urlscan.io logo urlscan.io
SecurityTrails logo

www.westfield.com Open in urlscan Pro
13.107.246.45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://westfieldmokotow.eu/
Effective URL: https://www.westfield.com/poland/mokotow
Submission: On June 09 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 13 domains to perform 58 HTTP transactions. The main IP is 13.107.246.45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.westfield.com. The Cisco Umbrella rank of the primary domain is 403366.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on September 12th 2023. Valid for: a year.
This is the only time www.westfield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.128.222.10 12824 (HOMEPL-AS)
1 1 23.102.51.81 8075 (MICROSOFT...)
15 13.107.246.45 8075 (MICROSOFT...)
1 151.101.193.229 54113 (FASTLY)
10 104.19.177.52 13335 (CLOUDFLAR...)
9 104.19.167.65 13335 (CLOUDFLAR...)
11 13.107.246.67 8075 (MICROSOFT...)
2 172.67.11.155 13335 (CLOUDFLAR...)
3 142.250.185.232 15169 (GOOGLE)
1 172.64.155.119 13335 (CLOUDFLAR...)
1 7 108.138.26.88 16509 (AMAZON-02)
58 9
1    188.128.222.10 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver134630.home.pl
westfieldmokotow.eu
1    23.102.51.81 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pl.westfield.com
15    13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.westfield.com
resourcesurwscth.azureedge.net
cdn.goodays.co
static.critizr.com
1    151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
10    104.19.177.52 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
9    104.19.167.65 (None, )

ASN13335 (CLOUDFLARENET, US)
res.cloudinary.com
11    13.107.246.67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cdn.urw.com
2    172.67.11.155 (United States)

ASN13335 (CLOUDFLARENET, US)
acsbapp.com
cdn.acsbapp.com
3    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
www.googletagmanager.com
1    172.64.155.119 (None, )

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
7    108.138.26.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-88.fra56.r.cloudfront.net
halc.iadvize.com
Apex Domain
Subdomains		 Transfer
11 urw.com
cdn.urw.com — Cisco Umbrella Rank: 468389
365 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 375
214 KB
10 azureedge.net
resourcesurwscth.azureedge.net — Cisco Umbrella Rank: 467469
1 MB
9 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 3286
1 MB
7 iadvize.com
halc.iadvize.com — Cisco Umbrella Rank: 35441
26 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
256 KB
3 westfield.com
pl.westfield.com
www.westfield.com — Cisco Umbrella Rank: 403366
86 KB
2 goodays.co
cdn.goodays.co — Cisco Umbrella Rank: 384451
110 KB
2 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 4723
cdn.acsbapp.com — Cisco Umbrella Rank: 4972
93 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 631
308 B
1 critizr.com
static.critizr.com — Cisco Umbrella Rank: 430784
13 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 354
17 KB
1 westfieldmokotow.eu
westfieldmokotow.eu
96 B
58 13
Domain Requested by
11 cdn.urw.com www.westfield.com
10 cdn.cookielaw.org www.westfield.com
cdn.cookielaw.org
10 resourcesurwscth.azureedge.net www.westfield.com
resourcesurwscth.azureedge.net
9 res.cloudinary.com www.westfield.com
7 halc.iadvize.com 1 redirects www.westfield.com
halc.iadvize.com
3 www.googletagmanager.com resourcesurwscth.azureedge.net
www.westfield.com
www.googletagmanager.com
2 cdn.goodays.co www.westfield.com
static.critizr.com
2 www.westfield.com resourcesurwscth.azureedge.net
1 cdn.acsbapp.com acsbapp.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 static.critizr.com www.westfield.com
1 acsbapp.com www.westfield.com
1 cdn.jsdelivr.net www.westfield.com
1 pl.westfield.com 1 redirects
1 westfieldmokotow.eu 1 redirects
58 15
Subject Issuer Validity Valid
*.westfield.com
RapidSSL TLS RSA CA G1		 2023-09-12 -
2024-09-28		 a year crt.sh
*.azureedge.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-05-22 -
2025-05-17		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-12-14 -
2024-06-22		 6 months crt.sh
cdn.urw.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-06 -
2024-12-06		 a year crt.sh
acsbapp.com
GTS CA 1P5		 2024-04-22 -
2024-07-21		 3 months crt.sh
cdn.goodays.co
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-03-22 -
2024-09-22		 6 months crt.sh
static.critizr.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-03-22 -
2024-09-22		 6 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.iadvize.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.westfield.com/poland/mokotow
Frame ID: C2187836423B49EE378C2D148F18AA97
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Centrum handlowe | Westfield Mokotów

Page URL History Show full URLs

  1. https://westfieldmokotow.eu/ HTTP 301
    https://pl.westfield.com/mokotow HTTP 301
    https://www.westfield.com/poland/mokotow Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

58
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

9
IPs

4
Countries

3960 kB
Transfer

8463 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://westfieldmokotow.eu/ HTTP 301
    https://pl.westfield.com/mokotow HTTP 301
    https://www.westfield.com/poland/mokotow Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://halc.iadvize.com/iadvize.js HTTP 302
  • https://halc.iadvize.com/static/livechat/96e5cec6897571f9adae4b40fe17daeea8b80932/live.js

