQ==
expires
Tue, 09 Jan 2024 22:04:32 GMT
06a00c57-b5ee-4052-84e2-f3fbc536f272.jpeg
production-livingdocs-bluewin-ch.imgix.net/2023/07/05/
7 KB
7 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2023/07/05/06a00c57-b5ee-4052-84e2-f3fbc536f272.jpeg?rect=0%2C0%2C1024%2C576&w=320&auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
284745d6ef1d0bd73ca564fd76bfdab8c0cfae104d55107e34680c9c7ef167b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:03 GMT
x-content-type-options
nosniff
age
3038511
x-cache
HIT, HIT
x-imgix-id
c5d1690a32965c4e3a816390a3b466920e7973ba
cross-origin-resource-policy
cross-origin
content-length
7293
x-served-by
cache-sjc1000128-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Tue, 05 Dec 2023 06:49:13 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
79fe8117-ae66-4ff2-af8b-1466433b190f.jpeg
production-livingdocs-bluewin-ch.imgix.net/2023/07/03/
4 KB
4 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2023/07/03/79fe8117-ae66-4ff2-af8b-1466433b190f.jpeg?rect=0%2C19%2C1024%2C576&w=320&auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
681987797b16a0daaff3a246bb408042d14c57243419fb1cf32b2dd822055f07
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:03 GMT
x-content-type-options
nosniff
age
2210899
x-cache
HIT, HIT
x-imgix-id
0c1428377d39d396dcca40791dd919a045d5486e
cross-origin-resource-policy
cross-origin
content-length
4471
x-served-by
cache-sjc1000109-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Thu, 14 Dec 2023 20:42:44 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
1f51f9e2-ab6c-4701-a6d4-5ccc2d9472a9.jpeg
production-livingdocs-bluewin-ch.imgix.net/2024/01/09/
30 KB
31 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2024/01/09/1f51f9e2-ab6c-4701-a6d4-5ccc2d9472a9.jpeg?auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
c3369ef3f40de5b3d5cd622ce004674b4500e0e407b2a400c07dbbb8a9e6d580
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:03 GMT
x-content-type-options
nosniff
age
2891
x-cache
HIT, HIT
x-imgix-id
b3115aec891ad589dbc40a6ba7d69466895c08cb
cross-origin-resource-policy
cross-origin
content-length
31141
x-served-by
cache-sjc1000098-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Tue, 09 Jan 2024 10:02:52 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
fa82f128-815b-499a-8114-72cd1b69efcb.jpeg
production-livingdocs-bluewin-ch.imgix.net/2024/01/09/
53 KB
53 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2024/01/09/fa82f128-815b-499a-8114-72cd1b69efcb.jpeg?auto=format
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
407527313e0beab178e5ee739e0a11c0d564f0a548b28fa91b8172b33bdb046e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:03 GMT
x-content-type-options
nosniff
age
2891
x-cache
HIT, HIT
x-imgix-id
4528938e5b56064d4381b8ed265e180e6920dc7c
cross-origin-resource-policy
cross-origin
content-length
54542
x-served-by
cache-sjc10075-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Tue, 09 Jan 2024 10:02:52 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
yieldlove.js
cdn-a.yieldlove.com/v2/
447 KB
134 KB
Script
General
Full URL
https://cdn-a.yieldlove.com/v2/yieldlove.js?ch.bluewin.it
Requested by
Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.161.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-161-92.sfo53.r.cloudfront.net
Software
/ Express
Resource Hash
ebfb40291ad70a92d6b433862ce21fa812b2ab2b632246dd8731d33c7df257a5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 22:41:01 GMT
content-encoding
gzip
via
1.1 5a47b5b66519af1f8eb0c6ec27f68d54.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-C1
age
43802
x-powered-by
Express
etag
"6fb33-yNNueCNFyYonkIIauRc453WMnKo"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800, stale-while-revalidate=2592000
x-amz-cf-id
H2awtkY2_7pcmY1V_gOogHdvNXoPJ1Rmz3N7wqtbDmQiDXn4k4m86Q==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
77 B
315 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://probable-zipper.sa.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
842c1f747b525d36-SYD
access-control-allow-headers
Content-Type
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=it.bluewin.ch&p=%2Fit%2Fspettacolo%2Fmyrta-merlino-le-novit-di-pomeriggio-5-e-il-consiglio-di-maria-de-filippi-1824424.html&u=DxzcNhBv60xrC2z3O9&d=probable-zipper.sa.com&g=39535&g0=Spettacolo%2CEntertainment%20all&g1=Covermedia&g4=article&n=1&f=00001&c=0&x=0&m=0&y=2797&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fprobable-zipper.sa.com%2F&b=2828&t=DRK3e5BqzinmB0pM4oDxLNS7-p70e&V=143&i=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso&tz=-480&sn=1&sv=DhBJffaBpeYBS-Le7BondXEBzueIL&sr=external&sd=1&im=061b0cf3&_
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.113.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-113-238.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 Jan 2024 10:51:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
dl.boot.min.js
lib.onet.pl/s.csr/build/dlApi/
11 KB
4 KB
Script
General
Full URL
https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Requested by
Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-88.syd62.r.cloudfront.net
Software
Ring Publishing - Accelerator /
Resource Hash
6a2ee6156e3643471b3feda4f64e5aa28acc36ddad79da7ae39d5ca9dd6fb81f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:49:03 GMT
content-encoding
br
via
1.1 f1add8f4c4c2d3927809bab0bfad9b82.cloudfront.net (CloudFront)
server
Ring Publishing - Accelerator
x-amz-cf-pop
SYD62-P2
age
120
etag
"2bb4181b2867f61da4769a9e139bc094452ff055"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4151
x-amz-cf-id
c7h8p2HFfcZfyruLkk72zYUG27PwKZYID7kPpryQORK4ZWwQ4n9gjw==
e292d913c9cb419a9c6208ba3e231a7a.js
cdn.brandmetrics.com/survey/script/
4 KB
2 KB
Script
General
Full URL
https://cdn.brandmetrics.com/survey/script/e292d913c9cb419a9c6208ba3e231a7a.js
Requested by
Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5445e6290f97006b4f6bede86c144109c06e1c3da4075a4a2cea15ffc18e1169

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 09 Jan 2024 08:13:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CM%2FMImAMADIuNkM%2BQgNueJO7mBojFD8mD%2Ban9llj7XJvdMF9L8zabqu87pEcb56Fl5NpZDPv9caBW4GVEy%2FLkXu0qDLvlnzaXaSWdvF1M6xnVGM0ZI50hz0wku7%2BSA2mu9sVj3sJ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
842c1f75ddae5d2c-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
creatives-loader-compat.js
cdn.cwi.re/artifacts/creatives/creatives-loader/
Redirect Chain
  • https://cdn.cwi.re/publishers/bluewin.ch-IT/cwire.min.js
  • https://cdn.cwi.re/artifacts/creatives/creatives-loader/creatives-loader-compat.js
4 KB
3 KB
Script
General
Full URL
https://cdn.cwi.re/artifacts/creatives/creatives-loader/creatives-loader-compat.js
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Server
13.227.74.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-12.sfo20.r.cloudfront.net
Software
/
Resource Hash
61060bc5f50e51d7bd496f3aa1c767bc3cda67987b059dab79883f449d2126ea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
via
1.1 18d8a69a30308aa071168e8aed30be36.cloudfront.net (CloudFront)
date
Tue, 09 Jan 2024 10:43:29 GMT
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true}
x-amz-cf-pop
SFO20-C1
age
455
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
reporting-endpoints
default="https://reports.cwi.re/re_nginx"
last-modified
Thu, 07 Dec 2023 15:55:19 GMT
etag
W/"2ba4a7059fc397a51762f1e9fbc86673"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/reports.cwi.re\/nginx"}],"group":"default","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
cache-control
public, max-age=3600, stale-while-revalidate=300, s-maxage=600
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id
UmpnPGPA-Ake_z8TMmoRjc-8ZC4wPScmP2onX1fnj-RgvRfgpEmR4A==

