urlscan.io logo urlscan.io
SecurityTrails logo

shop.synlab.it Open in urlscan Pro
20.160.45.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shop.synlab.it/
Effective URL: https://shop.synlab.it/
Submission: On March 21 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 8 domains to perform 186 HTTP transactions. The main IP is 20.160.45.44, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is shop.synlab.it.
TLS certificate: Issued by R3 on March 21st 2024. Valid for: 3 months.
This is the only time shop.synlab.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 57 20.160.45.44 8075 (MICROSOFT...)
46 151.101.192.176 54113 (FASTLY)
1 35.186.241.51 15169 (GOOGLE)
22 20.76.211.154 8075 (MICROSOFT...)
2 18.173.205.14 16509 (AMAZON-02)
19 2a00:1450:400... 15169 (GOOGLE)
14 2606:4700::68... 13335 (CLOUDFLAR...)
1 44.239.187.78 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 198.202.176.141 16509 (AMAZON-02)
16 54.186.23.98 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
186 14
57    20.160.45.44 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
shop.synlab.it
46    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
api-js.mixpanel.com
22    20.76.211.154 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
westeurope-production.ordercloud.io
2    18.173.205.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-14.fra56.r.cloudfront.net
m.stripe.network
19    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
14    2606:4700::6812:100a (United States)

ASN13335 (CLOUDFLARENET, US)
xmc-synlab1-synlab-production.sitecorecloud.io
1    44.239.187.78 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-187-78.us-west-2.compute.amazonaws.com
m.stripe.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
3    198.202.176.141 (United States)

ASN16509 (AMAZON-02, US)
ppm.stripe.com
16    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
r.stripe.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
66 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2499
m.stripe.com — Cisco Umbrella Rank: 2405
ppm.stripe.com — Cisco Umbrella Rank: 103162
r.stripe.com — Cisco Umbrella Rank: 4705
2 MB
57 synlab.it
shop.synlab.it
2 MB
22 ordercloud.io
westeurope-production.ordercloud.io
12 KB
21 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 654
fonts.googleapis.com — Cisco Umbrella Rank: 110
405 KB
14 sitecorecloud.io
xmc-synlab1-synlab-production.sitecorecloud.io
10 MB
3 gstatic.com
maps.gstatic.com
fonts.gstatic.com
32 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2673
16 KB
1 mixpanel.com
api-js.mixpanel.com — Cisco Umbrella Rank: 4437
361 B
186 8
Domain Requested by
57 shop.synlab.it 1 redirects shop.synlab.it
46 js.stripe.com shop.synlab.it
js.stripe.com
22 westeurope-production.ordercloud.io shop.synlab.it
19 maps.googleapis.com shop.synlab.it
maps.googleapis.com
16 r.stripe.com js.stripe.com
14 xmc-synlab1-synlab-production.sitecorecloud.io
3 ppm.stripe.com js.stripe.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com maps.googleapis.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 maps.gstatic.com
1 m.stripe.com m.stripe.network
1 api-js.mixpanel.com shop.synlab.it
186 13

This site contains links to these domains. Also see Links.

Domain
maps.google.com
www.google.com
synlab.it
www.facebook.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
shop.synlab.it
R3		 2024-03-21 -
2024-06-19		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
*.mixpanel.com
GeoTrust TLS RSA CA G1		 2024-02-08 -
2025-03-10		 a year crt.sh
*.ordercloud.io
Go Daddy Secure Certificate Authority - G2		 2023-10-16 -
2024-11-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
sitecorecloud.io
E1		 2024-02-22 -
2024-05-22		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2024-05-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2024-03-06 -
2024-06-06		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://shop.synlab.it/
Frame ID: AA417253D45254422C1FF376E42D7B23
Requests: 133 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: FA725D9AFD8CCAE161A67287EFA23C8D
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A0620ABF393EDA6AF3DE977FC47575BC
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Frame ID: CAB8C304E4D84AFAF993ACA4CFE436B1
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Frame ID: 6D62860A7FFD928BE851F90BDDF3E5B5
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Frame ID: 2654E6A595941437DC7F83DC20838471
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Frame ID: 832FBA84D661779C9E0EA4A652451B5E
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Frame ID: 80F749A151C195E4AEB4500968F6EBC7
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Frame ID: 0C2277EE05C41A98D9BCBD5F54E29AC1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Synlab Health For You

Page URL History Show full URLs

  1. http://shop.synlab.it/ HTTP 301
    https://shop.synlab.it/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

186
Requests

99 %
HTTPS

38 %
IPv6

8
Domains

13
Subdomains

14
IPs

3
Countries

15730 kB
Transfer

35304 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shop.synlab.it/ HTTP 301
    https://shop.synlab.it/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

186 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shop.synlab.it/
Redirect Chain
  • http://shop.synlab.it/
  • https://shop.synlab.it/
8 MB
414 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy / Next.js
Resource Hash
636fe392aab44bec381f5727a4ac76dc6b9fd4dd68706423bbe5e8f1f5407eee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
keep-alive
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Mar 2024 15:20:19 GMT
Permissions-Policy
fullscreen=(), geolocation=()
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
etag
"bea5ha2e97506l0"
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1699
x-powered-by
Next.js

Redirect headers

Connection
keep-alive
Content-Length
195
Content-Type
text/html
Date
Thu, 21 Mar 2024 15:20:17 GMT
Location
https://shop.synlab.it/
Server
Microsoft-Azure-Application-Gateway/v2
49d580f5ae5c247e.css
shop.synlab.it/_next/static/css/ 		172 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/css/49d580f5ae5c247e.css
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
20b5ee027cc179b166b4a899739f14e3d790ca4afb91402cb02424be25f47220
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
2
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"2ae4e-18e520a193d"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
0d12ea6f736dbf49.css
shop.synlab.it/_next/static/css/ 		90 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/css/0d12ea6f736dbf49.css
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
8e271ed7b549991d2818871c5affd8689eb95bd241e08b9c3bde6ffca737d96c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
3
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"16698-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
webpack-3230a6d7876fe243.js
shop.synlab.it/_next/static/chunks/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/webpack-3230a6d7876fe243.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
4959b629f516de6786567ecdab68bf7c193cbb96c187017d75f6d7a4019a29f5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"1513-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
framework-09ea07f57f79e112.js
shop.synlab.it/_next/static/chunks/ 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/framework-09ea07f57f79e112.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
3d9f4a4d912b5cf208687001d886a8d1db8179ae386552e45ab24308d86b5763
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
2
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"2270d-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
main-6284895e473ca600.js
shop.synlab.it/_next/static/chunks/ 		131 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
1b72a6192e8a6c104ce7a5e76b4c9c3ab3c660ec5dbe840d6553b2ae9592e2cc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"20cae-18e520a193d"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
_app-ff782a53fc5abe23.js
shop.synlab.it/_next/static/chunks/pages/ 		181 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/pages/_app-ff782a53fc5abe23.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
52d1baa88fe5ac6511ef034a56d01cf55953bf1ded7cc2af8dfe52223b604586
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
2
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"2d5b7-18e520a193d"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
1bfc9850-beaf488f09329bcc.js
shop.synlab.it/_next/static/chunks/ 		610 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/1bfc9850-beaf488f09329bcc.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
d300c29137a0b81f82eb4fd763f51cb857a33972ac510ab34bc9502217b586bf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"262-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
07d1153d-81cdb81b7aa77b04.js
shop.synlab.it/_next/static/chunks/ 		267 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/07d1153d-81cdb81b7aa77b04.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
739f8ee2fd5ee472cbe286c8927c53ef1ecb516f194441fa94a174266fbef9aa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"42c78-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
48c79778-fd41671ff7b323e1.js
shop.synlab.it/_next/static/chunks/ 		398 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/48c79778-fd41671ff7b323e1.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
9b3ecac206dda8b9fe5469825de7a398a8eff0748213cafa04af7232c06d6ec5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
3
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"6390a-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
13b8a98b-d99896f98da13e78.js
shop.synlab.it/_next/static/chunks/ 		200 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/13b8a98b-d99896f98da13e78.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
7d83a76a0913b90abe7c03d713a1bdb1ba54a84d279017b743b4ca3522cd3ecb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
2
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"31ee8-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
65291039-df1765a82e71d87c.js
shop.synlab.it/_next/static/chunks/ 		253 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/65291039-df1765a82e71d87c.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
ab64f974c4cb25996b56be26445a8d75c5e9191391c3e81350530d2da736a7f7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"3f303-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
2b7b2d2a-501021132b89b106.js
shop.synlab.it/_next/static/chunks/ 		277 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/2b7b2d2a-501021132b89b106.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
34a2278ad0ca789eba055cbc1b8b5742c761c576815459bd31dd53448ab7b3c4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
2
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"453a3-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
ad7f724d-fac82fabda540c89.js
shop.synlab.it/_next/static/chunks/ 		208 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/ad7f724d-fac82fabda540c89.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
b0652c8f2970d1149736b67d47a0d3ef453a73cd465cc3727d25ddd851f7b928
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
2
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"34117-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
e78312c5-a7bfb5d06c47e027.js
shop.synlab.it/_next/static/chunks/ 		359 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/e78312c5-a7bfb5d06c47e027.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
033d07a992d6db25494efa6f855a57de1f4e2927f24dc83ff20cb5dfbcf43cb1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
2
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"59a6d-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
d64684d8-99ce62f45f01969a.js
shop.synlab.it/_next/static/chunks/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/d64684d8-99ce62f45f01969a.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
ee237537f66538373c3e077755590ebe97d39ebcc98fed3f271d4fb368116991
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"11b8-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
630-349baa002811fc70.js
shop.synlab.it/_next/static/chunks/ 		2 MB
585 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
41b08a4ee8fbfd82a64dc10d0b901a4f5fb10c0e913f4d2a89ab5a1f0c7372d4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
2
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"1c9cdc-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
844-056e506ca84a5965.js
shop.synlab.it/_next/static/chunks/ 		987 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/844-056e506ca84a5965.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
61b960118b7c4760db154a32dc9a3341f2e858df7bed95530ff13a9378c5d13f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"f6b8e-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
%5B%5B...path%5D%5D-9d81de627749003d.js
shop.synlab.it/_next/static/chunks/pages/ 		298 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/pages/%5B%5B...path%5D%5D-9d81de627749003d.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
8719e3043fce3e1977f2a37f930f72e85fbc862141867e38f2db8eff23fe97bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"12a-18e520a193d"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
_buildManifest.js
shop.synlab.it/_next/static/128da107e0303b7beb8d4dc8ac97c4a28c54f806/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/128da107e0303b7beb8d4dc8ac97c4a28c54f806/_buildManifest.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
ff831d71b98ed6d9002eea99b80ad5e788a92c0fab9553ffa447955304e19814
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"a12-18e520a193d"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
_ssgManifest.js
shop.synlab.it/_next/static/128da107e0303b7beb8d4dc8ac97c4a28c54f806/ 		77 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/128da107e0303b7beb8d4dc8ac97c4a28c54f806/_ssgManifest.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"4d-18e520a193d"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
OpenSans-Regular.ttf
shop.synlab.it/fonts/OpenSans/ 		127 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/fonts/OpenSans/OpenSans-Regular.ttf
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/css/49d580f5ae5c247e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shop.synlab.it/_next/static/css/49d580f5ae5c247e.css
Origin
https://shop.synlab.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:19 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"1fb04-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
font/ttf
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
v3
js.stripe.com/ 		607 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9208d3b15dfda19ba48d0dd78429975637682531aa6aa9c9a0b0c9049a4a081d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
1
x-cache
HIT
content-length
171656
x-request-id
8fbcc236-b02c-48bf-ab14-9c806d1c2ab1
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:33:02 GMT
server
Fastly
etag
"83a195e0e9274f07cb20b0fbd92d4b5b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
session
shop.synlab.it/api/auth/ 		2 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/api/auth/session
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/pages/_app-ff782a53fc5abe23.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shop.synlab.it/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
server
envoy
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
etag
"bwc9mymkdm2"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
x-envoy-upstream-service-time
3
Permissions-Policy
fullscreen=(), geolocation=()
Connection
keep-alive
Content-Length
2
/
api-js.mixpanel.com/track/ 		25 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1711034420115
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/pages/_app-ff782a53fc5abe23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://shop.synlab.it
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
47
access-control-allow-headers
X-Requested-With
content-length
25
alt-svc
clear
token
westeurope-production.ordercloud.io/oauth/ 		934 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/oauth/token
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8d86c4dbca60a258ea70be29c265ba88f09ead5213aaf2f01b44e71ad2831c92

Request headers

Accept
application/json
Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
26c43982-ed16-41bb-ad1a-2cc84ab2b3b7
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
token
westeurope-production.ordercloud.io/oauth/ 		934 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/oauth/token
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d6be56e3b08bcffe5d09fe46a88dc95268e35e3d4f65116fa55df91def64ac62