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mokotow
www.westfield.com/poland/
Redirect Chain
  • https://westfieldmokotow.eu/
  • https://pl.westfield.com/mokotow
  • https://www.westfield.com/poland/mokotow
228 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
f5ed0843159f7a14cc41139796bf2246520d2e2dcd1ab7b21faff47fe366ff85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
content-type
text/html; charset=utf-8
date
Sun, 09 Jun 2024 14:35:27 GMT
etag
W/"A23196056DA822EB81B5A80535B34B7C"
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-azure-ref
20240609T143527Z-175dcb64d5c4wnl227yncsk56000000000cg00000001xxmb
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-server
CD2TH
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
*
content-length
163
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
content-type
text/html; charset=UTF-8
date
Sun, 09 Jun 2024 14:35:26 GMT
location
https://www.westfield.com/poland/mokotow
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-server
CD2
x-xss-protection
1; mode=block
Rebranded.min.css
resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/ 		2 MB
304 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32164ea776a907de1fb79709ec40dd88e7ba085bf881077884818168111579f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
content-encoding
br
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 05:52:08 GMT
etag
W/"702f56dbc2a5da1:0"
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5cjvfvpb88ucy04nw0000000hwg00000000x0dt
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-server
CM1TH
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.min.js
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Origin
https://www.westfield.com
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 09 Jun 2024 14:35:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
1525044
x-jsd-version
5.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17261
x-served-by
cache-fra-eddf8230084-FRA
x-jsd-version-type
version
etag
W/"eab9-PwlPAQv7DAIqUbYneNQ2HRytP9Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
main.6d45d59a.js
resourcesurwscth.azureedge.net/dist/newunibailreactapp/static/js/ 		2 MB
684 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/static/js/main.6d45d59a.js
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
803ee7936fcb8ecd1c47df5cf6453534a3416a58d7f1659be2da8fa42e35b264
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
content-encoding
br
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 07:50:47 GMT
etag
W/"d8f1ac6ed3a5da1:0"
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5cjvfvpb88ucy04nw0000000hwg00000000x0dv
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-server
CM2TH
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 14:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YmFgVUTeB0lXZXM9YgX19A==
age
28230
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jun 2024 19:38:40 GMT
server
cloudflare
etag
0x8DC8660444682DE
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
64b6b1d0-e01e-006c-1bf5-b8eaba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8911d92d2d04b224-WAW
f0yn5czzohf2l0istt2u.png
res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/centre/logo/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/centre/logo/f0yn5czzohf2l0istt2u.png
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b3ce9800baa4486de933323d96068951e83f70f7dcf4ea50c8754acb1e026f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=31;start=2024-06-09T14:35:28.198Z;desc=hit,rtt;dur=20,content-info;desc="width=1181,height=708,bytes=58766,o=1,ef=(17);"
content-length
58766
last-modified
Wed, 03 Apr 2024 19:54:37 GMT
server
cloudflare
etag
"5513ad61c9e4948e7eb5a4a023c105bd"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
8911d92d3a7c352d-WAW
timing-allow-origin
*
w-club-simple.svg
cdn.urw.com/poland/mokotow/-/media/Unibail/Global/LoyaltyProgram/LoyaltyHeader/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.urw.com/poland/mokotow/-/media/Unibail/Global/LoyaltyProgram/LoyaltyHeader/w-club-simple.svg?revision=6af32b6d-134b-4c6d-b8ef-2ffbbc0c4d67
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0a0d9583c19489fbfa9c3256e40aea71ed3c84d41ccce9b365b8a3b1923c70f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
last-modified
Fri, 03 Nov 2023 04:41:52 GMT
content-encoding
br
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5csbqb7q92php8su40000000hu000000000aa6x
content-type
image/svg+xml
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=2592000
x-server
CD1
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
default.png
cdn.urw.com/dist/newunibailreactapp/img/ 		68 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.urw.com/dist/newunibailreactapp/img/default.png
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
63256338
content-length
68
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 10:02:25 GMT
etag
"30d33cd2e5a5da1:0"
x-azure-ref
20240609T143528Z-175dcb64d5csbqb7q92php8su40000000hu000000000aa6y
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-server
CD3
accept-ranges
bytes
unibailscripts.min.js
resourcesurwscth.azureedge.net/dist/newunibailreactapp/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/js/unibailscripts.min.js?version=20240510.2
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b4bd0ee953434a917e3e3eae61ab94b5017db54ad47d4a5ee346bf4a1646067f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
content-encoding
br
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 05:52:09 GMT
etag
W/"76eeddcc2a5da1:0"
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5cjvfvpb88ucy04nw0000000hwg00000000x0du
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-server
CM1TH
8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd.json
cdn.cookielaw.org/consent/8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd/8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12d7e48c59e1adf493ee40ce8d2d146e1864c0ed69b336613f8e10fa76090af5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 14:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12006
content-md5
e2EAOP5h82xD9Id8/y2coQ==
content-length
1581
x-ms-lease-status
unlocked
last-modified
Tue, 19 Mar 2024 16:55:46 GMT
server
cloudflare
etag
0x8DC48356C44CE0A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
76a8590d-201e-0091-711e-7a5c31000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8911d9313b3c70bd-WAW
expires
Mon, 10 Jun 2024 14:35:28 GMT
app.js
acsbapp.com/apps/app/dist/js/ 		302 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.11.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7c4c838b4fa226c28a5c858394e3f419d72d6d10c2935635620ae2d6904ca60