Redirect headers

date
Tue, 09 Jan 2024 10:51:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 18d8a69a30308aa071168e8aed30be36.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true}
x-amz-cf-pop
SFO20-C1
x-cache
Miss from cloudfront
content-length
162
reporting-endpoints
default="https://reports.cwi.re/re_nginx"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/reports.cwi.re\/nginx"}],"group":"default","max_age":604800}
content-type
text/html
location
https://cdn.cwi.re/artifacts/creatives/creatives-loader/creatives-loader-compat.js
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=300, s-maxage=600
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id
GQTM-uHpA8UnBEsKQN1_5oEPOvVzt6jgM7WuhtvxIE1-aCBdAjprUg==
YnVpbGQvezlza2x0MzU3fWRsQXBpL2RsLmxpYntOTWFzXzM1N30ubWluLmpz
sgqcvfjvr.onet.pl/
304 KB
89 KB
Script
General
Full URL
https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MzU3fWRsQXBpL2RsLmxpYntOTWFzXzM1N30ubWluLmpz
Requested by
Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-111.syd62.r.cloudfront.net
Software
Ring Publishing - Accelerator /
Resource Hash
7300e0f30486a3860ad4587b0b3d0e68e362f0cbe8a8cd5a97fba765891e4ece

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:36:32 GMT
content-encoding
br
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
871
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
90524
last-modified
Mon, 08 Jan 2024 11:25:01 GMT
server
Ring Publishing - Accelerator
etag
"7be1252365f7e4efad537077b4c9fd8685163c73b2396d50924ff18526b8b81e"
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
RFdDd4wcPSxoLsiYuAp6CGOgNAKL_9H_OPDJz7C6eqqr7wDWxSINPA==
dl.aureus.min.js
sgqcvfjvr.onet.pl/build/dlApi/
2 KB
1 KB
Script
General
Full URL
https://sgqcvfjvr.onet.pl/build/dlApi/dl.aureus.min.js?4&077ac16f633bc13fc61ba37e0e5dadf0
Requested by
Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-111.syd62.r.cloudfront.net
Software
Ring Publishing - Accelerator /
Resource Hash
aaae4aa9532a0d29d75f501420392cf81e7e0277e6ba096053eadadcb28ba53e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:46:01 GMT
content-encoding
br
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
302
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
896
last-modified
Mon, 08 Jan 2024 11:24:52 GMT
server
Ring Publishing - Accelerator
etag
"077ac16f633bc13fc61ba37e0e5dadf0"
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
H4NdOz-BuFIf20HBHcOjwu-_ZTAE5U_spzxWbYc-mPTS_-TQTPDupg==
clickmap.min.js
sgqcvfjvr.onet.pl/simetra/clickmap/5.1.0/
2 KB
2 KB
Script
General
Full URL
https://sgqcvfjvr.onet.pl/simetra/clickmap/5.1.0/clickmap.min.js?d11d55f7ee49bd223b694aa45e565e1b
Requested by
Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-111.syd62.r.cloudfront.net
Software
Ring Publishing - Accelerator /
Resource Hash
5624e381bd10235ab37d989a5d19eb7b266c16b3db3c191d9a2990651c1d5e3c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:45:55 GMT
x-amz-version-id
CeiDLTDx9SUhptl7BsYtzZJYkoPWMhXc
content-encoding
br
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
308
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1058
last-modified
Thu, 16 Nov 2023 10:54:17 GMT
server
Ring Publishing - Accelerator
etag
"d11d55f7ee49bd223b694aa45e565e1b"
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
_ruqhcuhoULFDn6qSabR54dwB1ET6lCoigCtxFBlFDd6WCRXhBLh5Q==
dl.cmp.min.js
sgqcvfjvr.onet.pl/build/dlApi/
138 KB
35 KB
Script
General
Full URL
https://sgqcvfjvr.onet.pl/build/dlApi/dl.cmp.min.js?4&287a70846ab79f4d5331131e59035be6
Requested by
Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-111.syd62.r.cloudfront.net
Software
Ring Publishing - Accelerator /
Resource Hash
572fbf936c52b0c819cd340f61a3c71cf38599ee2bcc01a5f7d5d5665413a070

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:37:47 GMT
content-encoding
br
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
796
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
35151
last-modified
Mon, 08 Jan 2024 11:25:03 GMT
server
Ring Publishing - Accelerator
etag
"90d2910d957a059f30a0565d479ed977"
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
fuBOhEPGhNTin6odAdawwcnaxKAu2p2AgOISKPpc-fckDo6K_WVpFQ==
artemis.min.js
sgqcvfjvr.onet.pl/simetra/artemis/0.6.2/
14 KB
6 KB
Script
General
Full URL
https://sgqcvfjvr.onet.pl/simetra/artemis/0.6.2/artemis.min.js?1f79b58f7b6dd00e35ae1c6cd88a09c2
Requested by
Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-111.syd62.r.cloudfront.net
Software
Ring Publishing - Accelerator /
Resource Hash
4db1d4b1acda5f39723cac7ac0e77cccaabd5821938749d3ac82944a85091d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:44:49 GMT
x-amz-version-id
lYQgFFRujgCLTGXyOeiuZMvAqs4OmI6h
content-encoding
br
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
374
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
5570
last-modified
Fri, 17 Nov 2023 12:53:23 GMT
server
Ring Publishing - Accelerator
etag
"1f79b58f7b6dd00e35ae1c6cd88a09c2"
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
IoLj70zQUdkfkdrNOYLCuBFs4Q57kEUdIoFLQtNYmX1tdKLEtSvxng==
pixel-module.js
lib.onet.pl/static/pixel/1.6.12/
27 KB
8 KB
Script
General
Full URL
https://lib.onet.pl/static/pixel/1.6.12/pixel-module.js?a1c0105d7592675f7f0e669530932881
Requested by
Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-88.syd62.r.cloudfront.net
Software
Ring Publishing - Accelerator /
Resource Hash
9738dcd5f8d933ce510bb6378e77bb8651253ac85c1740f8874b20d7306b07ca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:43:20 GMT
content-encoding
br
via
1.1 f1add8f4c4c2d3927809bab0bfad9b82.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
462
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
7352
last-modified
Wed, 20 Dec 2023 13:23:10 GMT
server
Ring Publishing - Accelerator
etag
"a1c0105d7592675f7f0e669530932881"
content-type
application/javascript
x-amz-meta-md5
a1c0105d7592675f7f0e669530932881
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QmM0XnzHt1z3TSGdximYOQk06OgatTvU9iU9e4X1KHHVIwWhvZq48w==
me
events.ocdn.eu/v2/EA-5469564/
Redirect Chain
  • https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ts=1704797463759
  • https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ts=1704797463759&_ca=1&uuid=202401091151041784108312
93 B
341 B
Fetch
General
Full URL
https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ts=1704797463759&_ca=1&uuid=202401091151041784108312
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Server
3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6bee98fe393bd2a.awsglobalaccelerator.com
Software
Ring Publishing - Accelerator /
Resource Hash
c56d9de298f68a22adf74c0c6b46f3475bbc1963293ab7e20b05c37f35b72889

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://probable-zipper.sa.com
date
Tue, 09 Jan 2024 10:51:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
Ring Publishing - Accelerator
content-length
93
content-type
application/json; charset=utf-8