Request headers

Accept
application/json
Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
d1251f73-102d-418a-b4ff-eb8ad569ade1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame FA72 		200 B
817 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
8484457
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 15:20:20 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
299239
x-content-type-options
nosniff
x-request-id
42730a32-f6aa-43fa-8a11-ebaf5211cf80
x-served-by
cache-mxp6923-MXP
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame FA72 		526 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
8484456
x-cache
HIT
content-length
315
x-request-id
7dbc269e-0d52-4876-a2c0-140a22a790ee
x-served-by
cache-mxp6923-MXP
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
286553
inner.html
m.stripe.network/ Frame A062 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-14.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
73
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 15:19:08 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
x-amz-cf-id
u_lb89aJfTdYoNE18DKQq5e-CKqUpPqML0NWb_gJhj6YLm4bKCOXjg==
x-amz-cf-pop
FRA56-P12
x-cache
Hit from cloudfront
x-content-type-options
nosniff
categories
westeurope-production.ordercloud.io/v1/me/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/categories?catalogID=SHFYIT&sortBy=Name
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://shop.synlab.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Thu, 21 Mar 2024 15:20:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
products
westeurope-production.ordercloud.io/v1/me/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/products?xp.Featured=true&pageSize=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://shop.synlab.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Thu, 21 Mar 2024 15:20:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
cart
westeurope-production.ordercloud.io/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/cart
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://shop.synlab.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Thu, 21 Mar 2024 15:20:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
lineitems
westeurope-production.ordercloud.io/v1/cart/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/cart/lineitems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://shop.synlab.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Thu, 21 Mar 2024 15:20:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
promotions
westeurope-production.ordercloud.io/v1/cart/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/cart/promotions
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://shop.synlab.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Thu, 21 Mar 2024 15:20:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
OpenSans-SemiBold.ttf
shop.synlab.it/fonts/OpenSans/ 		127 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/fonts/OpenSans/OpenSans-SemiBold.ttf
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/css/49d580f5ae5c247e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
89275a1c66640733265b5be89864b6daefef1cc3f275566dd8fd29bd66601a83
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shop.synlab.it/_next/static/css/49d580f5ae5c247e.css
Origin
https://shop.synlab.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
2
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"1fab4-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
font/ttf
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
js
maps.googleapis.com/maps/api/ 		236 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&callback=googleMapsCallback&libraries=places,geometry
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
f683872c7c925c59ef23748fd38b77025ee9fd40c4490037dd0bf406318b3fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78925
x-xss-protection
0
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6a1f7ba67189b8b967e563d844e02c9ef323caf9a5a450aaa166d72f3860f47

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
OpenSans-Light.ttf
shop.synlab.it/fonts/OpenSans/ 		127 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/fonts/OpenSans/OpenSans-Light.ttf
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/css/49d580f5ae5c247e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
abca0004f2960ea162b161a82240a139fce6012733a76f3859febb9bed38b420
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shop.synlab.it/_next/static/css/49d580f5ae5c247e.css
Origin
https://shop.synlab.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"1fadc-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
font/ttf
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
shopping-bag.svg
shop.synlab.it/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/shopping-bag.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
0d37bf13cf58014da6ff434281d2537e2139bebc0d2a350c72236caa62a720c8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"44e-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
menu.svg
shop.synlab.it/icons/ 		408 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/menu.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
3277b913e7a5126c2eb546e7a0da135c6fef3f8b48d22ca3aaab9c0e532cf738
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"198-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
chevron-down-m.svg
shop.synlab.it/icons/ 		212 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/chevron-down-m.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
dfde5b90423ae16ee1cfcd1eb852397ca889ecc867e7f805516b436219ccaead
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"d4-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
arrow-right.svg
shop.synlab.it/icons/ 		316 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/arrow-right.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
4762e776b7fed9879bdc7173ff16135b73a7003895ec0be77dcf72d1651c456b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"13c-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
marker-pointer.svg
shop.synlab.it/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/marker-pointer.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
b495a17da352a4cf99e9f2697997a2a48f76ab879e637fdd4a550622e7e68952
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"5a8-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
mastercard.svg
shop.synlab.it/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/mastercard.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
b2caed3e357098a23775ee481bbe38f853afe172114ffd579e14cc3984b3d5fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"4f7-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
visa.svg
shop.synlab.it/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/visa.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
7901a327fbeb5fb2b223c68d4145b07e863c1667ee817df3e037808cfba0269c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"51e-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
amex.svg
shop.synlab.it/icons/ 		12 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/amex.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
75ecac63ca3a9fe849cdd4ff0faa124f3fee4e05dba1ba4fbb001b37161c0f68
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"30fe-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
stripe.svg
shop.synlab.it/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/stripe.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
7211219a1b8326ae9356fd90e818a63c631e22297840e28b7594a59d3420fdde
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"a18-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
accreditation.svg
shop.synlab.it/icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/accreditation.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
84191aeb17e0d06b48871093dc11253594f6499e94d8f4b70581479165e67005
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"16e0-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
Homepage-Slider_Nutrition-IT.png
xmc-synlab1-synlab-production.sitecorecloud.io/-/media/Project/Synlab/Italy/Pages/Home-page/Carousel/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/media/Project/Synlab/Italy/Pages/Home-page/Carousel/Homepage-Slider_Nutrition-IT.png?h=1005&iar=0&w=1320&hash=329670CDB783CB5CF1BDF91CFD633CCC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb961a895c38bdd4162816032471a7abc614099c906bfcf6230e21fa1642439b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 15 Jan 2024 13:07:22 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="Homepage Slider_Nutrition-IT.png"
accept-ranges
bytes
cf-ray
867eece84d5b4bd9-MXP
alt-svc
h3=":443"; ma=86400
content-length
4131913
Homepage-Slider_Fatigue-IT.png
xmc-synlab1-synlab-production.sitecorecloud.io/-/media/Project/Synlab/Italy/Pages/Home-page/Carousel/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/media/Project/Synlab/Italy/Pages/Home-page/Carousel/Homepage-Slider_Fatigue-IT.png?h=1005&iar=0&w=1320&hash=08CEA8669A765F41ACA7BE09979A26EE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ca441fa2283e98f636052991239d8efbfb72d5e8863b141f34e11e139cf4b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 15 Jan 2024 13:05:22 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="Homepage Slider_Fatigue-IT.png"
accept-ranges
bytes
cf-ray
867eece84d5a4bd9-MXP
alt-svc
h3=":443"; ma=86400
content-length
3007086
categories
westeurope-production.ordercloud.io/v1/me/ 		1011 B
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/categories?catalogID=SHFYIT&sortBy=Name
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ef3bed2e442bbd2f437cefbf574c9aa5123b2feda5c71a3151e91bc0c058271

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
it-IT,it;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InB3Yk1nVkIta1UtQ3RtU2NzNnJGMlEifQ.eyJqdGkiOiJ4dzNuMXpheklrSzM5V0Z2QUJLcFB3IiwidXNyIjoiZGVmYXVsdF9idXllcl9pdCIsImNpZCI6IjEzZDdhMjY0LTU5YTUtNGZhNC1hMzNkLWFkNWEwZGI0ZDEyNSIsIm9yZGVyaWQiOiJGZGRST1hLY0FFV245THU0dWhmakdnIiwidSI6IjI4NjIwIiwidXNydHlwZSI6ImJ1eWVyIiwicm9sZSI6IlNob3BwZXIiLCJuYmYiOjE3MTEwMzM4MjAsImV4cCI6MTcxMTYzOTIyMCwiaXNzIjoiaHR0cHM6Ly93ZXN0ZXVyb3BlLXByb2R1Y3Rpb24ub3JkZXJjbG91ZC5pbyIsImF1ZCI6Imh0dHBzOi8vd2VzdGV1cm9wZS1wcm9kdWN0aW9uLm9yZGVyY2xvdWQuaW8ifQ.XBJbrap9wEVTjdmf09G2lTrIJXiB1HO4gnF7G-V6gXw0At26DLrqfsBktzyEVujqZO3mbXiSM9ilyv4b93mJ1SLHi3H0qZvviDImYhVuVBx8_oYbHGadEE3gV4M05noRBF4clOm3YJYyVH-l1VO5XAgAbD9MLmxon4D_qOp9il_4QIHfZVuG-xTHWPvjFrg4Upk9Vciw7jtSiMUvHR4Wf24_-nR7hHpX9FoA3TeBdqxVXIO8pGJsvTe3k0P0hlIuKi3IHjgTRhBG33qbrck0wS3q6dmV1yeRSN1cIw29WEExwuOHHmhqTSxIGNx9xDB7UAIVe7StNGOq0kLQnzqLgg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
7a1441c1-069f-4fbe-b29a-01cc409e1dae
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
products
westeurope-production.ordercloud.io/v1/me/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/products?xp.Featured=true&pageSize=3
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dc4303353f528e726a8b1d70ea2222004f587346efc7071cd2c1846c31894760

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
it-IT,it;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InB3Yk1nVkIta1UtQ3RtU2NzNnJGMlEifQ.eyJqdGkiOiJ4dzNuMXpheklrSzM5V0Z2QUJLcFB3IiwidXNyIjoiZGVmYXVsdF9idXllcl9pdCIsImNpZCI6IjEzZDdhMjY0LTU5YTUtNGZhNC1hMzNkLWFkNWEwZGI0ZDEyNSIsIm9yZGVyaWQiOiJGZGRST1hLY0FFV245THU0dWhmakdnIiwidSI6IjI4NjIwIiwidXNydHlwZSI6ImJ1eWVyIiwicm9sZSI6IlNob3BwZXIiLCJuYmYiOjE3MTEwMzM4MjAsImV4cCI6MTcxMTYzOTIyMCwiaXNzIjoiaHR0cHM6Ly93ZXN0ZXVyb3BlLXByb2R1Y3Rpb24ub3JkZXJjbG91ZC5pbyIsImF1ZCI6Imh0dHBzOi8vd2VzdGV1cm9wZS1wcm9kdWN0aW9uLm9yZGVyY2xvdWQuaW8ifQ.XBJbrap9wEVTjdmf09G2lTrIJXiB1HO4gnF7G-V6gXw0At26DLrqfsBktzyEVujqZO3mbXiSM9ilyv4b93mJ1SLHi3H0qZvviDImYhVuVBx8_oYbHGadEE3gV4M05noRBF4clOm3YJYyVH-l1VO5XAgAbD9MLmxon4D_qOp9il_4QIHfZVuG-xTHWPvjFrg4Upk9Vciw7jtSiMUvHR4Wf24_-nR7hHpX9FoA3TeBdqxVXIO8pGJsvTe3k0P0hlIuKi3IHjgTRhBG33qbrck0wS3q6dmV1yeRSN1cIw29WEExwuOHHmhqTSxIGNx9xDB7UAIVe7StNGOq0kLQnzqLgg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
f81045aa-eeb1-49e3-ad68-29f35323942d
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
cart
westeurope-production.ordercloud.io/v1/ 		528 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/cart
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3407e6343653d6e4ea25adf6559505ae39a1ebeb9f372782c3095e478cea7c3

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
it-IT,it;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InB3Yk1nVkIta1UtQ3RtU2NzNnJGMlEifQ.eyJqdGkiOiJ4dzNuMXpheklrSzM5V0Z2QUJLcFB3IiwidXNyIjoiZGVmYXVsdF9idXllcl9pdCIsImNpZCI6IjEzZDdhMjY0LTU5YTUtNGZhNC1hMzNkLWFkNWEwZGI0ZDEyNSIsIm9yZGVyaWQiOiJGZGRST1hLY0FFV245THU0dWhmakdnIiwidSI6IjI4NjIwIiwidXNydHlwZSI6ImJ1eWVyIiwicm9sZSI6IlNob3BwZXIiLCJuYmYiOjE3MTEwMzM4MjAsImV4cCI6MTcxMTYzOTIyMCwiaXNzIjoiaHR0cHM6Ly93ZXN0ZXVyb3BlLXByb2R1Y3Rpb24ub3JkZXJjbG91ZC5pbyIsImF1ZCI6Imh0dHBzOi8vd2VzdGV1cm9wZS1wcm9kdWN0aW9uLm9yZGVyY2xvdWQuaW8ifQ.XBJbrap9wEVTjdmf09G2lTrIJXiB1HO4gnF7G-V6gXw0At26DLrqfsBktzyEVujqZO3mbXiSM9ilyv4b93mJ1SLHi3H0qZvviDImYhVuVBx8_oYbHGadEE3gV4M05noRBF4clOm3YJYyVH-l1VO5XAgAbD9MLmxon4D_qOp9il_4QIHfZVuG-xTHWPvjFrg4Upk9Vciw7jtSiMUvHR4Wf24_-nR7hHpX9FoA3TeBdqxVXIO8pGJsvTe3k0P0hlIuKi3IHjgTRhBG33qbrck0wS3q6dmV1yeRSN1cIw29WEExwuOHHmhqTSxIGNx9xDB7UAIVe7StNGOq0kLQnzqLgg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
23652526-a9ea-43eb-b731-ffb3edfb415c
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
lineitems
westeurope-production.ordercloud.io/v1/cart/ 		111 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/cart/lineitems
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d3d54566e5d3102dbf187d55e1c74b04457acac8f08e3fe06e8be7046a797ae2

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
it-IT,it;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InB3Yk1nVkIta1UtQ3RtU2NzNnJGMlEifQ.eyJqdGkiOiJ4dzNuMXpheklrSzM5V0Z2QUJLcFB3IiwidXNyIjoiZGVmYXVsdF9idXllcl9pdCIsImNpZCI6IjEzZDdhMjY0LTU5YTUtNGZhNC1hMzNkLWFkNWEwZGI0ZDEyNSIsIm9yZGVyaWQiOiJGZGRST1hLY0FFV245THU0dWhmakdnIiwidSI6IjI4NjIwIiwidXNydHlwZSI6ImJ1eWVyIiwicm9sZSI6IlNob3BwZXIiLCJuYmYiOjE3MTEwMzM4MjAsImV4cCI6MTcxMTYzOTIyMCwiaXNzIjoiaHR0cHM6Ly93ZXN0ZXVyb3BlLXByb2R1Y3Rpb24ub3JkZXJjbG91ZC5pbyIsImF1ZCI6Imh0dHBzOi8vd2VzdGV1cm9wZS1wcm9kdWN0aW9uLm9yZGVyY2xvdWQuaW8ifQ.XBJbrap9wEVTjdmf09G2lTrIJXiB1HO4gnF7G-V6gXw0At26DLrqfsBktzyEVujqZO3mbXiSM9ilyv4b93mJ1SLHi3H0qZvviDImYhVuVBx8_oYbHGadEE3gV4M05noRBF4clOm3YJYyVH-l1VO5XAgAbD9MLmxon4D_qOp9il_4QIHfZVuG-xTHWPvjFrg4Upk9Vciw7jtSiMUvHR4Wf24_-nR7hHpX9FoA3TeBdqxVXIO8pGJsvTe3k0P0hlIuKi3IHjgTRhBG33qbrck0wS3q6dmV1yeRSN1cIw29WEExwuOHHmhqTSxIGNx9xDB7UAIVe7StNGOq0kLQnzqLgg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
46a4efd9-aeae-4ed2-8d7a-3e0dbad835b8
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
promotions
westeurope-production.ordercloud.io/v1/cart/ 		111 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/cart/promotions
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d3d54566e5d3102dbf187d55e1c74b04457acac8f08e3fe06e8be7046a797ae2