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPrD2s4DPJ2QPJzxT_F-y8han9pA27hGFu1XtN2OE36HE4iazzzMs0808caU71q6mm6LjEY
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Mon, 03 Jun 2024 15:06:40 GMT
server
cloudflare
etag
W/"56bd58730f9e878750c6806cefc99b1f"
vary
Accept-Encoding
x-goog-generation
1717427200229620
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=ZU0tvA==, md5=Vr1Ycw+eh4dQxoBs78mbHw==
access-control-expose-headers
*
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
309626
cf-ray
8911d9317f1e5b00-VIE
expires
Mon, 09 Jun 2025 14:35:28 GMT
f0yn5czzohf2l0istt2u.png
res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/centre/logo/ 		57 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/centre/logo/f0yn5czzohf2l0istt2u.png
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b3ce9800baa4486de933323d96068951e83f70f7dcf4ea50c8754acb1e026f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2024 19:54:37 GMT
server
cloudflare
etag
"5513ad61c9e4948e7eb5a4a023c105bd"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
server-timing
cld-cloudflare;dur=31;start=2024-06-09T14:35:28.198Z;desc=hit,rtt;dur=20,content-info;desc="width=1181,height=708,bytes=58766,o=1,ef=(17);"
accept-ranges
bytes
cf-ray
8911d92d3a7c352d-WAW
timing-allow-origin
*
content-length
58766
w-club-simple.svg
cdn.urw.com/poland/mokotow/-/media/Unibail/Global/LoyaltyProgram/LoyaltyHeader/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.urw.com/poland/mokotow/-/media/Unibail/Global/LoyaltyProgram/LoyaltyHeader/w-club-simple.svg?revision=6af32b6d-134b-4c6d-b8ef-2ffbbc0c4d67
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0a0d9583c19489fbfa9c3256e40aea71ed3c84d41ccce9b365b8a3b1923c70f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
x-content-type-options
nosniff
last-modified
Fri, 03 Nov 2023 04:41:52 GMT
content-encoding
br
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5csbqb7q92php8su40000000hu000000000aa6x
content-type
image/svg+xml
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=2592000
x-server
CD1
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
default.png
cdn.urw.com/dist/newunibailreactapp/img/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.urw.com/dist/newunibailreactapp/img/default.png
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
x-content-type-options
nosniff
last-modified
Tue, 14 May 2024 10:02:25 GMT
etag
"30d33cd2e5a5da1:0"
x-azure-ref
20240609T143528Z-175dcb64d5csbqb7q92php8su40000000hu000000000aa6y
x-cache
TCP_HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-server
CD3
x-fd-int-roxy-purgeid
63256338
accept-ranges
bytes
content-length
68
x-xss-protection
1; mode=block
9bbad276bcba3185eb0690741f7a9890.js
cdn.goodays.co/sdk/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.goodays.co/sdk/9bbad276bcba3185eb0690741f7a9890.js
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74ed74d59032f6417e0c33919a1d06f8909be390d9d237eb0a9eed09d54b2ef9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
x-amz-version-id
9cW05rMrq0nDFLLAFvR6nxq8uSjDY8vC
last-modified
Tue, 07 Nov 2023 10:38:12 GMT
x-amz-request-id
H46RNYBBK71KXE1V
etag
"5557da9ec10d93f62d9974d93040eca3"
x-amz-server-side-encryption
AES256
x-azure-ref
20240609T143529Z-175dcb64d5c7j4cdg32dbumfqg00000006hg000000010f6y
x-cache
CONFIG_NOCACHE
content-type
application/javascript
accept-ranges
bytes
content-length
12817
x-amz-id-2
kT1O66SFAUb9cUtaWhzOTZGFk0yOqoI43PdcdC0LL92XFiqHimpdEB0YFs5Z3bwuChqV25lta7c=
9bbad276bcba3185eb0690741f7a9890.js
static.critizr.com/widgets/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.critizr.com/widgets/9bbad276bcba3185eb0690741f7a9890.js
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74ed74d59032f6417e0c33919a1d06f8909be390d9d237eb0a9eed09d54b2ef9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
x-amz-version-id
9cW05rMrq0nDFLLAFvR6nxq8uSjDY8vC
last-modified
Tue, 07 Nov 2023 10:38:12 GMT
x-amz-request-id
H46V6QFVKXCH5866
etag
"5557da9ec10d93f62d9974d93040eca3"
x-amz-server-side-encryption
AES256
x-azure-ref
20240609T143528Z-175dcb64d5c89kmvyysrsxz98g0000000hxg000000015g4p
x-cache
CONFIG_NOCACHE
content-type
application/javascript
accept-ranges
bytes
content-length
12817
x-amz-id-2
lK41DLiUXw0WtdStFtRrJzFVgc2fdC5n4Ahyr64j35rhSVSD5KOxl/3aZTUiwo2ceGrP2yFuPis=
shoppingCenters.woff
resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/ 		217 KB
133 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/shoppingCenters.woff?vj98os
Requested by
Host: resourcesurwscth.azureedge.net
URL: https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2763231ca37c277693b7ba9faf0f8e12784b59da54211adb4d1dbcdec2e55ca6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Origin
https://www.westfield.com
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
content-encoding
br
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 07:50:45 GMT
etag
W/"df7e806dd3a5da1:0"
vary
Accept-Encoding
x-azure-ref
20240609T143529Z-175dcb64d5cfrd69cgf80rc91s0000000hwg0000000197w3
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-server
CM2TH
Barlow-SemiBold.woff2
resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/Barlow-SemiBold.woff2
Requested by
Host: resourcesurwscth.azureedge.net
URL: https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8d0034fa3554fea53e6ede47947a93d0584a7e0278fdfdaeaa1009e046b13f41
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Origin
https://www.westfield.com
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
41680
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 07:50:43 GMT
etag
"216f9e6cd3a5da1:0"
x-azure-ref
20240609T143529Z-175dcb64d5cfrd69cgf80rc91s0000000hwg0000000197w4
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-server
CM2TH
accept-ranges
bytes
Barlow-Medium.woff2
resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/Barlow-Medium.woff2
Requested by
Host: resourcesurwscth.azureedge.net
URL: https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
40c00d311fa3fde13e4cff43e436a923c1dbcf975462922098b132331b4f42df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Origin
https://www.westfield.com
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
40564
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 05:52:15 GMT
etag
"d7970dfc2a5da1:0"
x-azure-ref
20240609T143529Z-175dcb64d5cfrd69cgf80rc91s0000000hwg0000000197w8
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-server
CM1TH
accept-ranges
bytes
Balgin-Bold.woff
resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/Balgin-Bold.woff
Requested by
Host: resourcesurwscth.azureedge.net
URL: https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d7951f91ba6f3ac7b1c3f34d956b6cbcf74332f5c0cacb04ac965098da7d10a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Origin
https://www.westfield.com
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
content-encoding
br
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 05:52:11 GMT
etag
W/"2735f3dcc2a5da1:0"
vary
Accept-Encoding
x-azure-ref
20240609T143529Z-175dcb64d5cfrd69cgf80rc91s0000000hwg0000000197w7
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-server
CM1TH
Barlow-Regular.woff2
resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/Barlow-Regular.woff2
Requested by
Host: resourcesurwscth.azureedge.net
URL: https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc45a5763d3c895ea408ee19cfa463ca68157a1eb1c2b16b556ba0f9e427dbf5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Origin
https://www.westfield.com
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
40508
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 05:52:15 GMT
etag
"6fbc80dfc2a5da1:0"
x-azure-ref
20240609T143529Z-175dcb64d5cfrd69cgf80rc91s0000000hwg0000000197w6
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-server
CM1TH
accept-ranges
bytes
Barlow-Bold.woff2
resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/fonts/Barlow-Bold.woff2
Requested by
Host: resourcesurwscth.azureedge.net
URL: https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4844d57b2656d2fbf85ce80f30c85ee35afdc392f1c08626ba8fac08869ce521
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/Rebranded.min.css?version=20240510.2
Origin
https://www.westfield.com
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
41612
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 05:52:14 GMT
etag
"8bb32adfc2a5da1:0"
x-azure-ref
20240609T143529Z-175dcb64d5cfrd69cgf80rc91s0000000hwg0000000197w5
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-server
CM1TH
accept-ranges
bytes
w-club-simple.svg
cdn.urw.com/-/media/Unibail/Global/LoyaltyProgram/LoyaltyHeader/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.urw.com/-/media/Unibail/Global/LoyaltyProgram/LoyaltyHeader/w-club-simple.svg?revision=6af32b6d-134b-4c6d-b8ef-2ffbbc0c4d67
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0a0d9583c19489fbfa9c3256e40aea71ed3c84d41ccce9b365b8a3b1923c70f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
last-modified
Fri, 03 Nov 2023 04:41:52 GMT
content-encoding
br
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5csbqb7q92php8su40000000hu000000000aa89
content-type
image/svg+xml
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=2592000
x-server
CD1
x-fd-int-roxy-purgeid
63256338
x-xss-protection
1; mode=block
GetServicesViewMore
www.westfield.com/api/sitecore/ServiceApi/ 		40 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.westfield.com/api/sitecore/ServiceApi/GetServicesViewMore?ursite=Mokotow&urlang=pl-PL
Requested by
Host: resourcesurwscth.azureedge.net
URL: https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/static/js/main.6d45d59a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f60fc85cc3eeb0267e2b47b6168200886d52bf2d58c10f95b6d5bcd957b9d7db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://www.westfield.com/poland/mokotow
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
x-azure-ref
20240609T143528Z-175dcb64d5c4wnl227yncsk56000000000cg00000001xxu2
x-cache
CONFIG_NOCACHE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store
x-server
CD3TH
accept-ranges
bytes
content-length
41294
x-xss-protection
1; mode=block
expires
-1
gtm.js
www.googletagmanager.com/ 		264 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NMH6ZV9
Requested by
Host: resourcesurwscth.azureedge.net
URL: https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/static/js/main.6d45d59a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0e1ae9870327fac60b4e3ea21a0bd782e98de8283958ea189eead930514a5219
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79918
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Jun 2024 14:35:29 GMT
unibailscripts.min.js
resourcesurwscth.azureedge.net/dist/newunibailreactapp/js/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/js/unibailscripts.min.js?version=20240510.2
Requested by
Host: resourcesurwscth.azureedge.net