Redirect headers

access-control-allow-origin
https://probable-zipper.sa.com
location
/v2/EA-5469564/me?_ac=events&_ts=1704797463759&_ca=1&uuid=202401091151041784108312
date
Tue, 09 Jan 2024 10:51:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
Ring Publishing - Accelerator
tags
csr.onet.pl/5469564/
0
0

me
cdp.ems.onet.pl/5469564/
216 B
571 B
XHR
General
Full URL
https://cdp.ems.onet.pl/5469564/me?domain=probable-zipper.sa.com&ver=1
Requested by
Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MzU3fWRsQXBpL2RsLmxpYntOTWFzXzM1N30ubWluLmpz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.83.230.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1ef697b048852c56.awsglobalaccelerator.com
Software
Ring Publishing - Accelerator /
Resource Hash
d23b0c41402289706eac58c353da08a46647e38ad32114416f0798c6c66e3628

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
server
Ring Publishing - Accelerator
access-control-allow-methods
GET
p3p
CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin
https://probable-zipper.sa.com
content-type
application/json
cache-control
private, max-age=1800
access-control-allow-credentials
true
timing-allow-origin
*
content-length
216
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
19f1abd25ea6498a9d125a005fce9f729f40246f14b035f363ab68f56d1d8e41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29268
x-xss-protection
0
server
cafe
etag
987 / 19731 / m202401020101 / config-hash: 7175009766297966165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Jan 2024 10:51:04 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202308.1.0/
411 KB
99 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2+I2Cj649lHjQKiedh8F2Q==
age
56255
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
101254
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:47 GMT
server
cloudflare
etag
0x8DBD50E45B16C1C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
722cf87a-c01e-0042-458a-2f8003000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842c1f74bc9aaae4-SYD
it.json
cdn.cookielaw.org/consent/e038ef37-dafe-47b6-a008-7d96f3a80149/90a3bdf0-69c4-4654-a5ef-6385a9f19ace/
109 KB
24 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/e038ef37-dafe-47b6-a008-7d96f3a80149/90a3bdf0-69c4-4654-a5ef-6385a9f19ace/it.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef644945760e2a60bb6074fc5275778f773c5120bd908b33793a559e6ee5c7f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
7+HaQtWqbJ3VPNxr7e9Jlw==
content-length
24128
x-ms-lease-status
unlocked
last-modified
Wed, 27 Sep 2023 06:47:30 GMT
server
cloudflare
etag
0x8DBBF259EBD12DC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dc966e2c-401e-0011-1ae9-42a337000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842c1f74eb97572d-SYD
expires
Wed, 10 Jan 2024 10:51:04 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/
398 KB
57 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7daaea0e23f1b46b8cee7ee002e8b5e16dcd602bae7990a073e6f77a40a33984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
T2EO+M5YujGweuw6GKbrmg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
58301
x-ms-lease-status
unlocked
last-modified
Tue, 09 Jan 2024 09:36:36 GMT
server
cloudflare
etag
0x8DC10F6797B4F5B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
56b47c58-001e-0072-06e9-423ecc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842c1f74eb98572d-SYD
otTCF.js
cdn.cookielaw.org/scripttemplates/202308.1.0/
39 KB
12 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f00d9f0ee3f8968433f0a9dff863e5a1f1563815236064d6698046d07375542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Jsc96Q2sZwDZEdzM7FIDaA==
age
51572
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11841
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:45 GMT
server
cloudflare
etag
0x8DBD50E44785792
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0fb212c4-301e-00a2-4a1c-15039a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842c1f74ecc9aae4-SYD
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/
9 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
weEWylC0+dJXoHSdhYGqqw==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2626
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:38 GMT
server
cloudflare
etag
0x8DBD50E40155722
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
17528664-e01e-0037-0bd5-41eb2f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842c1f773d9e572d-SYD
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/v2/
61 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0721d78278f9a6c3dd3f639bad1b3105d2df9e97e3d4a74dbec66d6b92c7ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jih879mbIcNSFioYCdj3Tg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12544
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:39 GMT
server
cloudflare
etag
0x8DBD50E40FCFC71
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
37e194ec-601e-0090-40d5-4103ed000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842c1f773d9f572d-SYD
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
67e60ee4-301e-0056-7fd5-41c86c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
842c1f773da2572d-SYD
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?ch.bluewin.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7febcc726b716a1a57630aa63271a8e44d67fff16d2383b394779c9262d1f194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://probable-zipper.sa.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 09 Jan 2024 10:51:04 GMT
x-content-type-options
nosniff
content-encoding
br
age
24612
x-jsd-version
1.0.1929
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
858
x-served-by
cache-fra-eddf8230103-FRA, cache-bne12520-BNE
x-jsd-version-type
version
etag
W/"63b-6QoajLJVvi3XrTfmzq7QFsxvX3Q"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
tags
csr.onet.pl/5469564/
11 B
562 B
XHR
General
Full URL
https://csr.onet.pl/5469564/tags?domain=probable-zipper.sa.com&site=BlueNewsch_IT&v=1
Requested by
Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MzU3fWRsQXBpL2RsLmxpYntOTWFzXzM1N30ubWluLmpz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-108.syd1.r.cloudfront.net
Software
Ring Publishing - Accelerator /
Resource Hash
72115774e068a807b1bc1aaa7f2df4d92038535bf0ff021c0a0cf5c3d9e6642a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
via
1.1 e57fe70b9ed429fb51b4b2432cadc67a.cloudfront.net (CloudFront)
server
Ring Publishing - Accelerator
x-amz-cf-pop
SYD1-C1
etag
"9d172f461dfde5816bf6231e53c44d0adf686a90"
x-cache
Miss from cloudfront
p3p
CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin
https://probable-zipper.sa.com
content-type
application/json
cache-control
public, max-age=1800
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
11
x-amz-cf-id
rA_F28tty66yx_YIVXU1qCmlmdYityBeGqeF4RLjhNoJjhbdO9Ytxw==
me
cdp.ems.onet.pl/5469564/
216 B
571 B
XHR
General
Full URL
https://cdp.ems.onet.pl/5469564/me?domain=probable-zipper.sa.com&ver=1
Requested by
Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MzU3fWRsQXBpL2RsLmxpYntOTWFzXzM1N30ubWluLmpz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.83.230.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1ef697b048852c56.awsglobalaccelerator.com
Software
Ring Publishing - Accelerator /
Resource Hash
0fb3f85c052a590618026db120af83aa8b44424279e4494579f9fbd46ef10c02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
server
Ring Publishing - Accelerator
access-control-allow-methods
GET
p3p
CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin
https://probable-zipper.sa.com
content-type
application/json
cache-control
private, max-age=1800
access-control-allow-credentials
true
timing-allow-origin
*
content-length
216
config.js
cdn.confiant-integrations.net/AmEuXIUpj67Xm3S6ZloFdC7gEiI/gpt_and_prebid/
95 KB
21 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/AmEuXIUpj67Xm3S6ZloFdC7gEiI/gpt_and_prebid/config.js
Requested by
Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acfb9937e4426dc2da37c3a582852c1589a8aba8b8d456ae5a75f9b37f541bc4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 07:35:39 GMT
server
cloudflare
x-amz-request-id
PKTX2MSP9YRVZZRT
age
413
etag
W/"1eb40a5dd6a89391f783b34ebc21d6e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
842c1f79a89aa87a-SYD
alt-svc
h3=":443"; ma=86400
x-amz-id-2
chggGUk7AbqA0lFw46vh0thRPRWRk6IhYOw3Khmv+J4vEEN1BNEefMhVFNirhyvFykSVtFxXqcI=
contextual_10.js
cdn.adnz.co/convey-scripts/
25 KB
11 KB
Script
General
Full URL
https://cdn.adnz.co/convey-scripts/contextual_10.js
Requested by
Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b095c42b599d12a8c50afa725f2598ea097d1eeee522f247b962033dd9ba7872
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000d152afb751d518be-00656de14c-10d4891-default
age
1728
x-cache-status
HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Dec 2023 11:16:02 GMT
server
cloudflare
etag
W/"75626f0c6d72c42979def3c00d989c30"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnymoC3ftlwZ98UKubUBQnTWGueE2t60%2BqTOeIHtdP%2BB7iHdWEsgMDS2eRE0lIDR1dGLgwtCd3QRwbG92hgj82OuyD%2BTSf66SEHpuj8mkDCd33D%2FjUtFPkyI9r%2FB"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
x-rgw-object-type
Normal
cache-control
public, max-age=3600
access-control-allow-credentials
true
cf-ray
842c1f79ad64aaf5-SYD
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
publisherHelper.js
cdn.codevelop.network/adformats/global/
105 KB
105 KB
Script
General
Full URL
https://cdn.codevelop.network/adformats/global/publisherHelper.js
Requested by
Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-82.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbb45a29818164f9aa297f0eabe3f499971caaba6ff7c12334f8802bdbd14a05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:55:39 GMT
via
1.1 5e473a5e64c6a2f7bc916721cc188252.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 14:33:44 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
6927
x-amz-server-side-encryption
AES256
etag
"8bc05334852765b160f46717ecddedf2"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
107153
x-amz-cf-id
rNIkP_goAQGqE3-Lc1wJAExE1oGCJSGplhHCxe-ltZq8BtiCRfbX0Q==
config.js
cdn.confiant-integrations.net/V1AdEkGj8ikBdWctk6hWbb2FEvQ/gpt_and_prebid/
80 KB
18 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/V1AdEkGj8ikBdWctk6hWbb2FEvQ/gpt_and_prebid/config.js
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?ch.bluewin.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
339163806601bc5efc723df4a0b0d107c620944fdd5a979028b360c337e9f666