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
it-IT,it;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InB3Yk1nVkIta1UtQ3RtU2NzNnJGMlEifQ.eyJqdGkiOiJ4dzNuMXpheklrSzM5V0Z2QUJLcFB3IiwidXNyIjoiZGVmYXVsdF9idXllcl9pdCIsImNpZCI6IjEzZDdhMjY0LTU5YTUtNGZhNC1hMzNkLWFkNWEwZGI0ZDEyNSIsIm9yZGVyaWQiOiJGZGRST1hLY0FFV245THU0dWhmakdnIiwidSI6IjI4NjIwIiwidXNydHlwZSI6ImJ1eWVyIiwicm9sZSI6IlNob3BwZXIiLCJuYmYiOjE3MTEwMzM4MjAsImV4cCI6MTcxMTYzOTIyMCwiaXNzIjoiaHR0cHM6Ly93ZXN0ZXVyb3BlLXByb2R1Y3Rpb24ub3JkZXJjbG91ZC5pbyIsImF1ZCI6Imh0dHBzOi8vd2VzdGV1cm9wZS1wcm9kdWN0aW9uLm9yZGVyY2xvdWQuaW8ifQ.XBJbrap9wEVTjdmf09G2lTrIJXiB1HO4gnF7G-V6gXw0At26DLrqfsBktzyEVujqZO3mbXiSM9ilyv4b93mJ1SLHi3H0qZvviDImYhVuVBx8_oYbHGadEE3gV4M05noRBF4clOm3YJYyVH-l1VO5XAgAbD9MLmxon4D_qOp9il_4QIHfZVuG-xTHWPvjFrg4Upk9Vciw7jtSiMUvHR4Wf24_-nR7hHpX9FoA3TeBdqxVXIO8pGJsvTe3k0P0hlIuKi3IHjgTRhBG33qbrck0wS3q6dmV1yeRSN1cIw29WEExwuOHHmhqTSxIGNx9xDB7UAIVe7StNGOq0kLQnzqLgg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
37b65f28-e8f0-4e94-9477-b428d1c2ce54
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
privacy-policy.json
shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/legal-policies/ 		2 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/legal-policies/privacy-policy.json?path=legal-policies&path=privacy-policy
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://shop.synlab.it/
accept-language
it-IT,it;q=0.9
x-middleware-prefetch
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
server
envoy
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
x-middleware-skip
1
Transfer-Encoding
chunked
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
3
Permissions-Policy
fullscreen=(), geolocation=()
Connection
keep-alive
Referrer-Policy
same-origin
out-4.5.43.js
m.stripe.network/ Frame A062 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-14.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:18:57 GMT
content-encoding
br
via
1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
84
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
IQT47ogpLuRuK0uRISOZw65PNJNw9wTLpQDOKa-_80gpCSlflsr-CA==
synlabLogo.svg
xmc-synlab1-synlab-production.sitecorecloud.io/-/media/Project/Synlab/Italy/Shared/logo/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/media/Project/Synlab/Italy/Shared/logo/synlabLogo.svg?iar=0&hash=EECA89194722326817BCEF455388E8C6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be01311f38d25dd6b0ac1aa59afc65e634b2b02e87c7842293a7f1528cb2fc55
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 28 Dec 2023 14:19:01 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=604800
content-disposition
inline; filename="synlabLogo.svg"
cf-ray
867eece84d5d4bd9-MXP
alt-svc
h3=":443"; ma=86400
hero-carousel-wave.svg
shop.synlab.it/images/shapes/ 		888 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/images/shapes/hero-carousel-wave.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
5cd8d861ff06c5823b614853a440cee01c1a349d9d20a6a8ce2169aa3af707c6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"378-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
globe.svg
xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Icons/ 		667 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Icons/globe.svg?iar=0&hash=B3CE2291F2C999B89ECB76E8B7D35ADB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9beec5275a01cfc165d765cb45c52671c36976088d6a7d2290fa576fdaf3741e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 13 Oct 2023 09:38:27 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=604800
content-disposition
inline; filename="globe.svg"
cf-ray
867eece84d604bd9-MXP
alt-svc
h3=":443"; ma=86400
zap.svg
xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Icons/ 		234 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Icons/zap.svg?iar=0&hash=2FB1045101BDCA3B18583638AF338C37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3886e402921be562e6079d503862dd9db3e3bcd701e4dad22ef4cca0c45ff650
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 15 Jan 2024 12:30:55 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=604800
content-disposition
inline; filename="zap.svg"
cf-ray
867eece84d624bd9-MXP
alt-svc
h3=":443"; ma=86400
award.svg
xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Icons/ 		461 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Icons/award.svg?iar=0&hash=915A48C86E5752A5D3A96D54FF3600BA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29d7103c3c7d9a082c0a4e744bdaa295e75f005e04cf8b9a062677a407c4dbea
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 15 Jan 2024 11:46:53 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=604800
content-disposition
inline; filename="award.svg"
cf-ray
867eece84d634bd9-MXP
alt-svc
h3=":443"; ma=86400
Rectangle-3463654.png
xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Shapes/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Shapes/Rectangle-3463654.png?h=1123&iar=0&w=1440&hash=E032F88134DD6BD52176CD3E4C0CAA49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0679f809997a2b8a66a271572f71b09bb2d2fadf77d6f5a8e0e02880180fdc77
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 30 Jun 2023 12:47:33 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="Rectangle 3463654.png"
accept-ranges
bytes
cf-ray
867eece85d7a4bd9-MXP
alt-svc
h3=":443"; ma=86400
content-length
15319
Homepage_discover_complete_range_800x745.png
xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Pages/Home-page/Featured-products/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Pages/Home-page/Featured-products/Homepage_discover_complete_range_800x745.png?h=1490&iar=0&w=1600&hash=81342A9860759598F5F6D149AEEB44CE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d96a7c6ca5ec6089ddb6727b541148519b78b18eb533b57641f7782e5f0bd12f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 15 Jan 2024 13:09:26 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="Homepage_discover_complete_range_800x745.png"
accept-ranges
bytes
cf-ray
867eece85d7c4bd9-MXP
alt-svc
h3=":443"; ma=86400
content-length
2163495
test-icon.png
xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Shared/How-It-works/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Shared/How-It-works/test-icon.png?h=216&iar=0&w=216&hash=4A8F4C78F00E2D7D10270A0A87362C53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182cd0310fe6df2f910aa951fa5cc8bb1a1faf1e252af2e143417f1022e44bf5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 19 Oct 2023 10:40:16 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="test icon.png"
accept-ranges
bytes
cf-ray
867eece85d884bd9-MXP
alt-svc
h3=":443"; ma=86400
content-length
4413
how-it-wrok-hospital.png
xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Shared/How-It-works/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Shared/How-It-works/how-it-wrok-hospital.png?h=148&iar=0&w=108&hash=034EFA5D276B47A2C7C0D8C0B1325285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189fee3c431143ba14e369189578b499c8cd1ce760bd4a455cb0c5503ba85cde
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 07 Nov 2023 14:24:21 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="how-it-wrok-hospital.png"
accept-ranges
bytes
cf-ray
867eece85d8c4bd9-MXP
alt-svc
h3=":443"; ma=86400
content-length
1395
fast-results-icon.png
xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/UK/Pages/Home-page/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/UK/Pages/Home-page/fast-results-icon.png?h=216&iar=0&w=216&hash=670DF23238F516F59A3320A3ED58B329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
739a59bb4b4a944fc240484af1e3a94f6daaa9736843cf9affc9bf4f4c5d3fbb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 07 Feb 2024 12:49:32 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="fast-results-icon.png"
accept-ranges
bytes
cf-ray
867eece85d8d4bd9-MXP
alt-svc
h3=":443"; ma=86400
content-length
7406
our-promises-bg.svg
shop.synlab.it/images/shapes/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/images/shapes/our-promises-bg.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
c913475674b6bc5f99ac59c2c6d6088716260a5f963aa3cc114abf19c4a74cbc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"9e1-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
Synlab_Visuals_SEPT-01.png
xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Shared/Our-Promises/ 		653 KB
653 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Shared/Our-Promises/Synlab_Visuals_SEPT-01.png?h=794&iar=0&w=932&hash=9696AA6E18D9ED96908B3C984914B4B1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8a0cd665691366ea3f4307f8ef0d39f63dae191208b785e5ee84d4e0d5d67a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 31 Aug 2023 12:24:44 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="Synlab_Visuals_SEPT-01.png"
accept-ranges
bytes
cf-ray
867eece85d8e4bd9-MXP
alt-svc
h3=":443"; ma=86400
content-length
668311
Synlab_Visuals_SEPT-02.png
xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Shared/Our-Promises/ 		854 KB
855 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Italy/Shared/Our-Promises/Synlab_Visuals_SEPT-02.png?h=894&iar=0&w=1006&hash=4D3A427B3533550AFF9B865F2D85105A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
432c2baf4e0235a8e68564d61603be317f67edd7889f0e963eadd684061b3150
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 31 Aug 2023 08:01:57 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="Synlab_Visuals_SEPT-02.png"
accept-ranges
bytes
cf-ray
867eece85d8f4bd9-MXP
alt-svc
h3=":443"; ma=86400
content-length
874195
arrow-right-orange.svg
xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Icons/ 		2 KB
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmc-synlab1-synlab-production.sitecorecloud.io/-/jssmedia/Project/Synlab/Icons/arrow-right-orange.svg?iar=0&hash=6638137083B32DE3CF95B734F236E498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:100a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2950425cc0069e8864a480a6a57a9347d09c5006cbaee0fee231a30856830b0d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-security-policy
frame-ancestors 'self' pages.sitecorecloud.io pages.sitecore.io symphony.sitecorecloud.io explorer.sitecorecloud.io components.sitecorecloud.io https://pages.sitecorecloud.io
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 29 Aug 2023 10:14:35 GMT
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=604800
content-disposition
inline; filename="arrow-right-orange.svg"
cf-ray
867eece85d914bd9-MXP
alt-svc
h3=":443"; ma=86400
how-it-works.json
shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/ 		2 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/how-it-works.json?path=how-it-works
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://shop.synlab.it/
accept-language
it-IT,it;q=0.9
x-middleware-prefetch
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
server
envoy
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
x-middleware-skip
1
Transfer-Encoding
chunked
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
2
Permissions-Policy
fullscreen=(), geolocation=()
Connection
keep-alive
Referrer-Policy
same-origin
en.json
shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/ 		2 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en.json
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://shop.synlab.it/
accept-language
it-IT,it;q=0.9
x-middleware-prefetch
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
server
envoy
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
x-middleware-skip
1
Transfer-Encoding
chunked
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
5
Permissions-Policy
fullscreen=(), geolocation=()
Connection
keep-alive
Referrer-Policy
same-origin
cart.json
shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/ 		2 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/cart.json?path=cart
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://shop.synlab.it/
accept-language
it-IT,it;q=0.9
x-middleware-prefetch
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
server
envoy
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
x-middleware-skip
1
Transfer-Encoding
chunked
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
2
Permissions-Policy
fullscreen=(), geolocation=()
Connection
keep-alive
Referrer-Policy
same-origin
overview.json
shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/locations/ 		2 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/locations/overview.json?path=overview
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://shop.synlab.it/
accept-language
it-IT,it;q=0.9
x-middleware-prefetch
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
server
envoy
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
x-middleware-skip
1
Transfer-Encoding
chunked
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
3
Permissions-Policy
fullscreen=(), geolocation=()
Connection
keep-alive
Referrer-Policy
same-origin
profilo-nutrizionale.json
shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/products-catalog/ 		2 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/products-catalog/profilo-nutrizionale.json?path=products-catalog&path=profilo-nutrizionale
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://shop.synlab.it/
accept-language
it-IT,it;q=0.9
x-middleware-prefetch
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
server
envoy
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
x-middleware-skip
1
Transfer-Encoding
chunked
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
1
Permissions-Policy
fullscreen=(), geolocation=()
Connection
keep-alive
Referrer-Policy
same-origin
check-up-stanchezza.json
shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/products-catalog/ 		2 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/products-catalog/check-up-stanchezza.json?path=products-catalog&path=check-up-stanchezza
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://shop.synlab.it/
accept-language
it-IT,it;q=0.9
x-middleware-prefetch
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
server
envoy
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
x-middleware-skip
1
Transfer-Encoding
chunked
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
2
Permissions-Policy
fullscreen=(), geolocation=()
Connection
keep-alive
Referrer-Policy
same-origin
6
m.stripe.com/ Frame A062 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.187.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-187-78.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9bdf18501192e3cddfc53ac585303c638e4d9ddf509db78a48ec8372caa41949
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 21 Mar 2024 15:20:21 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1711034421021291
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
4
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1711034421020850
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
0d12ea6f736dbf49.css
shop.synlab.it/_next/static/css/ 		90 KB
36 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/css/0d12ea6f736dbf49.css
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
8e271ed7b549991d2818871c5affd8689eb95bd241e08b9c3bde6ffca737d96c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
2
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"16698-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
%5B%5B...path%5D%5D-e567d6ef21673c1d.js
shop.synlab.it/_next/static/chunks/pages/locations/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/pages/locations/%5B%5B...path%5D%5D-e567d6ef21673c1d.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"1f6-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
categories
westeurope-production.ordercloud.io/v1/me/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/categories?ParentId=9jSJzYPvFkazGIIrMIZrfg&catalogID=SHFYIT&sortBy=Name
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://shop.synlab.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Thu, 21 Mar 2024 15:20:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
categories
westeurope-production.ordercloud.io/v1/me/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/categories?ParentId=_d78uH8sFEy3O-yJC2u3fw&catalogID=SHFYIT&sortBy=Name
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://shop.synlab.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Thu, 21 Mar 2024 15:20:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
categories
westeurope-production.ordercloud.io/v1/me/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/categories?ParentId=452lJuAbjUSqZNY8WVp0jg&catalogID=SHFYIT&sortBy=Name
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://shop.synlab.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Thu, 21 Mar 2024 15:20:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
categories
westeurope-production.ordercloud.io/v1/me/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/categories?ParentId=KHrQdUyyd0eFqd7KbIaScg&catalogID=SHFYIT&sortBy=Name
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://shop.synlab.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Thu, 21 Mar 2024 15:20:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
arrow-right.svg
shop.synlab.it/icons/ 		316 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/arrow-right.svg
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/framework-09ea07f57f79e112.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
4762e776b7fed9879bdc7173ff16135b73a7003895ec0be77dcf72d1651c456b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"13c-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
close.svg
shop.synlab.it/icons/ 		311 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/close.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
2c34e79c9a894b7c2a526b0723818c086aa9410438db98056d8290581a6ac4eb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"137-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
categories
westeurope-production.ordercloud.io/v1/me/ 		559 B
804 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/categories?ParentId=9jSJzYPvFkazGIIrMIZrfg&catalogID=SHFYIT&sortBy=Name
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1bd7d27916e67b0ccaccbd6260b8e85c5ea4e7de0dcae40d53279d2e4525265c