URL: https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/static/js/main.6d45d59a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b4bd0ee953434a917e3e3eae61ab94b5017db54ad47d4a5ee346bf4a1646067f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
x-content-type-options
nosniff
last-modified
Tue, 14 May 2024 05:52:09 GMT
content-encoding
br
etag
W/"76eeddcc2a5da1:0"
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5cjvfvpb88ucy04nw0000000hwg00000000x0du
content-type
application/javascript
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=2592000
x-server
CM1TH
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
WM_23_86_critizer_994x393px_K_Ry.jpg
cdn.urw.com/poland/mokotow/-/media/Unibail/Country~o~PL/Common/Criticizr/ 		98 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.urw.com/poland/mokotow/-/media/Unibail/Country~o~PL/Common/Criticizr/WM_23_86_critizer_994x393px_K_Ry.jpg?mh=393&mw=994&revision=1880b194-9118-48af-8b5b-fd0040dbbb86&hash=EEF7EC4EE62F6A23401995DD825269FF
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
415a8c98ad0f51599b7ea12ceed0731d211afa1639f16af108b546305445aa37
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
last-modified
Fri, 14 Jul 2023 05:16:47 GMT
content-encoding
br
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5csbqb7q92php8su40000000hu000000000aa8x
content-type
image/jpeg
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=2592000
x-server
CD3
x-fd-int-roxy-purgeid
63256338
x-xss-protection
1; mode=block
WM_24_66_grafiki~o~digital_994x393_px_LK.jpg
cdn.urw.com/poland/mokotow/-/media/Unibail/Country~o~PL/Mokotow/Home~o~page/Carousel/ 		77 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.urw.com/poland/mokotow/-/media/Unibail/Country~o~PL/Mokotow/Home~o~page/Carousel/WM_24_66_grafiki~o~digital_994x393_px_LK.jpg?mh=393&mw=994&revision=48db379f-dfb1-4f32-ab09-b6d9626cd6cd&hash=B5D0B93B3E817D26686B4BCF21F064DE
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fbffb834c62bf6aa83ed63030701ff34681eb29b5d553b4392c6f02eae1cc8af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
last-modified
Wed, 05 Jun 2024 11:07:23 GMT
content-encoding
br
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5csbqb7q92php8su40000000hu000000000aa8y
content-type
image/jpeg
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=2592000
x-server
CD4
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
WM~o~dzien~o~dziecka~o~2024~o~994x393.jpg
cdn.urw.com/poland/mokotow/-/media/Unibail/Country~o~PL/Mokotow/Home~o~page/Carousel/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.urw.com/poland/mokotow/-/media/Unibail/Country~o~PL/Mokotow/Home~o~page/Carousel/WM~o~dzien~o~dziecka~o~2024~o~994x393.jpg?mh=393&mw=994&revision=1588837c-a01b-457f-a3e7-48f06ea659ba&hash=A6E39C34C45F767CF76EF19C15FDA1CC
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
488c15ab019117a0e95fb630b7af5329f09376f10659cc4e7aaeffad4ec8dacf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
last-modified
Mon, 27 May 2024 19:22:28 GMT
content-encoding
br
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5csbqb7q92php8su40000000hu000000000aa8z
content-type
image/jpeg
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=2592000
x-server
CD1
x-fd-int-roxy-purgeid
63256338
x-xss-protection
1; mode=block
WM~o~kampania~o~maj~o~994x393.jpg
cdn.urw.com/poland/mokotow/-/media/Unibail/Country~o~PL/Mokotow/Home~o~page/Carousel/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.urw.com/poland/mokotow/-/media/Unibail/Country~o~PL/Mokotow/Home~o~page/Carousel/WM~o~kampania~o~maj~o~994x393.jpg?mh=393&mw=994&revision=45d1bc44-4227-4504-8106-6790261e32c4&hash=DCD8D0B1FEBAF9899BF7BF0F8107EA78
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bdabd41bd89652e489902c73ef7c26c826a584e7176cbb0a3c3ee4b117cc69df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
last-modified
Fri, 10 May 2024 11:24:24 GMT
content-encoding
br
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5csbqb7q92php8su40000000hu000000000aa90
content-type
image/jpeg
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=2592000
x-server
CD3
x-fd-int-roxy-purgeid
63256338
x-xss-protection
1; mode=block
WM_23_41_stylista~o~994x393px.jpg
cdn.urw.com/poland/mokotow/-/media/Unibail/Country~o~PL/Mokotow/Home~o~page/Carousel/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.urw.com/poland/mokotow/-/media/Unibail/Country~o~PL/Mokotow/Home~o~page/Carousel/WM_23_41_stylista~o~994x393px.jpg?mh=393&mw=994&revision=8a8dea09-3ff0-4554-adff-9f60f2d2bbc3&hash=29402F8543F04A8F5E2F8BB2C690CB1D
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1cdd14e77e3ec97f7262edb6c74d153696ecfc1fc00cff3a4a02940369ac400c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
last-modified
Tue, 31 Oct 2023 16:17:36 GMT
content-encoding
br
vary
Accept-Encoding
x-azure-ref
20240609T143528Z-175dcb64d5csbqb7q92php8su40000000hu000000000aa91
content-type
image/jpeg
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=2592000
x-server
CD2
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
st3zg2w1t4yrwbetq1pl.jpg
res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/event/3075/event-image/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/event/3075/event-image/st3zg2w1t4yrwbetq1pl.jpg
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
999f2d7f74ad99d1d3c1333772580ddb0f66a18e3631216e93294c5df8f4c3c1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=28;start=2024-06-09T14:35:28.682Z;desc=hit,rtt;dur=20,content-info;desc="width=602,height=582,bytes=126856,o=1,ef=(17);"
content-length
126856
last-modified
Mon, 27 May 2024 14:48:20 GMT
server
cloudflare
etag
"ecac25ef8e3f349a8d093c4e8a6a7c01"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
8911d9303e3e352d-WAW
timing-allow-origin
*
o4qgrrvfzlo4vlosetew.jpg
res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/event/3075/event-image/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/event/3075/event-image/o4qgrrvfzlo4vlosetew.jpg
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
832152ff01adbf6f423cadc96bc251ef73fd17b598f46ade98ff0519465cdb51
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=34;start=2024-06-09T14:35:28.684Z;desc=hit,rtt;dur=20,content-info;desc="width=602,height=582,bytes=84204,o=1,ef=(17);"
content-length
84204
last-modified
Tue, 04 Jun 2024 15:59:02 GMT
server
cloudflare
etag
"928f6d66c5f2f8e652901a570b1476bb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
8911d9303e3f352d-WAW
timing-allow-origin
*
ctpxagqfrktqpcpxec99.jpg
res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/event/3075/event-image/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/event/3075/event-image/ctpxagqfrktqpcpxec99.jpg
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd250666ddd16d18cafdba2730959fce513b62cd5e89355c9f9d0293b96ad17
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=31;start=2024-06-09T14:35:28.696Z;desc=hit,rtt;dur=20,content-info;desc="width=602,height=582,bytes=55685,o=1;"
content-length
55685
last-modified
Tue, 31 Oct 2023 16:13:19 GMT
server
cloudflare
etag
"a2c03419db7d03877c8da397a6aef565"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
8911d9304e5a352d-WAW
timing-allow-origin
*
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809131692400e617b2bca6830799cb095a65057f948eba12c71caa8b1d2be016
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept
application/json
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8911d933d86434ce-WAW
access-control-allow-headers
Content-Type
xfmyb0rmzmswlonei5o7.jpg
res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/service/147/service-image/ 		821 KB
823 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/service/147/service-image/xfmyb0rmzmswlonei5o7.jpg
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef91f742978263c0becbaee148e044dec84577baa8202e0e2fb0955481d79caa
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=19;start=2024-06-09T14:35:28.943Z;desc=hit,rtt;dur=22,content-info;desc="width=1440,height=960,bytes=841063,o=1;"
content-length
841063
last-modified
Mon, 13 Nov 2023 16:09:03 GMT
server
cloudflare
etag
"8d94d2818f2a4c0f3f78137ec97f726d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
8911d931d8d0352d-WAW
timing-allow-origin
*
h0iw5evjukh7wijhzrbi.jpg
res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/service/147/service-image/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/service/147/service-image/h0iw5evjukh7wijhzrbi.jpg
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f7ff732df666e6f3c0a657051183475e2323954d8995bc36f0412f61906341
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=27;start=2024-06-09T14:35:28.945Z;desc=hit,rtt;dur=22,content-info;desc="width=378,height=300,bytes=122587,o=1;"
content-length
122587
last-modified
Mon, 13 Nov 2023 16:34:15 GMT
server
cloudflare
etag
"cc0957b83537a66fb0f45295624b1847"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
8911d931d8d4352d-WAW
timing-allow-origin
*
c09lm6w75cockipp0zvy.jpg
res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/service/147/service-image/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/service/147/service-image/c09lm6w75cockipp0zvy.jpg
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f173b7ebf6bf1d43df287e8ec9d780470feebf5373b48d147c9360da36c84b2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=22;start=2024-06-09T14:35:28.947Z;desc=hit,rtt;dur=22,content-info;desc="width=378,height=300,bytes=91036,o=1;"
content-length
91036
last-modified
Mon, 13 Nov 2023 16:35:18 GMT
server
cloudflare
etag
"dd3aa0863d85d113943181e97700f865"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
8911d931d8d8352d-WAW
timing-allow-origin
*
bp3xd3jserrt5s1nmj56.jpg
res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/service/147/service-image/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/westfielddg/image/upload/westfield-media/pl/service/147/service-image/bp3xd3jserrt5s1nmj56.jpg
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9852b7618d56a931003398dd68c3a23174113cc6a5689ef8b8ce2f8e320c88ac
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:28 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=34;start=2024-06-09T14:35:28.951Z;desc=hit,rtt;dur=22,content-info;desc="width=378,height=300,bytes=120251,o=1;"
content-length
120251
last-modified
Mon, 13 Nov 2023 16:41:03 GMT
server
cloudflare
etag
"8fda4420ba1d46749b05d1e5b82af2e0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
8911d931d8d9352d-WAW
timing-allow-origin
*
9bbad276bcba3185eb0690741f7a9890.css
cdn.goodays.co/sdk/ 		97 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.goodays.co/sdk/9bbad276bcba3185eb0690741f7a9890.css
Requested by
Host: static.critizr.com
URL: https://static.critizr.com/widgets/9bbad276bcba3185eb0690741f7a9890.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
caa5b2bfbc3697a3f9aa1ebe5a0de47e7bc6527e5d0252eb2a2e700cae517571