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 08:52:35 GMT
server
cloudflare
x-amz-request-id
8P3MHJKMBJ8SZM71
age
554
etag
W/"6296f9e7956a1f79540333b777094660"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
842c1f79a89ba87a-SYD
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6wsOWQQGyM6CTZhrk0Atuhegocf9lN8t5Ru0xNzkRFjcVjkbZNhLGftTbxjMcctgD5I5nPyuwp0=
65568.js
cdn.brandmetrics.com/scripts/bundle/
49 KB
16 KB
Script
General
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e292d913-c9cb-419a-9c62-08ba3e231a7a&toploc=probable-zipper.sa.com
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/survey/script/e292d913c9cb419a9c6208ba3e231a7a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95da7e2acd99a0fc32c301d30dab23609d9c8d959225f80ce1aa76e9c9dc059d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Jan 2024 10:51:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOJvmMMlaD6Z6GCN%2BqE09f31iNhwYs%2F7VK0gD8PfvmFI9f7dIOmdZ2nbrWj82m%2FRKQDfsdFEukWyYXSX2Xj6YxisUQqA4zEbOb2jTFBvFH9CJDIynurBXwyGxcyp9kOsr1%2FmcJeQ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
842c1f77bf9b5d2c-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/
436 KB
137 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 01:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
34949
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 08 Jan 2025 01:08:35 GMT
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
503 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Tue, 09 Jan 2024 07:10:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
5827d3bf-101e-008a-56e9-426232000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
842c1f792fc0572d-SYD
Blue_Bug_White.png
cdn.cookielaw.org/logos/79ff0092-3b19-4886-9931-82338003a533/9c078025-6cb4-49f1-b6c6-44a559d7cfd2/298a5430-501e-4cad-b4df-5268233cccda/
23 KB
23 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/79ff0092-3b19-4886-9931-82338003a533/9c078025-6cb4-49f1-b6c6-44a559d7cfd2/298a5430-501e-4cad-b4df-5268233cccda/Blue_Bug_White.png
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63eb6c1c1025355f93ce5331ef93a2e7efe8c403686f1cc9eb8a1152c6d5492a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
kvY0krPxv7i6qvLwDpPmcA==
age
3308
content-length
23442
x-ms-lease-status
unlocked
last-modified
Tue, 08 Dec 2020 16:53:11 GMT
server
cloudflare
etag
0x8D89B99BF566CB3
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
3e280acd-501e-009b-42a9-21f886000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842c1f7938e3aae4-SYD
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 10:51:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
73318
x-ms-lease-status
unlocked
last-modified
Mon, 08 Jan 2024 03:16:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
792d6958-e01e-0045-44e6-41ec60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
842c1f7938e4aae4-SYD
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/
264 KB
84 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/V1AdEkGj8ikBdWctk6hWbb2FEvQ/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
B91EFRDX6GA2ZVMV
age
3508422
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
842c1f79c8bfa87a-SYD
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ss1EW3keMFbs9v1VaKck+kGbRtfwUNGYMge2zv9wAW65/jP8X+qTUIvjCdVPNX/rW+HIAz7CWyo=
eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIiwiZ2xvYmFsIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vc...
events.ocdn.eu/v2/EA-5469564/user/
212 B
613 B
Fetch
General
Full URL
https://events.ocdn.eu/v2/EA-5469564/user/eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIiwiZ2xvYmFsIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vcHJvYmFibGUtemlwcGVyLnNhLmNvbS8ifSwidmVyc2lvbiI6IjAuNi4yIiwiZmxhZ3MiOnsiaWdub3JlSWQiOmZhbHNlfX0=
Requested by
Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/simetra/artemis/0.6.2/artemis.min.js?1f79b58f7b6dd00e35ae1c6cd88a09c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6bee98fe393bd2a.awsglobalaccelerator.com
Software
Ring Publishing - Accelerator /
Resource Hash
4b4f81fdcf68fc66485f872ac792407362ce543de6f4609ec04010561466b09e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
gzip
server
Ring Publishing - Accelerator
vary
Accept-Encoding
x-ats-elapsed
0.0019998550415039
content-type
application/json
access-control-allow-origin
https://probable-zipper.sa.com
access-control-allow-methods
GET, POST, OPTIONS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Accept,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Type,DNT,Host,If-Modified-Since,Origin,Range,User-Agent,X-Requested-With
eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIiwiZ2xvYmFsIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vc...
events.ocdn.eu/v2/EA-5469564/user/
212 B
614 B
Fetch
General
Full URL
https://events.ocdn.eu/v2/EA-5469564/user/eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIiwiZ2xvYmFsIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vcHJvYmFibGUtemlwcGVyLnNhLmNvbS8ifSwidmVyc2lvbiI6IjAuNi4yIiwiZmxhZ3MiOnsiaWdub3JlSWQiOmZhbHNlfX0=
Requested by
Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/simetra/artemis/0.6.2/artemis.min.js?1f79b58f7b6dd00e35ae1c6cd88a09c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6bee98fe393bd2a.awsglobalaccelerator.com
Software
Ring Publishing - Accelerator /
Resource Hash
248d572d772050a658e60e756aee20227f33cf54884e1668e1a2e7ab97159071