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
it-IT,it;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InB3Yk1nVkIta1UtQ3RtU2NzNnJGMlEifQ.eyJqdGkiOiJpSldfZW1fanFrLVM3Sm1Nb0NSQzRRIiwidXNyIjoiZGVmYXVsdF9idXllcl9pdCIsImNpZCI6IjEzZDdhMjY0LTU5YTUtNGZhNC1hMzNkLWFkNWEwZGI0ZDEyNSIsIm9yZGVyaWQiOiJaQlpTUVIzc00wV0lmMEtCVmRTVTJ3IiwidSI6IjI4NjIwIiwidXNydHlwZSI6ImJ1eWVyIiwicm9sZSI6IlNob3BwZXIiLCJuYmYiOjE3MTEwMzM4MjAsImV4cCI6MTcxMTYzOTIyMCwiaXNzIjoiaHR0cHM6Ly93ZXN0ZXVyb3BlLXByb2R1Y3Rpb24ub3JkZXJjbG91ZC5pbyIsImF1ZCI6Imh0dHBzOi8vd2VzdGV1cm9wZS1wcm9kdWN0aW9uLm9yZGVyY2xvdWQuaW8ifQ.PXdIY3Ma6mXWLUlOyMYKyw4CFGb9O80dgyH2kg6Uxk61ADcW7Ztpx1JAabQwv6YJlBadFdV7GGhsmerbfOyl_zloRBhE3avqJrqqAyI5GHueRQ6U0POvyICFtUvENu67QA7RjmGLzGHHdTnDfh80v21-kFMypZIZWxQ-Fk9bRKhz5Q7HU7R0ltGKqIBuUPxuYoN4pbXoieDY5HcdYVr6xlNCk2GXXmvV2XtgqvuJFxcMH6ySrb9a0yubDOUuyMa6yv16oAR4x40oBmrkWYt99RaD9C2QvVCccoWiROktjwATFWJYgiInPmZJ-WEIgGwX6hu9HBqtFusv3h7m4j5-xw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
ed8843e4-3b61-476f-b385-2f2ab24eeaaf
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
categories
westeurope-production.ordercloud.io/v1/me/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/categories?ParentId=_d78uH8sFEy3O-yJC2u3fw&catalogID=SHFYIT&sortBy=Name
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
30dc8e1e750c13c6a1402889ad2a6400b8c23f55ed5c20a0e59c337613323b19

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
it-IT,it;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InB3Yk1nVkIta1UtQ3RtU2NzNnJGMlEifQ.eyJqdGkiOiJpSldfZW1fanFrLVM3Sm1Nb0NSQzRRIiwidXNyIjoiZGVmYXVsdF9idXllcl9pdCIsImNpZCI6IjEzZDdhMjY0LTU5YTUtNGZhNC1hMzNkLWFkNWEwZGI0ZDEyNSIsIm9yZGVyaWQiOiJaQlpTUVIzc00wV0lmMEtCVmRTVTJ3IiwidSI6IjI4NjIwIiwidXNydHlwZSI6ImJ1eWVyIiwicm9sZSI6IlNob3BwZXIiLCJuYmYiOjE3MTEwMzM4MjAsImV4cCI6MTcxMTYzOTIyMCwiaXNzIjoiaHR0cHM6Ly93ZXN0ZXVyb3BlLXByb2R1Y3Rpb24ub3JkZXJjbG91ZC5pbyIsImF1ZCI6Imh0dHBzOi8vd2VzdGV1cm9wZS1wcm9kdWN0aW9uLm9yZGVyY2xvdWQuaW8ifQ.PXdIY3Ma6mXWLUlOyMYKyw4CFGb9O80dgyH2kg6Uxk61ADcW7Ztpx1JAabQwv6YJlBadFdV7GGhsmerbfOyl_zloRBhE3avqJrqqAyI5GHueRQ6U0POvyICFtUvENu67QA7RjmGLzGHHdTnDfh80v21-kFMypZIZWxQ-Fk9bRKhz5Q7HU7R0ltGKqIBuUPxuYoN4pbXoieDY5HcdYVr6xlNCk2GXXmvV2XtgqvuJFxcMH6ySrb9a0yubDOUuyMa6yv16oAR4x40oBmrkWYt99RaD9C2QvVCccoWiROktjwATFWJYgiInPmZJ-WEIgGwX6hu9HBqtFusv3h7m4j5-xw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
7d6fd5a8-b24a-4173-87bb-837a41dec592
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
categories
westeurope-production.ordercloud.io/v1/me/ 		942 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/categories?ParentId=452lJuAbjUSqZNY8WVp0jg&catalogID=SHFYIT&sortBy=Name
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
80ea4a3ec7a4f7c2fab9931530339207a2c5f4735abfca66b6608f5759ed6947

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
it-IT,it;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InB3Yk1nVkIta1UtQ3RtU2NzNnJGMlEifQ.eyJqdGkiOiJpSldfZW1fanFrLVM3Sm1Nb0NSQzRRIiwidXNyIjoiZGVmYXVsdF9idXllcl9pdCIsImNpZCI6IjEzZDdhMjY0LTU5YTUtNGZhNC1hMzNkLWFkNWEwZGI0ZDEyNSIsIm9yZGVyaWQiOiJaQlpTUVIzc00wV0lmMEtCVmRTVTJ3IiwidSI6IjI4NjIwIiwidXNydHlwZSI6ImJ1eWVyIiwicm9sZSI6IlNob3BwZXIiLCJuYmYiOjE3MTEwMzM4MjAsImV4cCI6MTcxMTYzOTIyMCwiaXNzIjoiaHR0cHM6Ly93ZXN0ZXVyb3BlLXByb2R1Y3Rpb24ub3JkZXJjbG91ZC5pbyIsImF1ZCI6Imh0dHBzOi8vd2VzdGV1cm9wZS1wcm9kdWN0aW9uLm9yZGVyY2xvdWQuaW8ifQ.PXdIY3Ma6mXWLUlOyMYKyw4CFGb9O80dgyH2kg6Uxk61ADcW7Ztpx1JAabQwv6YJlBadFdV7GGhsmerbfOyl_zloRBhE3avqJrqqAyI5GHueRQ6U0POvyICFtUvENu67QA7RjmGLzGHHdTnDfh80v21-kFMypZIZWxQ-Fk9bRKhz5Q7HU7R0ltGKqIBuUPxuYoN4pbXoieDY5HcdYVr6xlNCk2GXXmvV2XtgqvuJFxcMH6ySrb9a0yubDOUuyMa6yv16oAR4x40oBmrkWYt99RaD9C2QvVCccoWiROktjwATFWJYgiInPmZJ-WEIgGwX6hu9HBqtFusv3h7m4j5-xw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
47b87a31-721c-4453-8a62-b4efa833094e
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
categories
westeurope-production.ordercloud.io/v1/me/ 		326 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/me/categories?ParentId=KHrQdUyyd0eFqd7KbIaScg&catalogID=SHFYIT&sortBy=Name
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9754bbcd09036c5be97e47b3be88ad2ec4555397ac4083d9b271cdf5177feee8

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
it-IT,it;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InB3Yk1nVkIta1UtQ3RtU2NzNnJGMlEifQ.eyJqdGkiOiJpSldfZW1fanFrLVM3Sm1Nb0NSQzRRIiwidXNyIjoiZGVmYXVsdF9idXllcl9pdCIsImNpZCI6IjEzZDdhMjY0LTU5YTUtNGZhNC1hMzNkLWFkNWEwZGI0ZDEyNSIsIm9yZGVyaWQiOiJaQlpTUVIzc00wV0lmMEtCVmRTVTJ3IiwidSI6IjI4NjIwIiwidXNydHlwZSI6ImJ1eWVyIiwicm9sZSI6IlNob3BwZXIiLCJuYmYiOjE3MTEwMzM4MjAsImV4cCI6MTcxMTYzOTIyMCwiaXNzIjoiaHR0cHM6Ly93ZXN0ZXVyb3BlLXByb2R1Y3Rpb24ub3JkZXJjbG91ZC5pbyIsImF1ZCI6Imh0dHBzOi8vd2VzdGV1cm9wZS1wcm9kdWN0aW9uLm9yZGVyY2xvdWQuaW8ifQ.PXdIY3Ma6mXWLUlOyMYKyw4CFGb9O80dgyH2kg6Uxk61ADcW7Ztpx1JAabQwv6YJlBadFdV7GGhsmerbfOyl_zloRBhE3avqJrqqAyI5GHueRQ6U0POvyICFtUvENu67QA7RjmGLzGHHdTnDfh80v21-kFMypZIZWxQ-Fk9bRKhz5Q7HU7R0ltGKqIBuUPxuYoN4pbXoieDY5HcdYVr6xlNCk2GXXmvV2XtgqvuJFxcMH6ySrb9a0yubDOUuyMa6yv16oAR4x40oBmrkWYt99RaD9C2QvVCccoWiROktjwATFWJYgiInPmZJ-WEIgGwX6hu9HBqtFusv3h7m4j5-xw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
38e06b7a-b60b-4050-bf80-b8abecaf876b
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
cart
westeurope-production.ordercloud.io/v1/ 		528 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/cart
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/630-349baa002811fc70.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3407e6343653d6e4ea25adf6559505ae39a1ebeb9f372782c3095e478cea7c3