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
x-amz-version-id
YjwGNCoQI7R_cc8yjrW90TjonmwCaMSZ
last-modified
Tue, 07 Nov 2023 10:38:12 GMT
x-amz-request-id
H46KBA097R77AF9X
etag
"f2b692439c8ce4ca3ed8637f86eba03c"
x-amz-server-side-encryption
AES256
x-azure-ref
20240609T143529Z-175dcb64d5c7j4cdg32dbumfqg00000006hg000000010f90
x-cache
CONFIG_NOCACHE
content-type
text/css
accept-ranges
bytes
content-length
98888
x-amz-id-2
W9OO9c1FLcbM5ciBu638oxFyHtKY5HXFX73/LxjizC/Bws5YHpaKLP8vB3dphSbSoTCmU2nfq/WKGl5RqHH9cw==
config.json
cdn.acsbapp.com/config/westfield.com/ 		163 B
703 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/config/westfield.com/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.11.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61fdda9270941bc6bf0da8aabbd9efaae215e88afbbdf84e40fb332c6882d98d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
content-encoding
br
cf-cache-status
HIT
age
48
x-guploader-uploadid
ABPtcPpFzPMFYGGY0OEm28Wk4K0_2ak7HBT82nYb59XnqjsDTIUW0C83xb5kY1yELT8X09wv4a9h0aSXZA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 20 Feb 2024 15:20:21 GMT
server
cloudflare
etag
W/"5ad6aa0b7a1ac4cec5522197ac703397"
vary
Accept-Encoding
x-goog-hash
crc32c=3oSgVQ==, md5=WtaqC3oaxM7FUiGXrHAzlw==
x-goog-generation
1708442421348107
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
163
cf-ray
8911d9366dd9b194-WAW
expires
Mon, 09 Jun 2025 14:34:41 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202310.1.0/ 		426 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 14:35:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
1/fYiRcAkidM+2Rc1fEXtg==
age
28227
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
104832
x-ms-lease-status
unlocked
last-modified
Thu, 26 Oct 2023 03:35:14 GMT
server
cloudflare
etag
0x8DBD5D490C850BD
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0de3439d-001e-004d-7e08-7cf66f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8911d9344994b224-WAW
gtm.js
www.googletagmanager.com/ 		334 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W65QHWH&l=dataLayer
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6dc88839d07cf6fd288fd10382c12587d30c4fb0284ce38b9141c185bac7de86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106046
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Jun 2024 14:35:29 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8824249&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMH6ZV9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7e918dea6907852319e0c4142076433467d4a0f56cb6d2b9f4ecdd21de8298ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75262
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Jun 2024 14:35:29 GMT
live.js
halc.iadvize.com/static/livechat/96e5cec6897571f9adae4b40fe17daeea8b80932/
Redirect Chain
  • https://halc.iadvize.com/iadvize.js
  • https://halc.iadvize.com/static/livechat/96e5cec6897571f9adae4b40fe17daeea8b80932/live.js
43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halc.iadvize.com/static/livechat/96e5cec6897571f9adae4b40fe17daeea8b80932/live.js
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Server
108.138.26.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-88.fra56.r.cloudfront.net
Software
dcbed160-964a-cd8f-a0a2-77872a18cb8c, AmazonS3 /
Resource Hash
27f389d31117ba175edd19679594986436021bf0585555c7fa02f91f3691aea8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://www.westfield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Thu, 06 Jun 2024 14:04:40 GMT
content-encoding
gzip
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000;
x-amz-version-id
6SVQdTDkak3edaiX9U0A0uxnVXVGe8ZQ
x-amz-cf-pop
FRA56-P7
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
age
261049
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 06 Jun 2024 12:50:37 GMT
server
dcbed160-964a-cd8f-a0a2-77872a18cb8c, AmazonS3
etag
W/"0d21c88e8dfa2c531ac9ceae97121eeb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0p8mCNR1DNxpQ4FQJFS36RmYZac4QBnuC4UOVtU1YrgazGGaCimwaA==