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:04 GMT
content-encoding
gzip
server
Ring Publishing - Accelerator
vary
Accept-Encoding
x-ats-elapsed
0.0039999485015869
content-type
application/json
access-control-allow-origin
https://probable-zipper.sa.com
access-control-allow-methods
GET, POST, OPTIONS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Accept,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Type,DNT,Host,If-Modified-Since,Origin,Range,User-Agent,X-Requested-With
tags
swisscom.push.delivery/push-api/
0
0
Preflight
General
Full URL
https://swisscom.push.delivery/push-api/tags
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.62.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-62-154.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY DENY
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://probable-zipper.sa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 10:51:06 GMT
Expires
0
Pragma
no-cache
Server
nginx
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
DENY DENY
X-XSS-Protection
0
tags
swisscom.push.delivery/push-api/
0
0
Preflight
General
Full URL
https://swisscom.push.delivery/push-api/tags
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.62.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-62-154.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY DENY
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://probable-zipper.sa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 10:51:06 GMT
Expires
0
Pragma
no-cache
Server
nginx
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
DENY DENY
X-XSS-Protection
0
tags
swisscom.push.delivery/push-api/
3 KB
1 KB
Fetch
General
Full URL
https://swisscom.push.delivery/push-api/tags
Requested by
Host: cdn-swisscom.push.delivery
URL: https://cdn-swisscom.push.delivery/bluewin/3.1.2/webpush-production.js?v=5.193.9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.62.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-62-154.clients.your-server.de
Software
nginx /
Resource Hash
442dff6db0fbdca6217609f82173121e5cec3567f0a77bb1f91b28bf8484d9fc
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 0

Request headers

Referer
https://probable-zipper.sa.com/
accept-language
en-AU,en;q=0.9
Authorization
Bearer 1c838b64db4b99e2bc44fe2d40d7cbad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 10:51:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY, DENY
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
vary
accept-encoding
Connection
keep-alive
X-XSS-Protection
0
Expires
0
tags
swisscom.push.delivery/push-api/
3 KB
1 KB
Fetch
General
Full URL
https://swisscom.push.delivery/push-api/tags
Requested by
Host: cdn-swisscom.push.delivery
URL: https://cdn-swisscom.push.delivery/bluewin/3.1.2/webpush-production.js?v=5.193.9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.62.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-62-154.clients.your-server.de
Software
nginx /
Resource Hash
442dff6db0fbdca6217609f82173121e5cec3567f0a77bb1f91b28bf8484d9fc
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 0