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
it-IT,it;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InB3Yk1nVkIta1UtQ3RtU2NzNnJGMlEifQ.eyJqdGkiOiJpSldfZW1fanFrLVM3Sm1Nb0NSQzRRIiwidXNyIjoiZGVmYXVsdF9idXllcl9pdCIsImNpZCI6IjEzZDdhMjY0LTU5YTUtNGZhNC1hMzNkLWFkNWEwZGI0ZDEyNSIsIm9yZGVyaWQiOiJaQlpTUVIzc00wV0lmMEtCVmRTVTJ3IiwidSI6IjI4NjIwIiwidXNydHlwZSI6ImJ1eWVyIiwicm9sZSI6IlNob3BwZXIiLCJuYmYiOjE3MTEwMzM4MjAsImV4cCI6MTcxMTYzOTIyMCwiaXNzIjoiaHR0cHM6Ly93ZXN0ZXVyb3BlLXByb2R1Y3Rpb24ub3JkZXJjbG91ZC5pbyIsImF1ZCI6Imh0dHBzOi8vd2VzdGV1cm9wZS1wcm9kdWN0aW9uLm9yZGVyY2xvdWQuaW8ifQ.PXdIY3Ma6mXWLUlOyMYKyw4CFGb9O80dgyH2kg6Uxk61ADcW7Ztpx1JAabQwv6YJlBadFdV7GGhsmerbfOyl_zloRBhE3avqJrqqAyI5GHueRQ6U0POvyICFtUvENu67QA7RjmGLzGHHdTnDfh80v21-kFMypZIZWxQ-Fk9bRKhz5Q7HU7R0ltGKqIBuUPxuYoN4pbXoieDY5HcdYVr6xlNCk2GXXmvV2XtgqvuJFxcMH6ySrb9a0yubDOUuyMa6yv16oAR4x40oBmrkWYt99RaD9C2QvVCccoWiROktjwATFWJYgiInPmZJ-WEIgGwX6hu9HBqtFusv3h7m4j5-xw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-oc-logid
e70dca8a-a272-4d37-a851-da0b27b2cadd
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
cart
westeurope-production.ordercloud.io/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://westeurope-production.ordercloud.io/v1/cart
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.76.211.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://shop.synlab.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Thu, 21 Mar 2024 15:20:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&callback=googleMapsCallback&libraries=places,geometry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://shop.synlab.it
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
shopping-bag.svg
shop.synlab.it/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/shopping-bag.svg
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/framework-09ea07f57f79e112.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
0d37bf13cf58014da6ff434281d2537e2139bebc0d2a350c72236caa62a720c8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"44e-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
js.stripe.com/v3/ Frame CAB8 		391 B
943 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c59dc4105a79090dbf6bb6ffb23ce4a4e4f91370352854697b30cbca09ef057f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
56
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
229
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 15:20:20 GMT
etag
"b78c27602ca7f865097703c10dd5daa3"
last-modified
Wed, 20 Mar 2024 20:03:29 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
12
x-content-type-options
nosniff
x-request-id
d949161b-95a9-4dd2-866e-e28125519e51
x-served-by
cache-mxp6923-MXP
check.svg
shop.synlab.it/icons/ 		229 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/check.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
90d1b7768b8687b27e51211ec2dc3b4db0483a006229bdad2a24e1a344d8e8b5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"e5-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
common.js
maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/ 		255 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&callback=googleMapsCallback&libraries=places,geometry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd5378bdf838b5809b33cd042292515d9e4dbf75f1ea891c2a43bf153da1fdf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 22:31:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
233348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56853
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 20:45:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Mar 2025 22:31:12 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/ 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&callback=googleMapsCallback&libraries=places,geometry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04ec0cba8d100d15e67d794045e2fe20e9108ee23347fa1691ab5399a6f47d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 22:31:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
233348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57048
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 20:45:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Mar 2025 22:31:12 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&callback=googleMapsCallback&libraries=places,geometry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0931e0be012ffff696f28c97db69de15e490d0ea630443371e3e7c0f006997d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 22:31:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
233348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24028
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 20:45:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Mar 2025 22:31:12 GMT
controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
js.stripe.com/v3/ Frame 6D62 		391 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c59dc4105a79090dbf6bb6ffb23ce4a4e4f91370352854697b30cbca09ef057f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
56
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
229
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 15:20:20 GMT
etag
"b78c27602ca7f865097703c10dd5daa3"
last-modified
Wed, 20 Mar 2024 20:03:29 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
13
x-content-type-options
nosniff
x-request-id
9e61dd3d-94f4-428a-93e4-5b8b90c45951
x-served-by
cache-mxp6923-MXP
controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
js.stripe.com/v3/ Frame 2654 		391 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c59dc4105a79090dbf6bb6ffb23ce4a4e4f91370352854697b30cbca09ef057f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
56
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
229
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 15:20:20 GMT
etag
"b78c27602ca7f865097703c10dd5daa3"
last-modified
Wed, 20 Mar 2024 20:03:29 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
14
x-content-type-options
nosniff
x-request-id
9915f69b-ea72-49e7-adc0-b5104bb3e4f2
x-served-by
cache-mxp6923-MXP
synlab-marker.svg
shop.synlab.it/icons/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/synlab-marker.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
828997727b7fdc8557187647596b2bd178dae09ef29b58c12739bc233ccf0d6b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"168b-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
tooltip-marker.svg
shop.synlab.it/icons/ 		592 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/tooltip-marker.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
a6263a282e3f7fe85354307d3b6316aced1492ae4e185356c73ddeb5a1839fdf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
0
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"250-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
arrow-right-primary.svg
shop.synlab.it/icons/ 		316 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.synlab.it/icons/arrow-right-primary.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
ba7734ad2c8fd1d1f7d2ee9a8693c2b6e856ce79124355436390e15637592c48
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
3
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 04 Mar 2024 10:15:54 GMT
server
envoy
etag
W/"13c-18e08f67790"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
cache-control
public, max-age=0
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i17639189&2i11993668&2e1&3u17&4m2&1u588&2u388&5m5&1e0&5sit-IT&6sus&10b1&12b1&key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&token=18033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
067b8bae80eea15065054a51a03c737964f5bfa966986e20d967d875b69de5ff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 11:26:31 GMT
server
scaffolding on HTTPServer2
age
14029
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49663
x-xss-protection
0
expires
Fri, 22 Mar 2024 11:26:31 GMT
shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
js.stripe.com/v3/fingerprinted/js/ Frame CAB8 		538 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7af051179ef90efc3bd946bdf23133ebbb99025f0a476214a23c240f673ecf4d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
69303
x-cache
HIT
content-length
133445
x-request-id
52ccb1bd-32d7-4915-a2cb-ef9b813d7123
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:43 GMT
server
Fastly
etag
"9cb06353e7b2685d3858f33bf70c2ea7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
controller-b4471eba573375023fd33301ba150390.js
js.stripe.com/v3/fingerprinted/js/ Frame CAB8 		715 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-b4471eba573375023fd33301ba150390.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dadeb4b0afe0b9d304f4e636cf2289c8a310c374aaca8335aabb31ae49175e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
69303
x-cache
HIT
content-length
190113
x-request-id
f178b88e-d6d2-4503-ba95-9ea49bf3b4a2
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:41 GMT
server
Fastly
etag
"f0fb15db00d14a0543d1ca77df4f3bd2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
overlay.js
maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&callback=googleMapsCallback&libraries=places,geometry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6155a21cf68701caae30b229010dbef2e1033683f3246cabb0ce9893abb11866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 22:31:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
233348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1283
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 20:45:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Mar 2025 22:31:12 GMT
elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
js.stripe.com/v3/ Frame 832F 		593 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
59d46c2ac15d698e67d3bb81dd9166ccce5d79d687bd022c64e3f2bb7b649266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
68656
cache-control
max-age=31536000
content-encoding
br
content-length
312
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 15:20:20 GMT
etag
"7740ea8e113a2e9272d62c96ee01c663"
last-modified
Wed, 20 Mar 2024 20:03:30 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
90
x-content-type-options
nosniff
x-request-id
6eb7a91d-dab2-4ae9-9b03-0d4988cf282d
x-served-by
cache-mxp6923-MXP
elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
js.stripe.com/v3/ Frame 80F7 		593 B
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
59d46c2ac15d698e67d3bb81dd9166ccce5d79d687bd022c64e3f2bb7b649266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
68656
cache-control
max-age=31536000
content-encoding
br
content-length
312
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 15:20:20 GMT
etag
"7740ea8e113a2e9272d62c96ee01c663"
last-modified
Wed, 20 Mar 2024 20:03:30 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
91
x-content-type-options
nosniff
x-request-id
72091110-db58-430e-ac64-f9f3a7e043ed
x-served-by
cache-mxp6923-MXP
elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
js.stripe.com/v3/ Frame 0C22 		593 B
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
59d46c2ac15d698e67d3bb81dd9166ccce5d79d687bd022c64e3f2bb7b649266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
68656
cache-control
max-age=31536000
content-encoding
br
content-length
312
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 15:20:20 GMT
etag
"7740ea8e113a2e9272d62c96ee01c663"
last-modified
Wed, 20 Mar 2024 20:03:30 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
92
x-content-type-options
nosniff
x-request-id
fa0703d3-578e-4ee7-8cb0-e7af9da492d5
x-served-by
cache-mxp6923-MXP
cardiovascolare-valutazione-del-rischio.json
shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/products-catalog/ 		2 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/products-catalog/cardiovascolare-valutazione-del-rischio.json?path=products-catalog&path=cardiovascolare-valutazione-del-rischio
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://shop.synlab.it/
accept-language
it-IT,it;q=0.9
x-middleware-prefetch
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
server
envoy
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
x-middleware-skip
1
Transfer-Encoding
chunked
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
2
Permissions-Policy
fullscreen=(), geolocation=()
Connection
keep-alive
Referrer-Policy
same-origin
check-up-completo-uomo.json
shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/products-catalog/ 		2 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/data/128da107e0303b7beb8d4dc8ac97c4a28c54f806/en/products-catalog/check-up-completo-uomo.json?path=products-catalog&path=check-up-completo-uomo
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://shop.synlab.it/
accept-language
it-IT,it;q=0.9
x-middleware-prefetch
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
server
envoy
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
x-middleware-skip
1
Transfer-Encoding
chunked
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
2
Permissions-Policy
fullscreen=(), geolocation=()
Connection
keep-alive
Referrer-Policy
same-origin
shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
js.stripe.com/v3/fingerprinted/js/ Frame 6D62 		538 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7af051179ef90efc3bd946bdf23133ebbb99025f0a476214a23c240f673ecf4d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
69303
x-cache
HIT
content-length
133445
x-request-id
21ee4f5d-d278-4e2d-a87f-b6c4b543368d
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:43 GMT
server
Fastly
etag
"9cb06353e7b2685d3858f33bf70c2ea7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
controller-b4471eba573375023fd33301ba150390.js
js.stripe.com/v3/fingerprinted/js/ Frame 6D62 		715 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-b4471eba573375023fd33301ba150390.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dadeb4b0afe0b9d304f4e636cf2289c8a310c374aaca8335aabb31ae49175e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
69303
x-cache
HIT
content-length
190113
x-request-id
b7f3e9f8-dfdd-4ca5-b689-3894708d5bab
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:41 GMT
server
Fastly
etag
"f0fb15db00d14a0543d1ca77df4f3bd2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
js.stripe.com/v3/fingerprinted/js/ Frame 2654 		538 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7af051179ef90efc3bd946bdf23133ebbb99025f0a476214a23c240f673ecf4d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
69303
x-cache
HIT
content-length
133445
x-request-id
349e1a45-77fd-4409-b9bb-e36d4cafc835
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:43 GMT
server
Fastly
etag
"9cb06353e7b2685d3858f33bf70c2ea7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8
controller-b4471eba573375023fd33301ba150390.js
js.stripe.com/v3/fingerprinted/js/ Frame 2654 		715 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-b4471eba573375023fd33301ba150390.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dadeb4b0afe0b9d304f4e636cf2289c8a310c374aaca8335aabb31ae49175e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
69303
x-cache
HIT
content-length
190113
x-request-id
ec2c5b75-f0d7-43a3-8509-2b93eae91d73
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:41 GMT
server
Fastly
etag
"f0fb15db00d14a0543d1ca77df4f3bd2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8
shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
js.stripe.com/v3/fingerprinted/js/ Frame 832F 		538 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7af051179ef90efc3bd946bdf23133ebbb99025f0a476214a23c240f673ecf4d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
69303
x-cache
HIT
content-length
133445
x-request-id
ca61bddc-d653-45a0-a0d3-bc916e4f0ba8
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:43 GMT
server
Fastly
etag
"9cb06353e7b2685d3858f33bf70c2ea7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9
elements-inner-payment-method-messaging-a8c66f0a2ba314fa55c1c6f760ebd284.js
js.stripe.com/v3/fingerprinted/js/ Frame 832F 		689 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-method-messaging-a8c66f0a2ba314fa55c1c6f760ebd284.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
2ae9a1ea28a9962acbc93176617f10103ec6b47ee2c694435dfcbd7c4125cd3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
68655
x-cache
HIT
content-length
204659
x-request-id
c48d62e9-f1fc-46d8-85a1-df6ac3b0e863
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:41 GMT
server
Fastly
etag
"1d4d6cc85d1b454808d6c1002cd42be1"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
elements-inner-payment-method-messaging-a463f0f7af0b6c5c53ba782eda00a3f6.css
js.stripe.com/v3/fingerprinted/css/ Frame 832F 		60 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-method-messaging-a463f0f7af0b6c5c53ba782eda00a3f6.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
453becc69ec2c66370b49298f47841d353e044c1ccd0c1e1fe6d6ce5ba710195
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
68656
x-cache
HIT
content-length
9644
x-request-id
c8c7d8b2-ff5a-4d12-8b46-7e7730ff86b2
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:30 GMT
server
Fastly
etag
"f1277e393062520e650e6b2ca8493938"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
66
shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
js.stripe.com/v3/fingerprinted/js/ Frame 80F7 		538 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7af051179ef90efc3bd946bdf23133ebbb99025f0a476214a23c240f673ecf4d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
69303
x-cache
HIT
content-length
133445
x-request-id
73977cc4-03bc-4c39-92f5-0b04b7442bb3
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:43 GMT
server
Fastly
etag
"9cb06353e7b2685d3858f33bf70c2ea7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10
elements-inner-payment-method-messaging-a8c66f0a2ba314fa55c1c6f760ebd284.js
js.stripe.com/v3/fingerprinted/js/ Frame 80F7 		689 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-method-messaging-a8c66f0a2ba314fa55c1c6f760ebd284.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
2ae9a1ea28a9962acbc93176617f10103ec6b47ee2c694435dfcbd7c4125cd3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
68655
x-cache
HIT
content-length
204659
x-request-id
61a4808d-408b-4e0b-8f84-8c6ba77accf8
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:41 GMT
server
Fastly
etag
"1d4d6cc85d1b454808d6c1002cd42be1"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
elements-inner-payment-method-messaging-a463f0f7af0b6c5c53ba782eda00a3f6.css
js.stripe.com/v3/fingerprinted/css/ Frame 80F7 		60 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-method-messaging-a463f0f7af0b6c5c53ba782eda00a3f6.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
453becc69ec2c66370b49298f47841d353e044c1ccd0c1e1fe6d6ce5ba710195
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
68656
x-cache
HIT
content-length
9644
x-request-id
f8724757-0b02-490d-aa6c-22b9449c6c16
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:30 GMT
server
Fastly
etag
"f1277e393062520e650e6b2ca8493938"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
67
shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
js.stripe.com/v3/fingerprinted/js/ Frame 0C22 		538 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7af051179ef90efc3bd946bdf23133ebbb99025f0a476214a23c240f673ecf4d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
69303
x-cache
HIT
content-length
133445
x-request-id
0fd670f8-d1b1-4d7e-bf72-102c31457197
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:43 GMT
server
Fastly
etag
"9cb06353e7b2685d3858f33bf70c2ea7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
11
elements-inner-payment-method-messaging-a8c66f0a2ba314fa55c1c6f760ebd284.js
js.stripe.com/v3/fingerprinted/js/ Frame 0C22 		689 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-method-messaging-a8c66f0a2ba314fa55c1c6f760ebd284.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
2ae9a1ea28a9962acbc93176617f10103ec6b47ee2c694435dfcbd7c4125cd3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
68655
x-cache
HIT
content-length
204659
x-request-id
6cbac9c6-0b98-4060-a518-25afba725cd5
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:41 GMT
server
Fastly
etag
"1d4d6cc85d1b454808d6c1002cd42be1"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
elements-inner-payment-method-messaging-a463f0f7af0b6c5c53ba782eda00a3f6.css
js.stripe.com/v3/fingerprinted/css/ Frame 0C22 		60 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-method-messaging-a463f0f7af0b6c5c53ba782eda00a3f6.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
453becc69ec2c66370b49298f47841d353e044c1ccd0c1e1fe6d6ce5ba710195
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
68656
x-cache
HIT
content-length
9644
x-request-id
0046e53b-6ce1-4590-b31e-6406734d947f
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Mar 2024 20:03:30 GMT
server
Fastly
etag
"f1277e393062520e650e6b2ca8493938"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
68
.deploy_status_henson.json
js.stripe.com/v3/ Frame CAB8 		474 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
35
x-cache
HIT
content-length
297
x-request-id
5ea482b5-fa39-4cc4-bb62-de6b936add90
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 20 Mar 2024 20:35:24 GMT
server
Fastly
etag
"643e2e68399a2eef269ef28e02effbd0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
25
.deploy_status_henson.json
js.stripe.com/v3/ Frame CAB8 		474 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
35
x-cache
HIT
content-length
297
x-request-id
a93c1e26-3451-49b1-8253-5441fcc1c68b
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 20 Mar 2024 20:35:24 GMT
server
Fastly
etag
"643e2e68399a2eef269ef28e02effbd0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
24
.deploy_status_henson.json
js.stripe.com/v3/ Frame 6D62 		474 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
35
x-cache
HIT
content-length
297
x-request-id
d547acf4-2f81-47d2-b2a7-10159093fdcb
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 20 Mar 2024 20:35:24 GMT
server
Fastly
etag
"643e2e68399a2eef269ef28e02effbd0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
26
.deploy_status_henson.json
js.stripe.com/v3/ Frame 6D62 		474 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
35
x-cache
HIT
content-length
297
x-request-id
1db078bc-941f-4c52-bf75-f9aa7a773fd8
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 20 Mar 2024 20:35:24 GMT
server
Fastly
etag
"643e2e68399a2eef269ef28e02effbd0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
27
.deploy_status_henson.json
js.stripe.com/v3/ Frame 2654 		474 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
35
x-cache
HIT
content-length
297
x-request-id
ec171e2f-b607-4822-8d5b-886bfae8afe5
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 20 Mar 2024 20:35:24 GMT
server
Fastly
etag
"643e2e68399a2eef269ef28e02effbd0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
28
.deploy_status_henson.json
js.stripe.com/v3/ Frame 2654 		474 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
35
x-cache
HIT
content-length
297
x-request-id
0e5c3b3e-b386-473f-9fda-3a783eef6876
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 20 Mar 2024 20:35:24 GMT
server
Fastly
etag
"643e2e68399a2eef269ef28e02effbd0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
29
it-ed55baf197ff358ebd955c20e8e0bf78.json
js.stripe.com/v3/fingerprinted/data/ Frame CAB8 		154 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/it-ed55baf197ff358ebd955c20e8e0bf78.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ead2e7253f1d760b437cf39c1f390471e19610394c512447cda0e4c259973c67
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:20 GMT
via
1.1 varnish
age
2495736
x-cache
HIT
content-length
30256
x-request-id
da3926ce-597d-4af4-b291-10fdc25764a0
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 21 Feb 2024 18:02:28 GMT
server
Fastly
etag
"ed55baf197ff358ebd955c20e8e0bf78"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
205242
openhand_8_8.cur
maps.gstatic.com/mapfiles/ 		326 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Thu, 21 Mar 2024 15:20:21 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 832F 		474 B
590 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
36
x-cache
HIT
content-length
297
x-request-id
d5bfda22-54f5-475e-9dd8-f797dfb05584
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 20 Mar 2024 20:35:24 GMT
server
Fastly
etag
"643e2e68399a2eef269ef28e02effbd0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
30
config
ppm.stripe.com/ Frame 832F 		391 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ppm.stripe.com/config?amount=8900&currency=EUR&country=IT&locale=en&referrer=https%3A%2F%2Fshop.synlab.it%2F&key=pk_live_51MBxq1HBPGE0Qd1Q8t1t6CSd9KUpWhHy5sR8nVfFAsfcNLhVsYjbQquONWn371lA2JhrvWFioZnwje2HOzY7hHUb00bGr1GdLj&payment_methods[0]=klarna
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.202.176.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
00f8454e78871b7a1c4d726246775071c60ac5367e151843d7a38eef6109f8bf
Security Headers
Name Value
Content-Security-Policy report-uri /csp-report?p=%2Fconfig;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-security-policy
report-uri /csp-report?p=%2Fconfig;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
391
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 0C22 		474 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:20 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
36
x-cache
HIT
content-length
297
x-request-id
ddcc2841-d449-4005-84bf-99956a7bc087
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 20 Mar 2024 20:35:24 GMT
server
Fastly
etag
"643e2e68399a2eef269ef28e02effbd0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
31
config
ppm.stripe.com/ Frame 0C22 		391 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ppm.stripe.com/config?amount=11950&currency=EUR&country=IT&locale=en&referrer=https%3A%2F%2Fshop.synlab.it%2F&key=pk_live_51MBxq1HBPGE0Qd1Q8t1t6CSd9KUpWhHy5sR8nVfFAsfcNLhVsYjbQquONWn371lA2JhrvWFioZnwje2HOzY7hHUb00bGr1GdLj&payment_methods[0]=klarna
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.202.176.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
00f8454e78871b7a1c4d726246775071c60ac5367e151843d7a38eef6109f8bf
Security Headers
Name Value
Content-Security-Policy report-uri /csp-report?p=%2Fconfig;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-security-policy
report-uri /csp-report?p=%2Fconfig;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
391
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 80F7 		474 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
36
x-cache
HIT
content-length
297
x-request-id
4caa806a-14e5-41c1-8e92-f3616c671bd6
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 20 Mar 2024 20:35:24 GMT
server
Fastly
etag
"643e2e68399a2eef269ef28e02effbd0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
32
config
ppm.stripe.com/ Frame 80F7 		391 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ppm.stripe.com/config?amount=9900&currency=EUR&country=IT&locale=en&referrer=https%3A%2F%2Fshop.synlab.it%2F&key=pk_live_51MBxq1HBPGE0Qd1Q8t1t6CSd9KUpWhHy5sR8nVfFAsfcNLhVsYjbQquONWn371lA2JhrvWFioZnwje2HOzY7hHUb00bGr1GdLj&payment_methods[0]=klarna
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.202.176.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
00f8454e78871b7a1c4d726246775071c60ac5367e151843d7a38eef6109f8bf
Security Headers
Name Value
Content-Security-Policy report-uri /csp-report?p=%2Fconfig;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-security-policy
report-uri /csp-report?p=%2Fconfig;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
391
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
it-ed55baf197ff358ebd955c20e8e0bf78.json
js.stripe.com/v3/fingerprinted/data/ Frame 6D62 		154 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/it-ed55baf197ff358ebd955c20e8e0bf78.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ead2e7253f1d760b437cf39c1f390471e19610394c512447cda0e4c259973c67
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:21 GMT
via
1.1 varnish
age
2495736
x-cache
HIT
content-length
30256
x-request-id
518e3a2f-d3a0-4942-a3dc-298291290aba
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 21 Feb 2024 18:02:28 GMT
server
Fastly
etag
"ed55baf197ff358ebd955c20e8e0bf78"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
205243
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-channel-id,x-goog-maps-client-id,x-user-agent
Access-Control-Request-Method
POST
Origin
https://shop.synlab.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-channel-id,x-goog-maps-client-id,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://shop.synlab.it
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 21 Mar 2024 15:20:21 GMT
server
scaffolding on HTTPServer2
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ 		29 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&callback=googleMapsCallback&libraries=places,geometry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d05c5c36913619961d197f7167b86af79db4f42157b5672b1f1088f9e744b7fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Maps-Channel-Id
X-User-Agent
grpc-web-javascript/0.1
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json+protobuf
X-Goog-Maps-Client-Id
Referer
X-Goog-Api-Key
AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc
X-Goog-Maps-API-Signature
42577
X-Goog-Maps-API-Salt
rtNPzOcf8d