Redirect headers

date
Sun, 09 Jun 2024 14:35:05 GMT
content-encoding
gzip
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000;
x-amz-cf-pop
FRA56-P7
cross-origin-embedder-policy
require-corp
age
24
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
127
server
300862cb-687a-f319-fd53-1eb63a05c258
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://halc.iadvize.com/static/livechat/96e5cec6897571f9adae4b40fe17daeea8b80932/live.js
access-control-allow-origin
*
cache-control
public, max-age=60
x-amz-cf-id
5q4692OrIATs9BrsWkuZYY7aKLuXtm_UPPVU69Oo57LFlMg5ej0BzA==
pl.json
cdn.cookielaw.org/consent/8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd/cd40bf4b-875c-4188-9ff2-8465632ebd09/ 		93 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd/cd40bf4b-875c-4188-9ff2-8465632ebd09/pl.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e815722ae830d3ec5419f9dbc553e1ffcf62c1184cdf28983684714513aa6869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 14:35:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
25844
content-md5
h7ETtsObfGLSLQp4D7jGZg==
content-length
23745
x-ms-lease-status
unlocked
last-modified
Tue, 19 Mar 2024 16:55:52 GMT
server
cloudflare
etag
0x8DC48356FC77EE0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
521d3092-501e-0022-191e-7afc9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8911d934b8b070bd-WAW
expires
Mon, 10 Jun 2024 14:35:29 GMT
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 14:35:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8GHk3hZiMg1r5Cx6Tsv30A==
age
26022
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2626
x-ms-lease-status
unlocked
last-modified
Thu, 26 Oct 2023 03:35:08 GMT
server
cloudflare
etag
0x8DBD5D48D725279
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
17db523a-001e-00a9-3372-79f8f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8911d935293e70bd-WAW
otPcTab.json
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/ 		63 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 14:35:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Mt5VYaL9Mm+9OznjR6m8jw==
age
12466
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13595
x-ms-lease-status
unlocked
last-modified
Thu, 26 Oct 2023 03:35:10 GMT
server
cloudflare
etag
0x8DBD5D48E860A3F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0354bcd3-101e-009a-6c0b-85a75a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8911d935294270bd-WAW
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
26022
x-ms-lease-status
unlocked
last-modified
Thu, 26 Oct 2023 03:35:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
41232f8f-c01e-0052-5334-ac5c9b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8911d935294370bd-WAW
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
26846
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jun 2024 19:38:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f1c839a4-601e-0010-0390-b8778f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8911d93589e770bd-WAW
The_Westfield_Group_logo.svg.png
cdn.cookielaw.org/logos/52823b6c-31fb-4560-a79a-8095db05be2a/a85f3092-67ef-4366-947d-71ff733bcc9b/1e9bbb7b-948c-4e23-8111-c163c69fc4d3/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/52823b6c-31fb-4560-a79a-8095db05be2a/a85f3092-67ef-4366-947d-71ff733bcc9b/1e9bbb7b-948c-4e23-8111-c163c69fc4d3/The_Westfield_Group_logo.svg.png
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c127dc5cd769f77330b34958eb514dd205f35786967684d7943191058cdb995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cxDkhBn4EEdS0ev6qeh8+A==
age
28133
content-length
56861
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 15:15:06 GMT
server
cloudflare
etag
0x8DB217A3B4F6411
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
26a049ee-401e-0001-2372-79665f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8911d9358bb3b224-WAW
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.westfield.com
URL: https://www.westfield.com/poland/mokotow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
28231
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jun 2024 19:38:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d2001200-501e-00b2-4d0d-b9ba13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8911d9358bb9b224-WAW
visitor-context
halc.iadvize.com/api/website/8245/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://halc.iadvize.com/api/website/8245/visitor-context
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-88.fra56.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westfield.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.westfield.com
access-control-max-age
3600
content-length
0
date
Sun, 09 Jun 2024 14:35:30 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
trace-id
0235207a53438325
vary
Origin
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-id
767tnCY9wXaiNvpwIH6kvDxZaPEKk94DXOZ_AP0BdrI_Z-LvDI32Fg==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
visitor-context
halc.iadvize.com/api/website/8245/ 		699 B
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://halc.iadvize.com/api/website/8245/visitor-context
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-88.fra56.r.cloudfront.net
Software
/
Resource Hash
c0d5cec092b9a313178f825834779a37e412c29bae860ba4c4be66b9dfc68ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jun 2024 14:35:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-length
446
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
vary
Origin,Accept-Encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://www.westfield.com
access-control-allow-credentials
true
trace-id
e2637f6251f49217
x-amz-cf-id
z1P_DQhMwuqCM1HSfuamYNVc-Qh9L5EpvNewWWaoVgy8yhu7CKkllg==
fav-icon-westfield.png
cdn.urw.com/-/media/Unibail/Global/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.urw.com/-/media/Unibail/Global/fav-icon-westfield.png?mh=32&mw=32&revision=b5799116-7ade-420a-9ad3-73211639709d&hash=89D7B88C07DA14DE44DCA5EECFD5C81C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
796f34bd94aa7b1ac8a301c70af4a47787158315dc216360e571efecda2b25d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 14:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
last-modified
Tue, 05 Sep 2023 04:17:25 GMT
content-encoding
br
vary
Accept-Encoding
x-azure-ref
20240609T143529Z-175dcb64d5csbqb7q92php8su40000000hu000000000aaef
content-type
image/png
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=2592000
x-server
CD2
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
light-mode.chunk.js
halc.iadvize.com/static/livechat/96e5cec6897571f9adae4b40fe17daeea8b80932/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halc.iadvize.com/static/livechat/96e5cec6897571f9adae4b40fe17daeea8b80932/light-mode.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-88.fra56.r.cloudfront.net
Software
1871d59d-e8fc-aa73-189d-0f791c3bd393, AmazonS3 /
Resource Hash
b63a6f9f3a66e489503891dc7b265b49dfa9f837da8f39ad787418aa15fed646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:04:50 GMT
content-encoding
gzip
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000;
x-amz-version-id
kUQVMsbSD0AyPE0i4RrWJhWWHSb3AEkS
x-amz-cf-pop
FRA56-P7
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
age
261040
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 06 Jun 2024 12:50:37 GMT
server
1871d59d-e8fc-aa73-189d-0f791c3bd393, AmazonS3
etag
W/"4d95ac19f58a5b9ffed8a2b63e874019"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
NKkdTnZgssxu-AvjIztvtoTpSHuzuCAjGGBIOUUbQQqMQpd_36qJqw==
www_js_lib_IframeManager_index_ts-www_js_modules_shared_draggable_draggable_ts.chunk.js
halc.iadvize.com/static/livechat/96e5cec6897571f9adae4b40fe17daeea8b80932/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halc.iadvize.com/static/livechat/96e5cec6897571f9adae4b40fe17daeea8b80932/www_js_lib_IframeManager_index_ts-www_js_modules_shared_draggable_draggable_ts.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-88.fra56.r.cloudfront.net
Software
dcbed160-964a-cd8f-a0a2-77872a18cb8c, AmazonS3 /
Resource Hash
2a4f1b7234c862ea207c0ceeece508ad7587f8d907d654f218220a783bacb5a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:04:45 GMT
content-encoding
gzip
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000;
x-amz-version-id
cDYs7gY9N0n5bpuUYiOHXyi0n5j.uaAJ
x-amz-cf-pop
FRA56-P7
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
age
261045
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 06 Jun 2024 12:50:38 GMT
server
dcbed160-964a-cd8f-a0a2-77872a18cb8c, AmazonS3
etag
W/"7d7732413805ccff297a04a7216f7f59"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
mLW_lepcfieEo0alPnTrhtXzT4v0uTe-6nSr2Ni1g_mGjgJU8Q33cg==
debugLauncher.chunk.js
halc.iadvize.com/static/livechat/96e5cec6897571f9adae4b40fe17daeea8b80932/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halc.iadvize.com/static/livechat/96e5cec6897571f9adae4b40fe17daeea8b80932/debugLauncher.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-88.fra56.r.cloudfront.net
Software
dcbed160-964a-cd8f-a0a2-77872a18cb8c, AmazonS3 /
Resource Hash
144d713a77f933f48903e37bb48cbb3a445bea71659d6688f6865a47f1ae7b75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.westfield.com/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:04:45 GMT
content-encoding
gzip
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000;
x-amz-version-id
KSoth5iL_rWQAGOP8KdeXiWC_UxB4FDr
x-amz-cf-pop
FRA56-P7
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
age
261045
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1591
last-modified
Thu, 06 Jun 2024 12:50:36 GMT
server
dcbed160-964a-cd8f-a0a2-77872a18cb8c, AmazonS3
etag
W/"40d09ae988100b040f25cea8b5d0e68e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pVahx44nWR6F0rq8fMSsfU0a7WUu8WbccBhgTLyWpMLTgjBsn_22YQ==