Request headers

Referer
https://probable-zipper.sa.com/
accept-language
en-AU,en;q=0.9
Authorization
Bearer 1c838b64db4b99e2bc44fe2d40d7cbad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 10:51:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY, DENY
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
vary
accept-encoding
Connection
keep-alive
X-XSS-Protection
0
Expires
0
bluenews-logo.png
cdn-swisscom.push.delivery/bluewin/images/
30 KB
30 KB
Image
General
Full URL
https://cdn-swisscom.push.delivery/bluewin/images/bluenews-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-114.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fd03d35400cffeee57d6841c18e4b8767e7313693be817b2349417baee7476a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:18:54 GMT
x-amz-version-id
CXuLZZe.pphWa0k2S9k_LJh72YG9Z6Ak
via
1.1 f94de31c777bc3bf7b8976bac21b4482.cloudfront.net (CloudFront)
last-modified
Wed, 16 Sep 2020 12:36:01 GMT
server
AmazonS3
x-amz-cf-pop
SFO20-C1
age
862332
etag
"78d59c03ad0ad69a17e1faa510d08a90"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30563
x-amz-cf-id
7aNphGd7Vi4iGxmoOfm4kzHvRNRnzhyE_02f6v6C93sTq4YUvQXrRA==
unblock-chrome-italian.gif
push.delivery.ethinking.de/ethinking/gifs/
22 KB
22 KB
Image
General
Full URL
https://push.delivery.ethinking.de/ethinking/gifs/unblock-chrome-italian.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-84.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c57a6137261c54dad163c3c583863d634d1e9814ed88307496d7cb1564bb4e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
Bd7p72HG1aNeBNuMC_TvUIS0Uzi46qNM
date
Sun, 07 Jan 2024 23:55:25 GMT
via
1.1 f3cea93c854337bc785f9b21c41ff66c.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jun 2020 08:36:24 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C2
age
125740
etag
"26781c6913f77555a3828e2ab366e3af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
22577
x-amz-cf-id
hiyKpagJdM5mL3-A9Bq1hEa8V7BybP2AupVX1MCQQB_IBi9uhBAxiQ==
RCf7ad99b8263b4754b1cf0c2909487381-source.min.js
assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/2a46319799bc/
365 B
492 B
Script
General
Full URL
https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/2a46319799bc/RCf7ad99b8263b4754b1cf0c2909487381-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/launch-5c478d1148ab.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d47add8b2cc0df7b9429f054bfa05bce22171307fc1fa52d1bc461d232c5ab5d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:05 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 19:59:32 GMT
server
AkamaiNetStorage
etag
"166f6a75a4929bcce957473a087af04d:1697572772.476297"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://probable-zipper.sa.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
231
expires
Tue, 09 Jan 2024 11:51:05 GMT
webpush-vars.css
probable-zipper.sa.com/safaripush/
250 B
560 B
Stylesheet
General
Full URL
https://probable-zipper.sa.com/safaripush/webpush-vars.css
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/safaripush/safaripush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aabcce9eb8089e7b61c125db15d92ae0faa4d42f8bdbfcf1f71771da290f9c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 09 Jan 2024 10:50:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Dc%2FtAh6uEugI5dHBdDIaqoQxy16lkcNVFrmmocsUa54Nu8yPzYEo%2BpGPINbcP8sVSamuL5zGlhIV%2FIluBdLdTqgWTOW9lorDCzFOd6qtwVohaH9ls7HaGFmT47nlPL1ctG1Gjosua9F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
842c1f7f5c85a93e-SYD
styles.css
probable-zipper.sa.com/safaripush/
8 KB
2 KB
Stylesheet
General
Full URL
https://probable-zipper.sa.com/safaripush/styles.css
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/safaripush/safaripush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d53e38bd6add65fdb28bb71b6c3e9f8703e68cfb66437dbacb28eb88dacb429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 09 Jan 2024 10:50:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1m89rm7jVo6x3JZyn6ay49u%2BBVFKN3l%2FW%2Bc4A%2F9BhD4E9wqo76o9VXiYZ%2FVrN3v7ETKnjOhlToVcacfFbAZxw4rJn9akg7wsiCv48V%2FoGUxEEuXyE3wRWZ5A3AtK0leeSQ5vVHdRJwTZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
842c1f7f5c87a93e-SYD
config.json
probable-zipper.sa.com/safaripush/
371 B
540 B
Fetch
General
Full URL
https://probable-zipper.sa.com/safaripush/config.json
Requested by
Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/safaripush/safaripush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb4b392e6ea505543b3d88814ec0afd6f5780b71956c5ad6ff8482c794437c01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4ETR7wHy9rOktSljiHOYSUqkOA%2FWgc0w%2F79h5JC%2BWY%2BkOIFi%2FVfbCTbQiDuTp4cCST7e0L0Xex9nB3q9pqazgtMNXqFjt9Sd3ByyoHSHlnWIDkjUFSj4ZAjPyIh8YmN1dzj9oSRNOkL"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
842c1f7f5c88a93e-SYD
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
acm.min.js
cdn.skyjs.org/bluewin.ch/
313 KB
91 KB
Script
General
Full URL
https://cdn.skyjs.org/bluewin.ch/acm.min.js
Requested by
Host: cdn.skyjs.org
URL: https://cdn.skyjs.org/bluewin.ch/int.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2559021e67a513b3f7fb36ad8705b52e7d4d01aad5d32135d17e7bf6184012e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://probable-zipper.sa.com/
Origin
https://probable-zipper.sa.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:05 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000ea133e20825e5921-00659d24c3-471ac284-ams3c
x-envoy-upstream-healthchecked-cluster
content-length
92828
last-modified
Sat, 30 Dec 2023 12:41:31 GMT
server
cloudflare
etag
"c95204e4aad64a91bbe2ce5458c07c86"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-do-cdn-uuid
095c611b-18ef-4310-966e-1acbe2ac0e74
x-rgw-object-type
Normal
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
842c1f7f5974a813-SYD
icon-push.51a4bc35e69e47250b37d91ec5ec2413.svg
cdn.bluewin.ch/6.1.7/
979 B
1 KB
Image
General
Full URL
https://cdn.bluewin.ch/6.1.7/icon-push.51a4bc35e69e47250b37d91ec5ec2413.svg
Requested by
Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.7/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-38.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a76c2f151a973b02253149ffed720a7aa29326b8d7e5fa4e60f5bed4655ee8b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.bluewin.ch/6.1.7/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:19:46 GMT
via
1.1 5e473a5e64c6a2f7bc916721cc188252.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 08:41:19 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
52280
etag
"51a4bc35e69e47250b37d91ec5ec2413"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
979
x-amz-cf-id
jxzdNIv2nz_KEgnVLwHoPQHirMUuNWh9LD1fuHxbVj6gv4D0jNTfNw==
3c8c2441-ea81-48da-b933-65f3895a79a5.jpeg
production-livingdocs-bluewin-ch.imgix.net/2024/01/09/
8 KB
9 KB
Image
General
Full URL
https://production-livingdocs-bluewin-ch.imgix.net/2024/01/09/3c8c2441-ea81-48da-b933-65f3895a79a5.jpeg?rect=0%2C0%2C1024%2C576&w=320&auto=format
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.30.208 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
3419b36d13a7fc8a38f52ec59722c3e11b27e20fc7c1280619c1ec18ac65a23b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:05 GMT
x-content-type-options
nosniff
age
7418
x-cache
HIT, HIT
x-imgix-id
55ae3c46fd2a175cb3deee3bf4d30b8474564db4
cross-origin-resource-policy
cross-origin
content-length
8566
x-served-by
cache-sjc1000143-SJC, cache-syd10150-SYD
x-imgix-render-farm
01.140328
last-modified
Tue, 09 Jan 2024 08:47:26 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
RC8d7a7897a17d413ab9f97745d0af6c5f-source.min.js
assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/2a46319799bc/
1 KB
817 B
Script
General
Full URL
https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/2a46319799bc/RC8d7a7897a17d413ab9f97745d0af6c5f-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/launch-5c478d1148ab.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
41166aec0756ea772b94434e4818bc0244e4d79474858fe03e7a8bb14d39ed8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:05 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 19:59:32 GMT
server
AkamaiNetStorage
etag
"166f6a75a4929bcce957473a087af04d:1697572772.476297"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://probable-zipper.sa.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
555
expires
Tue, 09 Jan 2024 11:51:05 GMT
config.json
qcdn.skyjs.org/bluewin.ch/
1 KB
1 KB
XHR
General
Full URL
https://qcdn.skyjs.org/bluewin.ch/config.json
Requested by
Host: cdn.skyjs.org
URL: https://cdn.skyjs.org/bluewin.ch/acm.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32aa88ffa3d864ae2fef6734a569847d041cda18355b6578306380fd74df6f97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:05 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000128ebe00e87dc3f9-00659d24d1-471ab797-ams3c
x-envoy-upstream-healthchecked-cluster
content-length
574
last-modified
Mon, 08 Jan 2024 15:24:56 GMT
server
cloudflare
etag
"609ebb92819dd52c15f344488823be53"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-do-cdn-uuid
dec20da5-5a4c-4c8d-8ec3-5fda0b5ce12f
x-rgw-object-type
Normal
cache-control
max-age=60
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
842c1f818ba2a80d-SYD
batch
api.adnz.co/api/ws-events-sink/
0
0
Fetch
General
Full URL
https://api.adnz.co/api/ws-events-sink/batch?visitorId=2200638553006043&tenantId=10&events=W3sidHlwZSI6IlBBR0VfSU1QUkVTU0lPTiIsImV2ZW50SWQiOjM3MzMzOTQ4NzQ0MTg1MzksInBhZ2VJbXByZXNzaW9uSWQiOjg2NTU4NjQzOTE5OTIxNTUsInVybCI6Imh0dHBzOi8vcHJvYmFibGUtemlwcGVyLnNhLmNvbS9pdC9zcGV0dGFjb2xvL215cnRhLW1lcmxpbm8tbGUtbm92aXQtZGktcG9tZXJpZ2dpby01LWUtaWwtY29uc2lnbGlvLWRpLW1hcmlhLWRlLWZpbGlwcGktMTgyNDQyNC5odG1sIiwiYm9keSI6e319XQ%3D%3D
Requested by
Host: cdn.adnz.co
URL: https://cdn.adnz.co/convey-scripts/contextual_10.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:51:05 GMT
ratelimit-reset
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHrQmVad0pgjbmnO0HOH6U33qdcv9Q6uAFoajHmfU6rfJhv4gUYuGpDyfcR9j35J8G9BPKF0Ckfwcc%2BEwgjIIyZ7rpg31m93Ap4MeJ%2Bnyq7xkqTyMrPu435%2FN3gY"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://probable-zipper.sa.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
842c1f800b5baaf5-SYD
ratelimit-remaining
99
alt-svc
h3=":443"; ma=86400
/
events.ocdn.eu/v2/
0
202 B
Fetch
General
Full URL
https://events.ocdn.eu/v2/?_et=PageView&_ac=kropka-stats&_rt=now&_lu=202401091151041784108312&_it=1030&_gu=202401091151041784108312&CDL=ea_notfound&DP=0&RDLC=eyJ2ZXJzaW9uIjp7ImxpYnJhcnkiOnsidHJhY2tpbmciOiI1LjYuMCIsImRsYXBpIjoiMjAyNDAxMDhfMTIyNCJ9fSwidHJhY2tpbmciOnsiYXV0b3N0YXJ0Ijp0cnVlfX0%3D&RDLU=eyJpZCI6eyJhcnRlbWlzIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIiwiZXh0ZXJuYWwiOnsibW9kZWwiOiIyMDI0MDEwOTExNTEwNDE3ODQxMDgzMTIiLCJtb2RlbHMiOnsiYXRzX3JpIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIn19fX0%3D&CL=init-20240108_1224&RI=260c1659d2517308&C1=1704797463776&IP=202401091851037703910795&CS=1600x1200x24&CW=1600x1200&DU=https%3A%2F%2Fprobable-zipper.sa.com%2F&DV=bluenewsch_it&IV=202401091851037703910795&RDLCN=eyJwdWJsaWNhdGlvbiI6e30sInNvdXJjZSI6e30sIm9iamVjdCI6e319&DA=BlueNewsch_IT%2Fros&SC=1&CD=visible&RT=PageView&IZ=0&IL=0&TID=EA-5469564
Requested by
Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MzU3fWRsQXBpL2RsLmxpYntOTWFzXzM1N30ubWluLmpz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6bee98fe393bd2a.awsglobalaccelerator.com
Software
Ring Publishing - Accelerator /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://probable-zipper.sa.com
date
Tue, 09 Jan 2024 10:51:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
Ring Publishing - Accelerator
/
events.ocdn.eu/v2/
0
202 B
Fetch
General
Full URL
https://events.ocdn.eu/v2/?_et=PageView&_ac=kropka-stats&_rt=now&_lu=202401091151041784108312&_it=1030&_gu=202401091151041784108312&CDL=ea_notfound&DP=-1&RDLC=eyJ2ZXJzaW9uIjp7ImxpYnJhcnkiOnsidHJhY2tpbmciOiI1LjYuMCIsImRsYXBpIjoiMjAyNDAxMDhfMTIyNCJ9fSwidHJhY2tpbmciOnsiYXV0b3N0YXJ0Ijp0cnVlfX0%3D&RDLU=eyJpZCI6eyJhcnRlbWlzIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIiwiZXh0ZXJuYWwiOnsibW9kZWwiOiIyMDI0MDEwOTExNTEwNDE3ODQxMDgzMTIiLCJtb2RlbHMiOnsiYXRzX3JpIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIn19fX0%3D&CL=init-20240108_1224&RI=6c547659d251810d&C1=1704797464269&IP=202401091851042681064579&CS=1600x1200x24&CW=1600x1200&DU=https%3A%2F%2Fprobable-zipper.sa.com%2F&DV=bluenewsch_it%2Fdesktop_tv&IV=202401091851042681064579&RDLCN=eyJwdWJsaWNhdGlvbiI6e30sInNvdXJjZSI6e30sIm9iamVjdCI6e319&DA=BlueNewsch_IT%2FDesktop_TV&SC=1&CD=visible&DR=https%3A%2F%2Fprobable-zipper.sa.com%2F&RT=PageView&IZ=0&IL=0&TID=EA-5469564
Requested by
Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MzU3fWRsQXBpL2RsLmxpYntOTWFzXzM1N30ubWluLmpz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6bee98fe393bd2a.awsglobalaccelerator.com
Software
Ring Publishing - Accelerator /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://probable-zipper.sa.com
date
Tue, 09 Jan 2024 10:51:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
Ring Publishing - Accelerator
/
events.ocdn.eu/v2/
0
181 B
Image
General
Full URL
https://events.ocdn.eu/v2/?_et=PerfEvent&_ac=kropka-monitoring&_rt=empty&_lu=202401091151041784108312&_it=1030&_gu=202401091151041784108312&RDLU=eyJpZCI6eyJhcnRlbWlzIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIiwiZXh0ZXJuYWwiOnsibW9kZWwiOiIyMDI0MDEwOTExNTEwNDE3ODQxMDgzMTIiLCJtb2RlbHMiOnsiYXRzX3JpIjoiMjAyNDAxMDkxMTUxMDQxNzg0MTA4MzEyIn19fX0%3D&RT=PerfEvent&CD=visible&TR=1180&TTTFB=919&TH=922&TI=1736&TC=-1&TE=-1&TN=0&TD=0&TADP=1&TE1=12&TBC=Y&DA=BlueNewsch_IT%2Fros&TVER=20240108_1224&TIFR=0&NID=5469564&TFLASH=2&TFINI=sgqcvfjvr.onet.pl&TCVCLS=0&RI=6ac91659d251810a&IP=202401091851037703910795&CS=1600x1200x24&CW=1600x1200&DU=https%3A%2F%2Fprobable-zipper.sa.com%2F&DV=bluenewsch_it&IV=202401091851037703910795&IZ=0&IL=0&TID=EA-5469564&_ts=1704797465778
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae6bee98fe393bd2a.awsglobalaccelerator.com
Software
Ring Publishing - Accelerator /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://probable-zipper.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 10:51:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
Ring Publishing - Accelerator