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://shop.synlab.it
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3121
x-xss-protection
0
onion.js
maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&callback=googleMapsCallback&libraries=places,geometry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bddcf58428f2cdf9729ae6ecb56004af7185d29deb38b8b0962607b444e81ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
2421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9091
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 20:45:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 14:40:00 GMT
it-ed55baf197ff358ebd955c20e8e0bf78.json
js.stripe.com/v3/fingerprinted/data/ Frame 2654 		154 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/it-ed55baf197ff358ebd955c20e8e0bf78.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ead2e7253f1d760b437cf39c1f390471e19610394c512447cda0e4c259973c67
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:21 GMT
via
1.1 varnish
age
2495736
x-cache
HIT
content-length
30256
x-request-id
9a0187fa-a88b-4ebe-993f-44c2f5ca14a8
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 21 Feb 2024 18:02:28 GMT
server
Fastly
etag
"ed55baf197ff358ebd955c20e8e0bf78"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
205244
b
r.stripe.com/ Frame CAB8 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:21 GMT
x-stripe-server-envoy-start-time-us
1711034421847017
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1711034421846406
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame CAB8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:21 GMT
x-stripe-server-envoy-start-time-us
1711034421846352
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711034421846050
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 6D62 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:21 GMT
x-stripe-server-envoy-start-time-us
1711034421847213
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1711034421846696
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 6D62 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:21 GMT
x-stripe-server-envoy-start-time-us
1711034421846794
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711034421846521
access-control-allow-credentials
true
content-length
0
vt
maps.googleapis.com/maps/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i17!2i68904!3i46851!4i256!2m3!1e0!2sm!3i685430149!3m12!2sit-IT!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&token=313
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
151e89768d875606659a23ce1b47139aa64d6f4db2e7a41eec1bfe5dd11cecb5
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
x-server-version-bin
CgoIBBDx8OmvBhgB
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=79
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14242
x-xss-protection
0
expires
Tue, 03 Dec 2024 20:10:43 GMT
vt
maps.googleapis.com/maps/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i17!2i68903!3i46851!4i256!2m3!1e0!2sm!3i685430149!3m12!2sit-IT!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&token=99877
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
9be0856d730dec15f4ffc800b4a40e397495e5865b7efaecbb3054350fb31fe0
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
x-server-version-bin
CgoIBBDx8OmvBhgB
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=69
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11638
x-xss-protection
0
expires
Tue, 03 Dec 2024 20:10:43 GMT
vt
maps.googleapis.com/maps/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i17!2i68903!3i46850!4i256!2m3!1e0!2sm!3i685430149!3m12!2sit-IT!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&token=89472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
596dbacf9653bc0827b7d19027a097ce646393d1d173ceb87f623e07fb74fe18
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
x-server-version-bin
CgoIBBDx8OmvBhgB
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=67
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11448
x-xss-protection
0
expires
Tue, 03 Dec 2024 20:10:43 GMT
vt
maps.googleapis.com/maps/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i17!2i68904!3i46850!4i256!2m3!1e0!2sm!3i685430149!3m12!2sit-IT!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&token=120979
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
9366d1eaf336fc240ca6a3aff8717c008788c3beb473515d987732bcf597c9cf
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
x-server-version-bin
CgoIBBDx8OmvBhgB
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=70
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16868
x-xss-protection
0
expires
Tue, 03 Dec 2024 20:10:43 GMT
vt
maps.googleapis.com/maps/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i17!2i68905!3i46850!4i256!2m3!1e0!2sm!3i685430149!3m12!2sit-IT!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&token=21415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
5d8c0edb56c1d2ab932035e01c6b38913ca2bc4d52569b6e84446f96f08274a6
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
x-server-version-bin
CgoIBBDx8OmvBhgB
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=73
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16795
x-xss-protection
0
expires
Tue, 03 Dec 2024 20:10:43 GMT
vt
maps.googleapis.com/maps/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i17!2i68905!3i46851!4i256!2m3!1e0!2sm!3i685430149!3m12!2sit-IT!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&token=31820
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
1554afe844d40b447fcf0c10f7200ad29155ea2de942f53ac81c69932e37c593
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
x-server-version-bin
CgoIBBDx8OmvBhgB
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=68
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10213
x-xss-protection
0
expires
Tue, 03 Dec 2024 20:10:43 GMT
b
r.stripe.com/ Frame 2654 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422034526
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1711034422033984
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 2654 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422034356
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1711034422034058
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame CAB8 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422034306
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1711034422033598
access-control-allow-credentials
true
content-length
0
it-ed55baf197ff358ebd955c20e8e0bf78.json
js.stripe.com/v3/fingerprinted/data/ Frame CAB8 		154 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/it-ed55baf197ff358ebd955c20e8e0bf78.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ead2e7253f1d760b437cf39c1f390471e19610394c512447cda0e4c259973c67
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:21 GMT
via
1.1 varnish
age
2495737
x-cache
HIT
content-length
30256
x-request-id
b52d072d-da03-441e-a1e6-5c653f940444
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 21 Feb 2024 18:02:28 GMT
server
Fastly
etag
"ed55baf197ff358ebd955c20e8e0bf78"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
205245
it-ed55baf197ff358ebd955c20e8e0bf78.json
js.stripe.com/v3/fingerprinted/data/ Frame 2654 		154 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/it-ed55baf197ff358ebd955c20e8e0bf78.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ead2e7253f1d760b437cf39c1f390471e19610394c512447cda0e4c259973c67
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:21 GMT
via
1.1 varnish
age
2495737
x-cache
HIT
content-length
30256
x-request-id
e5616599-552f-40bf-bb48-645c02882fcc
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 21 Feb 2024 18:02:28 GMT
server
Fastly
etag
"ed55baf197ff358ebd955c20e8e0bf78"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
205246
it-ed55baf197ff358ebd955c20e8e0bf78.json
js.stripe.com/v3/fingerprinted/data/ Frame 6D62 		154 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/it-ed55baf197ff358ebd955c20e8e0bf78.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ead2e7253f1d760b437cf39c1f390471e19610394c512447cda0e4c259973c67
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-experimental-b78c27602ca7f865097703c10dd5daa3.html
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:21 GMT
via
1.1 varnish
age
2495737
x-cache
HIT
content-length
30256
x-request-id
136eb36b-aee1-44eb-9e24-9ed44a2c8833
x-served-by
cache-mxp6961-MXP
last-modified
Wed, 21 Feb 2024 18:02:28 GMT
server
Fastly
etag
"ed55baf197ff358ebd955c20e8e0bf78"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
205247
vt
maps.googleapis.com/maps/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m4!1m3!1i17!2i68903!3i46850!1m4!1m3!1i17!2i68903!3i46851!1m4!1m3!1i17!2i68904!3i46850!1m4!1m3!1i17!2i68904!3i46851!1m4!1m3!1i17!2i68905!3i46850!1m4!1m3!1i17!2i68905!3i46851!2m3!1e0!2sm!3i685430233!3m12!2sit-IT!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1&callback=_xdc_._jtcfj3&key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&token=51466
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
da0857e22f1a2af4945e551d10738503ed450844da343da3b0a870dc92b53fc9
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:20:21 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
x-server-version-bin
CgoIBBDx8OmvBhgB
server
scaffolding on HTTPServer2
content-encoding
gzip
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
private, max-age=22222222
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=73
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1713
x-xss-protection
0
expires
Thu, 21 Mar 2024 15:20:21 GMT
%5B%5B...path%5D%5D-e567d6ef21673c1d.js
shop.synlab.it/_next/static/chunks/pages/locations/ 		502 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.synlab.it/_next/static/chunks/pages/locations/%5B%5B...path%5D%5D-e567d6ef21673c1d.js
Requested by
Host: shop.synlab.it
URL: https://shop.synlab.it/_next/static/chunks/main-6284895e473ca600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.160.45.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
envoy /
Resource Hash
1ca97a9997da395a345400fa04dfb5fdf005e0a47c5d09d59fee268615e4690e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://shop.synlab.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 15:20:21 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
Referrer-Policy
same-origin
last-modified
Mon, 18 Mar 2024 14:49:37 GMT
server
envoy
etag
W/"1f6-18e520a1941"
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
Permissions-Policy
fullscreen=(), geolocation=()
accept-ranges
bytes
KlarnaFullLogo-5639d307076304fa47533d826fa4e842.svg
js.stripe.com/v3/fingerprinted/img/ Frame 832F 		1 KB
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/KlarnaFullLogo-5639d307076304fa47533d826fa4e842.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
988462252d52f2d1d1e6265621a55fb645e948ac835ae7295da37d026aa068c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:21 GMT
via
1.1 varnish
age
1333807
x-cache
HIT
content-length
614
x-request-id
4ce92d13-76f3-45fa-b793-d83b430ef797
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 05 Mar 2024 22:07:34 GMT
server
Fastly
etag
"5639d307076304fa47533d826fa4e842"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
KlarnaFullLogoDark-e885a50df6e1b0fabd42a0bc96edb513.svg
js.stripe.com/v3/fingerprinted/img/ Frame 832F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/KlarnaFullLogoDark-e885a50df6e1b0fabd42a0bc96edb513.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c5da52d27dcb8e9467dde8512cace686ef64a0fac7977e50b395c3f379e58593
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:21 GMT
via
1.1 varnish
age
1943066
x-cache
HIT
content-length
976
x-request-id
8f1712ba-5590-4e8b-a6c8-2afb4678ecb5
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 27 Feb 2024 21:03:40 GMT
server
Fastly
etag
"e885a50df6e1b0fabd42a0bc96edb513"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
5
KlarnaFullLogo-5639d307076304fa47533d826fa4e842.svg
js.stripe.com/v3/fingerprinted/img/ Frame 0C22 		1 KB
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/KlarnaFullLogo-5639d307076304fa47533d826fa4e842.svg
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-method-messaging-a8c66f0a2ba314fa55c1c6f760ebd284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
988462252d52f2d1d1e6265621a55fb645e948ac835ae7295da37d026aa068c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:21 GMT
via
1.1 varnish
age
1333807
x-cache
HIT
content-length
614
x-request-id
fd21483b-25b4-4223-a116-8b8aef5503f0
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 05 Mar 2024 22:07:34 GMT
server
Fastly
etag
"5639d307076304fa47533d826fa4e842"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8
KlarnaFullLogoDark-e885a50df6e1b0fabd42a0bc96edb513.svg
js.stripe.com/v3/fingerprinted/img/ Frame 0C22 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/KlarnaFullLogoDark-e885a50df6e1b0fabd42a0bc96edb513.svg
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-method-messaging-a8c66f0a2ba314fa55c1c6f760ebd284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c5da52d27dcb8e9467dde8512cace686ef64a0fac7977e50b395c3f379e58593
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:21 GMT
via
1.1 varnish
age
1943066
x-cache
HIT
content-length
976
x-request-id
d2b5cee1-e42f-4083-86cf-b4491351cba1
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 27 Feb 2024 21:03:40 GMT
server
Fastly
etag
"e885a50df6e1b0fabd42a0bc96edb513"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
b
r.stripe.com/ Frame 2654 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422034359
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1711034422034211
access-control-allow-credentials
true
content-length
0
KlarnaFullLogo-5639d307076304fa47533d826fa4e842.svg
js.stripe.com/v3/fingerprinted/img/ Frame 80F7 		1 KB
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/KlarnaFullLogo-5639d307076304fa47533d826fa4e842.svg
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-method-messaging-a8c66f0a2ba314fa55c1c6f760ebd284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
988462252d52f2d1d1e6265621a55fb645e948ac835ae7295da37d026aa068c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:21 GMT
via
1.1 varnish
age
1333807
x-cache
HIT
content-length
614
x-request-id
cbca50be-3ac0-4a58-a87a-1ff11c1a2bf6
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 05 Mar 2024 22:07:34 GMT
server
Fastly
etag
"5639d307076304fa47533d826fa4e842"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9
KlarnaFullLogoDark-e885a50df6e1b0fabd42a0bc96edb513.svg
js.stripe.com/v3/fingerprinted/img/ Frame 80F7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/KlarnaFullLogoDark-e885a50df6e1b0fabd42a0bc96edb513.svg
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-method-messaging-a8c66f0a2ba314fa55c1c6f760ebd284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c5da52d27dcb8e9467dde8512cace686ef64a0fac7977e50b395c3f379e58593
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-method-messaging-7740ea8e113a2e9272d62c96ee01c663.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:21 GMT
via
1.1 varnish
age
1943066
x-cache
HIT
content-length
976
x-request-id
e429c651-ba0d-4bb2-a0aa-3704c154256a
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 27 Feb 2024 21:03:40 GMT
server
Fastly
etag
"e885a50df6e1b0fabd42a0bc96edb513"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
b
r.stripe.com/ Frame 6D62 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422033227
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1711034422032930
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame CAB8 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422034064
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1711034422033724
access-control-allow-credentials
true
content-length
0
controls.js
maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&callback=googleMapsCallback&libraries=places,geometry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ff257b0f3651efdd930b8d643a592404db91ea9af61b6c6360f551530430932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 22:31:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
233347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25159
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 20:45:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Mar 2025 22:31:14 GMT
css
fonts.googleapis.com/ 		302 B
382 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=it
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/util.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fb3f4f18d94f4bcc3dbf87e16bd68982e85b46458a261f79c0e5c1852fd579e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Mar 2024 15:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 14:50:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Mar 2024 15:20:22 GMT
css
fonts.googleapis.com/ 		32 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=it
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/util.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9064f4f6ab642a40b8a14f1521eb6ab9ab54b5a781957ba16bae1cca47c3c7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Mar 2024 15:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 14:42:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Mar 2024 15:20:21 GMT
transparent.png
maps.gstatic.com/mapfiles/ 		0
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		638 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96827d119793d3b1f43be25de0a51e3fb1d6000412725f6c16171a6be280cd38