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| uidEvent object| bootstrap function| gtag object| dataLayer object| OneTrustStub function| OptanonWrapper function| openWidget function| critizrDataLayer undefined| cz object| GoodaysSDK object| CritizrSDK object| webpackChunkOneWestfield function| clearImmediate function| setImmediate object| regeneratorRuntime function| FEAASReactElement object| FEAASLoading function| showSmartAppBanner function| smartAppLoad function| smartBannerOpenCss function| smartBannerCloseCss function| UnibailSmartBannerInit function| onloadReCaptchaCallback function| loadGuageMeter string| gtmContainerId string| storeSIName string| currentPageItemName string| currentPageItemDisplayName string| storeId string| language string| centerId string| connectOptionEmail string| taggingTool string| socialCookieAllowed string| isEuropeanSite string| isMyRewardsEnabled string| myRewardsPage string| languageIso string| loggerCodePermanentSignin string| loggerMsgPermanentSignin string| androidbanner string| itunesbanner string| contextLang string| redirectPage string| profilePage string| serviceDetailPage string| movieDetailPage string| premiumSignupPage string| personalinfoPage string| homePage string| centerPage string| accessPage string| accountInfo string| myInfoPage string| bookingPage string| premiumCodeStart string| code_prem_add_start string| code_prem_iban_start string| code_prem_invalid_credentials_start string| code_BankPremium string| code_RestaurantPremium string| premiumMessageStart string| premiumMessageStartBank string| premiumMessageStartRestaurant string| message_prem_add_start string| message_prem_iban_start string| message_prem_invalid_credentials_start string| TC string| storePage string| searchPage string| storePageName string| restaurantPageName string| bankAssociationPageItemName string| manageCredentialsPageItemName string| gamePageItemName string| pc_code string| loginStatus string| visitorId string| currentPageDisplayName string| destinationQueryString string| emailQueryString string| isPremiumCenter string| hasPremiumScan string| howItWorksPage string| gamePage string| loginPage string| tcInvalidERRORBankorRestaurantCookieName string| tcErrorCookieName string| invalidCredentialsErrorCode string| missingIbanErrorCode string| cashbackRejectedErrorCode string| successMsg string| loyaltyAccountAlreadyAvailable string| loyaltyAccountNotAvailable string| rememberMeCookieExpire string| cookieExpiryMinutes string| cookieOfferOptinExpiryDays string| storeLandingPage string| restaurantLandingPage string| newsDetailPage string| loginType string| isDetailPage string| isNewsPage string| isHomepage string| successmessages string| androidAppId string| itunesAppId string| iTunesAppIconUrl string| selectedLanguageISO string| centerName string| smartAppBannerCTA string| iTunesStore string| androidStore string| smartAppBannerPrice string| isIpLabelEnable string| clobsUrl string| isAppWebView string| googleMapUrl string| defaultImage string| isNewBrandedSite string| urContextSite string| siteUrlPrefix string| mapjs string| deleteAccountSuccess string| luxStoreType string| luxRestaurantType string| newStoreNoOfDays string| storeSearchTitle string| servicesSearchTitle string| filmsSearchTitle string| emailConfPending string| searchNewTag string| searchDistributorDefaultImage string| luxApiKey string| luxApiURL string| region string| key string| value object| webpackChunkwidget object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| AJS object| acsbJS object| AccessiBe object| acsb object| accessWidget string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| google_tag_manager object| google_tag_data string| capi_event_id object| idzCustomData object| iAdvizeInterface object| Optanon object| OneTrust object| webpackChunk_iadvize_core_livechat_app object| iAdvize string| IADVIZE_HOST_ID function| updateConsentFromCMPToiAdvize function| updateConsentFromiAdvizeToCMP function| pure_addEventListener function| pure_removeEventListener