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
get.geojs.io
URL
https://get.geojs.io/v1/ip/country
Domain
csr.onet.pl
URL
https://csr.onet.pl/5469564/tags?domain=probable-zipper.sa.com&site=BlueNewsch_IT&v=1

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| getCookie object| adobeDataLayer object| SCS string| DOCUMENT_TYPE boolean| IS_IN_APP boolean| IS_IN_APP_HYBRID string| DESIGN_ASSETS_BASE_PATH string| HULBEE_SEARCH_HOST string| SWISSCOM_SEARCH_HOST object| LI function| OptanonWrapper object| ANALYTICS object| ADVERTISING object| liMediaPulse object| MP_Helpers object| _comscore object| admTagMan object| COMSCORE object| ns_p object| OneTrustStub object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| lth object| pbjs object| _pbjsGlobals object| __admTagMan object| yieldlove_cmd function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| regeneratorRuntime function| PushDelivery function| PushDeliveryUI function| $ function| jQuery object| T function| moment function| brightcovePlayerLoader object| LivingDocsDesign object| __core-js_shared__ object| core object| lazySizesConfig object| lazySizes object| bluewinDesign object| tcApp object| DELIVERY_SLG object| _sf_async_config number| _sf_endpt object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| acm object| dlApi function| dlApiRequire function| dlApiDefine function| dlApiExec object| ringDataLayer object| Base64Url object| EventsApi object| $onet object| onetAds function| RasPrebidAnalytics object| onetBoxes function| OnetBoxes function| onetAddAudit function| onetAddFif function| onetShowAsynchAds function| onetShowAsyncSlots function| getBannerSize function| onetAddAsync function| onet string| onet_proto function| OnetApi object| googletag string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| __tcfapi object| otStubData object| otIabModule object| Optanon object| OneTrust object| pbjsYLHH object| YLHH string| yieldlove_tag object| yieldlove_site_settings string| yieldlove_ad_layout object| confiant object| yieldlove_ab object| yieldlove_cmp object| yieldlove_tc object| pbjsYLHHChunk object| brandmetrics function| __assign object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing function| __spreadArray object| _brandmetrics object| apntag number| audienzzCheck object| audienzz_internal_do_not_call_directly object| __adnz__ object| audienzz function| b function| C function| n function| f function| cwire object| push object| pushUI object| safariPush

12 Cookies

Domain/Path Name / Value
probable-zipper.sa.com/ Name: fpid
Value: 1704797462466_41445020
.scorecardresearch.com/ Name: UID
Value: 15946188e31382baf82b6771704797462
.probable-zipper.sa.com/ Name: _cb
Value: DxzcNhBv60xrC2z3O9
.probable-zipper.sa.com/ Name: _chartbeat2
Value: .1704797463579.1704797463579.1.DhBJffaBpeYBS-Le7BondXEBzueIL.1
.probable-zipper.sa.com/ Name: _cb_svref
Value: external
lib.onet.pl/ Name: acc_segment
Value: 18
sgqcvfjvr.onet.pl/ Name: acc_segment
Value: 98
.events.ocdn.eu/ Name: ea_uuid
Value: 202401091151041784108312
events.ocdn.eu/ Name: acc_segment
Value: 65
cdp.ems.onet.pl/ Name: acc_segment
Value: 32
csr.onet.pl/ Name: acc_segment
Value: 37
.probable-zipper.sa.com/ Name: ats_ri
Value: ri=202401091151041784108312&model=202401091151041784108312&models=eyJhdHNfcmkiOiIyMDI0MDEwOTExNTEwNDE3ODQxMDgzMTIifQ%3D%3D&ttl_ms=3600000&expires_ms=1704801065049&version=1704797464.921