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
marker.js
maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/5/intl/it_ALL/marker.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCO7Ud9crjvmpxlv5NsldihAHjH7Vz6DAc&callback=googleMapsCallback&libraries=places,geometry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cd40195c577a6b2fb67d67e0a668ad766cf77b52378f802d093b33120c0207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
2849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 20:45:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 14:32:52 GMT
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		123 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
495beca2bdc18adfe4394c8048a0ea36681b8c4d6f023c624b387818c8a968cc

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		104 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		104 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		104 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a670ebf8c45333dfbe0c9142945e348b6d56b7e3478ca0d596b6f891158836a

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cafbc72c5f1ce01dfd4fa24ca8e045c60790b31f9ed1786eecb573283a4eb207

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		647 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2657ea95d715829d0813ae08b913dec1c09c052a5a5eb5b7b387ac0d7e5be924

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9458ee96a742f91d479bbba627caca8408afb1b66f55ec514e66ac4a3027edb5

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		608 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d24416e42a3c1894f2d75caefd485e922377c66c6b1da5ed3b77a1c076545d3

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		608 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52e4298d8ea2042be885d1d700156124df1850995e2a1c6f1e9f921e7a1eb22f

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		608 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9687445fb917bd46c10aaed31d841f1f3a706b49cde1274cf3f91d081486a8d9

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		147 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fea5800a2519b46aa3ccacac1f9a19c8086d2ddc2d04d656656ba775fbd6ba0c

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		147 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68ec98e666510bfebfcbec2fa73d2d685d89bdda35a958ef6c3a8435d8667520

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		147 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce791f9765c10e3b60ee51d23d7265fb0ee44c5c5368cfdc012a939efccd5ac4

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		176 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4319327494b8ca482d4aaf975d10be81295bbdaa9f3e9045c257d5167713e58a

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		176 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcee64b6c93241fc14ae0fec1ca53d40ddc1790de811d39de042606c0f94fe9c

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		176 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f77b14aaf136857d885934d9045a8e6e88b97be6d9b912c63beaf5ed05e42b6

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shop.synlab.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:45:27 GMT
x-content-type-options
nosniff
age
200094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:45:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shop.synlab.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 18:30:08 GMT
x-content-type-options
nosniff
age
247813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Mar 2025 18:30:08 GMT
b
r.stripe.com/ Frame CAB8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422274983
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1711034422274688
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 6D62 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422327816
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1711034422327633
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 2654 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422333444
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711034422332794
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 2654 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422417522
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711034422417248
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 6D62 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422419927
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711034422419621
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame CAB8 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fd4c1bd22e5fb20ac2d5710e0f26a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 21 Mar 2024 15:20:22 GMT
x-stripe-server-envoy-start-time-us
1711034422420749
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1711034422420063
access-control-allow-credentials
true
content-length
0
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 		176 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 15:20:25 GMT
via
1.1 varnish
age
7851713
x-cache
HIT
content-length
127
x-request-id
612b4041-45ad-4768-80e9-0342794b8d94
x-served-by
cache-mxp6923-MXP
last-modified
Thu, 21 Dec 2023 18:13:43 GMT
server
Fastly
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
70897

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
maps.gstatic.com
URL
https://maps.gstatic.com/mapfiles/transparent.png

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| regeneratorRuntime object| BYOCComponents function| FEAASReactElement object| FEAASLoading function| initCookieConsent function| __NEXT_PRELOADREADY function| Accordion function| initAccordions function| Collapse function| initCollapses function| Carousel function| initCarousels function| Dismiss function| initDismisses function| Dropdown function| initDropdowns function| Modal function| initModals function| Drawer function| initDrawers function| Tabs function| initTabs function| Tooltip function| initTooltips function| Popover function| initPopovers function| Dial function| initDials function| initFlowbite object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| webpackChunkStripeJSouter function| noop function| Stripe function| googleMapsCallback object| CC object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| module$exports$mapsapi$geometry$polyGeometry object| module$exports$mapsapi$poly$polylineCodec object| _xdc_

10 Cookies

Domain/Path Name / Value
shop.synlab.it/ Name: sc_site
Value: shfy_italy
shop.synlab.it/ Name: INGRESSCOOKIE
Value: 1711034418.762.109665.112419|373dfac502c59c9a3cdb7036f56379a1
shop.synlab.it/ Name: shfy_italy#lang
Value: en
shop.synlab.it/ Name: sxa_site
Value: shfy_italy
shop.synlab.it/ Name: __Host-next-auth.csrf-token
Value: 27dc1b7efd5a1926603105c10eeb0e36bb2cfad61420f1585fcf97a2d8f18498%7C7333d189ba27b3a487702801a94c2027c79e71092f35345bf0df5c0bdc5305a4
shop.synlab.it/ Name: __Secure-next-auth.callback-url
Value: https%3A%2F%2Fshop.synlab.it
shop.synlab.it/ Name: ordercloud.access-token
Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InB3Yk1nVkIta1UtQ3RtU2NzNnJGMlEifQ.eyJqdGkiOiJpSldfZW1fanFrLVM3Sm1Nb0NSQzRRIiwidXNyIjoiZGVmYXVsdF9idXllcl9pdCIsImNpZCI6IjEzZDdhMjY0LTU5YTUtNGZhNC1hMzNkLWFkNWEwZGI0ZDEyNSIsIm9yZGVyaWQiOiJaQlpTUVIzc00wV0lmMEtCVmRTVTJ3IiwidSI6IjI4NjIwIiwidXNydHlwZSI6ImJ1eWVyIiwicm9sZSI6IlNob3BwZXIiLCJuYmYiOjE3MTEwMzM4MjAsImV4cCI6MTcxMTYzOTIyMCwiaXNzIjoiaHR0cHM6Ly93ZXN0ZXVyb3BlLXByb2R1Y3Rpb24ub3JkZXJjbG91ZC5pbyIsImF1ZCI6Imh0dHBzOi8vd2VzdGV1cm9wZS1wcm9kdWN0aW9uLm9yZGVyY2xvdWQuaW8ifQ.PXdIY3Ma6mXWLUlOyMYKyw4CFGb9O80dgyH2kg6Uxk61ADcW7Ztpx1JAabQwv6YJlBadFdV7GGhsmerbfOyl_zloRBhE3avqJrqqAyI5GHueRQ6U0POvyICFtUvENu67QA7RjmGLzGHHdTnDfh80v21-kFMypZIZWxQ-Fk9bRKhz5Q7HU7R0ltGKqIBuUPxuYoN4pbXoieDY5HcdYVr6xlNCk2GXXmvV2XtgqvuJFxcMH6ySrb9a0yubDOUuyMa6yv16oAR4x40oBmrkWYt99RaD9C2QvVCccoWiROktjwATFWJYgiInPmZJ-WEIgGwX6hu9HBqtFusv3h7m4j5-xw
m.stripe.com/ Name: m
Value: 4f9f7913-4ebd-4cda-bc76-e5ed9b478b0af6f593
.shop.synlab.it/ Name: __stripe_mid
Value: 652112e0-d6ab-48b0-ae81-f3b591091a92005687
.shop.synlab.it/ Name: __stripe_sid
Value: 7edcd9fe-66e7-41d2-b48e-3abfc7299d7d973b85