6 Cookies

Domain/Path Name / Value
www.westfield.com/ Name: mokotow#lang
Value: pl-PL
www.westfield.com/ Name: ASP.NET_SessionId
Value: ul2osl1mt2f3gis4mm53hdd5
www.westfield.com/ Name: ASLBSA
Value: 0003089d5e7334a8fc03404c3a1f741caacab474e6d405f722bd5302f174192384a4
www.westfield.com/ Name: ASLBSACORS
Value: 0003089d5e7334a8fc03404c3a1f741caacab474e6d405f722bd5302f174192384a4
.westfield.com/ Name: _gcl_au
Value: 1.1.403814868.1717943729
.westfield.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sun+Jun+09+2024+16%3A35%3A29+GMT%2B0200+(czas+%C5%9Brodkowoeuropejski+letni)&version=202310.1.0&browserGpcFlag=0&isIABGlobal=false&consentId=703801a7-eb39-457c-bcfd-9203e430c443&interactionCount=0&landingPath=https%3A%2F%2Fwww.westfield.com%2Fpoland%2Fmokotow&groups=C1%3A1%2CC3%3A0%2CC2%3A0%2CC4%3A0%2CC5%3A0&hosts=H85%3A1%2CH78%3A1%2CH91%3A1%2CH8%3A1%2CH99%3A0%2CH89%3A0%2CH5%3A0%2CH70%3A0%2CH73%3A0%2CH81%3A0%2CH56%3A0%2CH71%3A0%2CH16%3A0%2CH79%3A0%2CH105%3A0%2CH92%3A0%2CH72%3A0&genVendors=V1%3A0%2C

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
cdn.acsbapp.com
cdn.cookielaw.org
cdn.goodays.co
cdn.jsdelivr.net
cdn.urw.com
geolocation.onetrust.com
halc.iadvize.com
pl.westfield.com
res.cloudinary.com
resourcesurwscth.azureedge.net
static.critizr.com
westfieldmokotow.eu
www.googletagmanager.com
www.westfield.com
104.19.167.65
104.19.177.52
108.138.26.88
13.107.246.45
13.107.246.67
142.250.185.232
151.101.193.229
172.64.155.119
172.67.11.155
188.128.222.10
23.102.51.81
04f7ff732df666e6f3c0a657051183475e2323954d8995bc36f0412f61906341
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0a0d9583c19489fbfa9c3256e40aea71ed3c84d41ccce9b365b8a3b1923c70f0
0e1ae9870327fac60b4e3ea21a0bd782e98de8283958ea189eead930514a5219
0f173b7ebf6bf1d43df287e8ec9d780470feebf5373b48d147c9360da36c84b2
12d7e48c59e1adf493ee40ce8d2d146e1864c0ed69b336613f8e10fa76090af5
144d713a77f933f48903e37bb48cbb3a445bea71659d6688f6865a47f1ae7b75
1cdd14e77e3ec97f7262edb6c74d153696ecfc1fc00cff3a4a02940369ac400c
2763231ca37c277693b7ba9faf0f8e12784b59da54211adb4d1dbcdec2e55ca6
27f389d31117ba175edd19679594986436021bf0585555c7fa02f91f3691aea8
2a4f1b7234c862ea207c0ceeece508ad7587f8d907d654f218220a783bacb5a3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
32164ea776a907de1fb79709ec40dd88e7ba085bf881077884818168111579f3
40c00d311fa3fde13e4cff43e436a923c1dbcf975462922098b132331b4f42df
415a8c98ad0f51599b7ea12ceed0731d211afa1639f16af108b546305445aa37
4844d57b2656d2fbf85ce80f30c85ee35afdc392f1c08626ba8fac08869ce521
488c15ab019117a0e95fb630b7af5329f09376f10659cc4e7aaeffad4ec8dacf
4c127dc5cd769f77330b34958eb514dd205f35786967684d7943191058cdb995
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61fdda9270941bc6bf0da8aabbd9efaae215e88afbbdf84e40fb332c6882d98d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6dc88839d07cf6fd288fd10382c12587d30c4fb0284ce38b9141c185bac7de86
74ed74d59032f6417e0c33919a1d06f8909be390d9d237eb0a9eed09d54b2ef9
796f34bd94aa7b1ac8a301c70af4a47787158315dc216360e571efecda2b25d7
7e918dea6907852319e0c4142076433467d4a0f56cb6d2b9f4ecdd21de8298ec
803ee7936fcb8ecd1c47df5cf6453534a3416a58d7f1659be2da8fa42e35b264
809131692400e617b2bca6830799cb095a65057f948eba12c71caa8b1d2be016
832152ff01adbf6f423cadc96bc251ef73fd17b598f46ade98ff0519465cdb51
8d0034fa3554fea53e6ede47947a93d0584a7e0278fdfdaeaa1009e046b13f41
9852b7618d56a931003398dd68c3a23174113cc6a5689ef8b8ce2f8e320c88ac
999f2d7f74ad99d1d3c1333772580ddb0f66a18e3631216e93294c5df8f4c3c1
b4bd0ee953434a917e3e3eae61ab94b5017db54ad47d4a5ee346bf4a1646067f
b63a6f9f3a66e489503891dc7b265b49dfa9f837da8f39ad787418aa15fed646
bdabd41bd89652e489902c73ef7c26c826a584e7176cbb0a3c3ee4b117cc69df
c0d5cec092b9a313178f825834779a37e412c29bae860ba4c4be66b9dfc68ad8
caa5b2bfbc3697a3f9aa1ebe5a0de47e7bc6527e5d0252eb2a2e700cae517571
d2b3ce9800baa4486de933323d96068951e83f70f7dcf4ea50c8754acb1e026f
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d7951f91ba6f3ac7b1c3f34d956b6cbcf74332f5c0cacb04ac965098da7d10a4
dc45a5763d3c895ea408ee19cfa463ca68157a1eb1c2b16b556ba0f9e427dbf5
e7c4c838b4fa226c28a5c858394e3f419d72d6d10c2935635620ae2d6904ca60
e815722ae830d3ec5419f9dbc553e1ffcf62c1184cdf28983684714513aa6869
e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85
ef91f742978263c0becbaee148e044dec84577baa8202e0e2fb0955481d79caa
f5ed0843159f7a14cc41139796bf2246520d2e2dcd1ab7b21faff47fe366ff85
f60fc85cc3eeb0267e2b47b6168200886d52bf2d58c10f95b6d5bcd957b9d7db
fbffb834c62bf6aa83ed63030701ff34681eb29b5d553b4392c6f02eae1cc8af
fcd250666ddd16d18cafdba2730959fce513b62cd5e89355c9f9d0293b96ad17
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6