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.adnz.co
assets.adobedtm.com
cdn-a.yieldlove.com
cdn-swisscom.push.delivery
cdn.adnz.co
cdn.bluewin.ch
cdn.brandmetrics.com
cdn.codevelop.network
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.cwi.re
cdn.jsdelivr.net
cdn.ringier-advertising.ch
cdn.skyjs.org
cdp.ems.onet.pl
csr.onet.pl
end.mpod.ch
events.ocdn.eu
geolocation.onetrust.com
get.geojs.io
lib.onet.pl
ping.chartbeat.net
probable-zipper.sa.com
production-livingdocs-bluewin-ch.imgix.net
push.delivery.ethinking.de
qcdn.skyjs.org
rcp.scsstatic.ch
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sgqcvfjvr.onet.pl
static.chartbeat.com
swisscom.push.delivery
csr.onet.pl
get.geojs.io
104.18.12.192
104.18.13.192
104.18.130.236
104.18.32.137
104.18.43.90
104.21.18.60
104.26.12.18
13.224.181.84
13.227.74.114
13.227.74.12
13.35.147.108
13.35.147.68
142.250.66.194
151.101.30.208
151.101.65.229
172.67.180.177
172.67.68.225
18.67.107.130
18.67.111.111
18.67.111.38
18.67.111.82
18.67.111.88
18.67.93.14
195.186.209.232
23.198.63.128
3.33.138.253
34.205.113.238
52.223.29.147
65.8.161.92
88.198.62.154
99.83.230.239
09525fb3b4747dfbceaa9401af3c089fae3aa045934b77ec444cfe62c0efd3da
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0a0721d78278f9a6c3dd3f639bad1b3105d2df9e97e3d4a74dbec66d6b92c7ec
0a76c2f151a973b02253149ffed720a7aa29326b8d7e5fa4e60f5bed4655ee8b
0fb3f85c052a590618026db120af83aa8b44424279e4494579f9fbd46ef10c02
17492240142c475ee2fd7dc3d3d5eca157c49291f29870bbda35552fa2964047
19f1abd25ea6498a9d125a005fce9f729f40246f14b035f363ab68f56d1d8e41
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b8380e40488d1ae6b638910b3fe7265594d958ad860b79a4749577c53134fe1
1c1d12de4da3f2ce9fda12c2ecc15797a0e2c793d8cee52702c47c612b0d54bd
1c57a6137261c54dad163c3c583863d634d1e9814ed88307496d7cb1564bb4e2
2267e82969e7da8b2fee71c9a5699c507c30dcdb91c732a45298ec2b4b8c8459
22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990
2401f4994c0f786c66ded8bc1544e143c0322667204ee6083b54993c20681113
248d572d772050a658e60e756aee20227f33cf54884e1668e1a2e7ab97159071
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
284745d6ef1d0bd73ca564fd76bfdab8c0cfae104d55107e34680c9c7ef167b0
32aa88ffa3d864ae2fef6734a569847d041cda18355b6578306380fd74df6f97
339163806601bc5efc723df4a0b0d107c620944fdd5a979028b360c337e9f666
3419b36d13a7fc8a38f52ec59722c3e11b27e20fc7c1280619c1ec18ac65a23b
3ba42fda49d776824fe03332e4edc3e2ddc35afedb497896c5e4e5a68e8d42a0
3f00d9f0ee3f8968433f0a9dff863e5a1f1563815236064d6698046d07375542
407527313e0beab178e5ee739e0a11c0d564f0a548b28fa91b8172b33bdb046e
41166aec0756ea772b94434e4818bc0244e4d79474858fe03e7a8bb14d39ed8a
442dff6db0fbdca6217609f82173121e5cec3567f0a77bb1f91b28bf8484d9fc
4b4f81fdcf68fc66485f872ac792407362ce543de6f4609ec04010561466b09e
4db1d4b1acda5f39723cac7ac0e77cccaabd5821938749d3ac82944a85091d96
5445e6290f97006b4f6bede86c144109c06e1c3da4075a4a2cea15ffc18e1169
5624e381bd10235ab37d989a5d19eb7b266c16b3db3c191d9a2990651c1d5e3c
572fbf936c52b0c819cd340f61a3c71cf38599ee2bcc01a5f7d5d5665413a070
5e39a8bb7dc50616b9f41997f90bbb8330be6eb35bb973995618c38a0e3c21f4
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fc34aea4402cdd1a7a0c4db8c058f753b9651cd29bdf3541db4bcd515f764f8
6010e95e45ae8c7c0064724e1ea3ac9495ae55a6241633446db052364c06f5f3
61060bc5f50e51d7bd496f3aa1c767bc3cda67987b059dab79883f449d2126ea
6351200898e8b79dab49d74ccb927791de5c727d886cadc0304255ec669803c6
63eb6c1c1025355f93ce5331ef93a2e7efe8c403686f1cc9eb8a1152c6d5492a
681987797b16a0daaff3a246bb408042d14c57243419fb1cf32b2dd822055f07
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a2ee6156e3643471b3feda4f64e5aa28acc36ddad79da7ae39d5ca9dd6fb81f
6b015dfc27a823d4b0eb9d73499fa3a76e6a5bf0da5fd6b1476e71e2934197d6
6b457485bca64def0f66f2bb621ada5e17a82997b661207f05eecdd3ba0559f5
72115774e068a807b1bc1aaa7f2df4d92038535bf0ff021c0a0cf5c3d9e6642a
7300e0f30486a3860ad4587b0b3d0e68e362f0cbe8a8cd5a97fba765891e4ece
7d210ae97241d56e7785760f06e1f93cb44693f79dc4ba351f3aa695400f9e8f
7d53e38bd6add65fdb28bb71b6c3e9f8703e68cfb66437dbacb28eb88dacb429
7daaea0e23f1b46b8cee7ee002e8b5e16dcd602bae7990a073e6f77a40a33984
7febcc726b716a1a57630aa63271a8e44d67fff16d2383b394779c9262d1f194
824d3aa07cb4f2535d247538a35c9c87fd45651b064bc9f0b9b6c3d21c55851e
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
883d31370eea7b9848e1bdb8331d2fc00354545ab7173d093387619f87a467ed
8fd03d35400cffeee57d6841c18e4b8767e7313693be817b2349417baee7476a
95da7e2acd99a0fc32c301d30dab23609d9c8d959225f80ce1aa76e9c9dc059d
9738dcd5f8d933ce510bb6378e77bb8651253ac85c1740f8874b20d7306b07ca
987fe16a06480857707ae20da4ad1207a246d68f87c400f5c06af8eb6d910317
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
9910673a361834d1d7e2bf06a15753aa8a9059896af3acceaac9b1d6c786a350
99eefcb1c7a04d9c87d638bd2455b8bda0be845b69cd2515585bd89ae5d15700
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9c2bdbff042e3c61e76290aa2e8b3e1730ce5dbe7143e24e7f26f124a6ba5901
aaae4aa9532a0d29d75f501420392cf81e7e0277e6ba096053eadadcb28ba53e
aabcce9eb8089e7b61c125db15d92ae0faa4d42f8bdbfcf1f71771da290f9c8c
ac19153f171aba47b1ca406b861ef01f69c3046a3164c094d938a02027433e1e
acfb9937e4426dc2da37c3a582852c1589a8aba8b8d456ae5a75f9b37f541bc4
b095c42b599d12a8c50afa725f2598ea097d1eeee522f247b962033dd9ba7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2559021e67a513b3f7fb36ad8705b52e7d4d01aad5d32135d17e7bf6184012e
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
c3369ef3f40de5b3d5cd622ce004674b4500e0e407b2a400c07dbbb8a9e6d580
c56d9de298f68a22adf74c0c6b46f3475bbc1963293ab7e20b05c37f35b72889
c586fc370d54763cc38931704a8b1482e310c6b89434ef94e252bb15a5d32478
cbb45a29818164f9aa297f0eabe3f499971caaba6ff7c12334f8802bdbd14a05
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d098bd05ff52512b139164565e060e823f66cfdd62268d9db1cebe5370538df9
d23b0c41402289706eac58c353da08a46647e38ad32114416f0798c6c66e3628
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d45c4de013bb60a63e1f5b97e5071063fbfe4e37638d953e33b4df57ffda1242
d47add8b2cc0df7b9429f054bfa05bce22171307fc1fa52d1bc461d232c5ab5d
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d6f337768e0e2b4df4002bb6a9a7d63198338ff583e49f78611a3f91dc7d8b8a
e3451828e75cf4087bc16a1b4185714833a6d85fe359b8c642c47b377c88b20d
e35bc435fc8eca0b4dcb5a268e3773cfaa62ec5aaa9a85bce13e3d698c7f627b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebfb40291ad70a92d6b433862ce21fa812b2ab2b632246dd8731d33c7df257a5
ef644945760e2a60bb6074fc5275778f773c5120bd908b33793a559e6ee5c7f3
f0cc4ee9dc83925f474ab0b5ed3a5395038c979e157d4bae8e67225f1b0922d8
fb4b392e6ea505543b3d88814ec0afd6f5780b71956c5ad6ff8482c794437c01