1 Console Messages

Source Level URL
Text
other warning URL: https://shop.synlab.it/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src data: 'self' *.sitecorecloud.io maps.gstatic.com maps.googleapis.com www.google.com www.google.pl googleads.g.doubleclick.net www.googletagmanager.com www.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: js.stripe.com maps.googleapis.com *.googletagmanager.com *.cloudfront.net *.googleadservices.com www.google.com www.google.pl *.hotjar.com connect.facebook.net www.gstatic.com unpkg.com; frame-src data: shfy.booking.synlab.co.uk js.stripe.com *.shfy.booking.synlab.co.uk td.doubleclick.net www.gstatic.com www.google.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src blob: api-js.mixpanel.com js.stripe.com *.shop.synlab.it shop.synlab.it *.shfydigital.com shfy.sts.synlab.it *.shfy.sts.synlab.it *.ordercloud.io maps.googleapis.com *.google-analytics.com *.sitecorecloud.io *.bookingadmin.synlab.co.uk *.synlab.co.uk content.hotjar.io wss://ws.hotjar.com https://*.analytics.google.com; object-src data:; worker-src blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
maps.gstatic.com
ppm.stripe.com
r.stripe.com
shop.synlab.it
westeurope-production.ordercloud.io
xmc-synlab1-synlab-production.sitecorecloud.io
maps.gstatic.com
151.101.192.176
18.173.205.14
198.202.176.141
20.160.45.44
20.76.211.154
2606:4700::6812:100a
2a00:1450:4001:800::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:827::200a
35.186.241.51
44.239.187.78
54.186.23.98
00f8454e78871b7a1c4d726246775071c60ac5367e151843d7a38eef6109f8bf
033d07a992d6db25494efa6f855a57de1f4e2927f24dc83ff20cb5dfbcf43cb1
0679f809997a2b8a66a271572f71b09bb2d2fadf77d6f5a8e0e02880180fdc77
067b8bae80eea15065054a51a03c737964f5bfa966986e20d967d875b69de5ff
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0931e0be012ffff696f28c97db69de15e490d0ea630443371e3e7c0f006997d1
0d37bf13cf58014da6ff434281d2537e2139bebc0d2a350c72236caa62a720c8
0ff257b0f3651efdd930b8d643a592404db91ea9af61b6c6360f551530430932
151e89768d875606659a23ce1b47139aa64d6f4db2e7a41eec1bfe5dd11cecb5
1554afe844d40b447fcf0c10f7200ad29155ea2de942f53ac81c69932e37c593
182cd0310fe6df2f910aa951fa5cc8bb1a1faf1e252af2e143417f1022e44bf5
189fee3c431143ba14e369189578b499c8cd1ce760bd4a455cb0c5503ba85cde
1b72a6192e8a6c104ce7a5e76b4c9c3ab3c660ec5dbe840d6553b2ae9592e2cc
1bd7d27916e67b0ccaccbd6260b8e85c5ea4e7de0dcae40d53279d2e4525265c
1ca97a9997da395a345400fa04dfb5fdf005e0a47c5d09d59fee268615e4690e
1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005
20b5ee027cc179b166b4a899739f14e3d790ca4afb91402cb02424be25f47220
2657ea95d715829d0813ae08b913dec1c09c052a5a5eb5b7b387ac0d7e5be924
2950425cc0069e8864a480a6a57a9347d09c5006cbaee0fee231a30856830b0d
29d7103c3c7d9a082c0a4e744bdaa295e75f005e04cf8b9a062677a407c4dbea
2ae9a1ea28a9962acbc93176617f10103ec6b47ee2c694435dfcbd7c4125cd3d
2c34e79c9a894b7c2a526b0723818c086aa9410438db98056d8290581a6ac4eb
2ef3bed2e442bbd2f437cefbf574c9aa5123b2feda5c71a3151e91bc0c058271
306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a
30dc8e1e750c13c6a1402889ad2a6400b8c23f55ed5c20a0e59c337613323b19
3277b913e7a5126c2eb546e7a0da135c6fef3f8b48d22ca3aaab9c0e532cf738
34a2278ad0ca789eba055cbc1b8b5742c761c576815459bd31dd53448ab7b3c4
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3886e402921be562e6079d503862dd9db3e3bcd701e4dad22ef4cca0c45ff650
3d9f4a4d912b5cf208687001d886a8d1db8179ae386552e45ab24308d86b5763
3f77b14aaf136857d885934d9045a8e6e88b97be6d9b912c63beaf5ed05e42b6
3fb3f4f18d94f4bcc3dbf87e16bd68982e85b46458a261f79c0e5c1852fd579e
41b08a4ee8fbfd82a64dc10d0b901a4f5fb10c0e913f4d2a89ab5a1f0c7372d4
4319327494b8ca482d4aaf975d10be81295bbdaa9f3e9045c257d5167713e58a
432c2baf4e0235a8e68564d61603be317f67edd7889f0e963eadd684061b3150
43ca441fa2283e98f636052991239d8efbfb72d5e8863b141f34e11e139cf4b4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453becc69ec2c66370b49298f47841d353e044c1ccd0c1e1fe6d6ce5ba710195
4762e776b7fed9879bdc7173ff16135b73a7003895ec0be77dcf72d1651c456b
4959b629f516de6786567ecdab68bf7c193cbb96c187017d75f6d7a4019a29f5
495beca2bdc18adfe4394c8048a0ea36681b8c4d6f023c624b387818c8a968cc
52d1baa88fe5ac6511ef034a56d01cf55953bf1ded7cc2af8dfe52223b604586
52e4298d8ea2042be885d1d700156124df1850995e2a1c6f1e9f921e7a1eb22f
596dbacf9653bc0827b7d19027a097ce646393d1d173ceb87f623e07fb74fe18
59d46c2ac15d698e67d3bb81dd9166ccce5d79d687bd022c64e3f2bb7b649266
5a670ebf8c45333dfbe0c9142945e348b6d56b7e3478ca0d596b6f891158836a
5cd8d861ff06c5823b614853a440cee01c1a349d9d20a6a8ce2169aa3af707c6
5d8c0edb56c1d2ab932035e01c6b38913ca2bc4d52569b6e84446f96f08274a6
6155a21cf68701caae30b229010dbef2e1033683f3246cabb0ce9893abb11866
61b960118b7c4760db154a32dc9a3341f2e858df7bed95530ff13a9378c5d13f
624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4
636fe392aab44bec381f5727a4ac76dc6b9fd4dd68706423bbe5e8f1f5407eee
68ec98e666510bfebfcbec2fa73d2d685d89bdda35a958ef6c3a8435d8667520
6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7211219a1b8326ae9356fd90e818a63c631e22297840e28b7594a59d3420fdde
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
739a59bb4b4a944fc240484af1e3a94f6daaa9736843cf9affc9bf4f4c5d3fbb
739f8ee2fd5ee472cbe286c8927c53ef1ecb516f194441fa94a174266fbef9aa
75ecac63ca3a9fe849cdd4ff0faa124f3fee4e05dba1ba4fbb001b37161c0f68
7901a327fbeb5fb2b223c68d4145b07e863c1667ee817df3e037808cfba0269c
7af051179ef90efc3bd946bdf23133ebbb99025f0a476214a23c240f673ecf4d
7d83a76a0913b90abe7c03d713a1bdb1ba54a84d279017b743b4ca3522cd3ecb
80ea4a3ec7a4f7c2fab9931530339207a2c5f4735abfca66b6608f5759ed6947
828997727b7fdc8557187647596b2bd178dae09ef29b58c12739bc233ccf0d6b
84191aeb17e0d06b48871093dc11253594f6499e94d8f4b70581479165e67005
863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1
8719e3043fce3e1977f2a37f930f72e85fbc862141867e38f2db8eff23fe97bc
89275a1c66640733265b5be89864b6daefef1cc3f275566dd8fd29bd66601a83
8d24416e42a3c1894f2d75caefd485e922377c66c6b1da5ed3b77a1c076545d3
8d86c4dbca60a258ea70be29c265ba88f09ead5213aaf2f01b44e71ad2831c92
8e271ed7b549991d2818871c5affd8689eb95bd241e08b9c3bde6ffca737d96c
90d1b7768b8687b27e51211ec2dc3b4db0483a006229bdad2a24e1a344d8e8b5
9208d3b15dfda19ba48d0dd78429975637682531aa6aa9c9a0b0c9049a4a081d
9366d1eaf336fc240ca6a3aff8717c008788c3beb473515d987732bcf597c9cf
9458ee96a742f91d479bbba627caca8408afb1b66f55ec514e66ac4a3027edb5
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
96827d119793d3b1f43be25de0a51e3fb1d6000412725f6c16171a6be280cd38
9687445fb917bd46c10aaed31d841f1f3a706b49cde1274cf3f91d081486a8d9
9754bbcd09036c5be97e47b3be88ad2ec4555397ac4083d9b271cdf5177feee8
988462252d52f2d1d1e6265621a55fb645e948ac835ae7295da37d026aa068c1
9b3ecac206dda8b9fe5469825de7a398a8eff0748213cafa04af7232c06d6ec5
9bdf18501192e3cddfc53ac585303c638e4d9ddf509db78a48ec8372caa41949
9be0856d730dec15f4ffc800b4a40e397495e5865b7efaecbb3054350fb31fe0
9beec5275a01cfc165d765cb45c52671c36976088d6a7d2290fa576fdaf3741e
a04ec0cba8d100d15e67d794045e2fe20e9108ee23347fa1691ab5399a6f47d5
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
a6263a282e3f7fe85354307d3b6316aced1492ae4e185356c73ddeb5a1839fdf
ab64f974c4cb25996b56be26445a8d75c5e9191391c3e81350530d2da736a7f7
abca0004f2960ea162b161a82240a139fce6012733a76f3859febb9bed38b420
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0652c8f2970d1149736b67d47a0d3ef453a73cd465cc3727d25ddd851f7b928
b2caed3e357098a23775ee481bbe38f853afe172114ffd579e14cc3984b3d5fb
b495a17da352a4cf99e9f2697997a2a48f76ab879e637fdd4a550622e7e68952
b6a1f7ba67189b8b967e563d844e02c9ef323caf9a5a450aaa166d72f3860f47
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba7734ad2c8fd1d1f7d2ee9a8693c2b6e856ce79124355436390e15637592c48
bddcf58428f2cdf9729ae6ecb56004af7185d29deb38b8b0962607b444e81ce7
be01311f38d25dd6b0ac1aa59afc65e634b2b02e87c7842293a7f1528cb2fc55
c59dc4105a79090dbf6bb6ffb23ce4a4e4f91370352854697b30cbca09ef057f
c5da52d27dcb8e9467dde8512cace686ef64a0fac7977e50b395c3f379e58593
c9064f4f6ab642a40b8a14f1521eb6ab9ab54b5a781957ba16bae1cca47c3c7a
c913475674b6bc5f99ac59c2c6d6088716260a5f963aa3cc114abf19c4a74cbc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca8a0cd665691366ea3f4307f8ef0d39f63dae191208b785e5ee84d4e0d5d67a
cafbc72c5f1ce01dfd4fa24ca8e045c60790b31f9ed1786eecb573283a4eb207
ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a
cd5378bdf838b5809b33cd042292515d9e4dbf75f1ea891c2a43bf153da1fdf8
ce791f9765c10e3b60ee51d23d7265fb0ee44c5c5368cfdc012a939efccd5ac4
d05c5c36913619961d197f7167b86af79db4f42157b5672b1f1088f9e744b7fa
d300c29137a0b81f82eb4fd763f51cb857a33972ac510ab34bc9502217b586bf
d3d54566e5d3102dbf187d55e1c74b04457acac8f08e3fe06e8be7046a797ae2
d6be56e3b08bcffe5d09fe46a88dc95268e35e3d4f65116fa55df91def64ac62
d6f76ff29543a4f00611057438a6289a168a6186a988ffe7179e6fabf1a71019
d96a7c6ca5ec6089ddb6727b541148519b78b18eb533b57641f7782e5f0bd12f
d9cd40195c577a6b2fb67d67e0a668ad766cf77b52378f802d093b33120c0207
da0857e22f1a2af4945e551d10738503ed450844da343da3b0a870dc92b53fc9
dadeb4b0afe0b9d304f4e636cf2289c8a310c374aaca8335aabb31ae49175e2c
dc4303353f528e726a8b1d70ea2222004f587346efc7071cd2c1846c31894760
dcee64b6c93241fc14ae0fec1ca53d40ddc1790de811d39de042606c0f94fe9c
dfde5b90423ae16ee1cfcd1eb852397ca889ecc867e7f805516b436219ccaead
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3407e6343653d6e4ea25adf6559505ae39a1ebeb9f372782c3095e478cea7c3
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5
ead2e7253f1d760b437cf39c1f390471e19610394c512447cda0e4c259973c67
eb961a895c38bdd4162816032471a7abc614099c906bfcf6230e21fa1642439b
ee237537f66538373c3e077755590ebe97d39ebcc98fed3f271d4fb368116991
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f683872c7c925c59ef23748fd38b77025ee9fd40c4490037dd0bf406318b3fb9
fea5800a2519b46aa3ccacac1f9a19c8086d2ddc2d04d656656ba775fbd6ba0c
ff831d71b98ed6d9002eea99b80ad5e788a92c0fab9553ffa447955304e19814