probable-zipper.sa.com Open in urlscan Pro
172.67.180.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://probable-zipper.sa.com/
Effective URL:
https://probable-zipper.sa.com/
Submission Tags: @phish_report
Submission: On March 27 via api (March 27th 2024, 1:43:22 am UTC) from FI — Scanned from AU

Summary HTTP 100 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 26 domains to perform 100 HTTP transactions. The main IP is 172.67.180.177, located in United States and belongs to CLOUDFLARENET, US. The main domain is probable-zipper.sa.com.
TLS certificate: Issued by GTS CA 1P5 on March 27th 2024. Valid for: 3 months.

This is the only time probable-zipper.sa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	172.67.180.177 172.67.180.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.186.209.232 195.186.209.232	3303 (SWISSCOM ...) (SWISSCOM Swisscom Switzerland Ltd)
11	108.158.32.35 108.158.32.35	16509 (AMAZON-02) (AMAZON-02)
2	108.158.32.32 108.158.32.32	16509 (AMAZON-02) (AMAZON-02)
14	151.101.130.208 151.101.130.208	54113 (FASTLY) (FASTLY)
12	104.19.177.52 104.19.177.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.198.63.128 23.198.63.128	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	18.67.93.39 18.67.93.39	16509 (AMAZON-02) (AMAZON-02)
1	13.35.147.26 13.35.147.26	16509 (AMAZON-02) (AMAZON-02)
1	35.71.191.239 35.71.191.239	16509 (AMAZON-02) (AMAZON-02)
1	172.67.70.233 172.67.70.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.158.20.52 108.158.20.52	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
2	142.250.66.194 142.250.66.194	15169 (GOOGLE) (GOOGLE)
3	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.64.145.29 172.64.145.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.155.119 172.64.155.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.67.107.130 18.67.107.130	16509 (AMAZON-02) (AMAZON-02)
2	18.67.111.64 18.67.111.64	16509 (AMAZON-02) (AMAZON-02)
2	172.67.69.191 172.67.69.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	108.158.32.55 108.158.32.55	16509 (AMAZON-02) (AMAZON-02)
1 8	15.197.153.132 15.197.153.132	16509 (AMAZON-02) (AMAZON-02)
2	99.83.230.239 99.83.230.239	16509 (AMAZON-02) (AMAZON-02)
1	108.158.32.50 108.158.32.50	16509 (AMAZON-02) (AMAZON-02)
2	172.67.68.225 172.67.68.225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.180.114.1 103.180.114.1	200325 (BUNNYCDN) (BUNNYCDN)
1	3.226.87.76 3.226.87.76	14618 (AMAZON-AES) (AMAZON-AES)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	88.198.62.154 88.198.62.154	24940 (HETZNER-AS) (HETZNER-AS)
1	13.224.181.82 13.224.181.82	16509 (AMAZON-02) (AMAZON-02)
100	31

8 172.67.180.177 (United States)

ASN13335 (CLOUDFLARENET, US)

probable-zipper.sa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.186.209.232 (Switzerland)

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)

rcp.scsstatic.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 108.158.32.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-35.syd3.r.cloudfront.net

cdn.bluewin.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.158.32.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-32.syd3.r.cloudfront.net

cdn-swisscom.push.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.130.208 (United States)

ASN54113 (FASTLY, US)

production-livingdocs-bluewin-ch.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.19.177.52 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.198.63.128 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-63-128.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.67.93.39 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-39.syd62.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.147.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-26.syd1.r.cloudfront.net

cdn.ringier-advertising.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.191.239 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac99c40bc9e28338c.awsglobalaccelerator.com

end.mpod.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.70.233 (United States)

ASN13335 (CLOUDFLARENET, US)

get.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.20.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-52.syd62.r.cloudfront.net

cdn-a.yieldlove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.145.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.skyjs.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qcdn.skyjs.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.155.119 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.107.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-107-130.syd62.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.111.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-64.syd62.r.cloudfront.net

lib.onet.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.69.191 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 108.158.32.55 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-55.syd3.r.cloudfront.net

cdn.cwi.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sgqcvfjvr.onet.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 15.197.153.132 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ae6bee98fe393bd2a.awsglobalaccelerator.com

events.ocdn.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.230.239 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1ef697b048852c56.awsglobalaccelerator.com

cdp.ems.onet.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.32.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-50.syd3.r.cloudfront.net

csr.onet.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.68.225 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.180.114.1 (Australia)

ASN200325 (BUNNYCDN, SI)

bcdn.codevelop.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.87.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-87-76.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.198.62.154 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-62-154.clients.your-server.de

swisscom.push.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.181.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-82.syd1.r.cloudfront.net

push.delivery.ethinking.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	imgix.net production-livingdocs-bluewin-ch.imgix.net — Cisco Umbrella Rank: 988352	136 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 457	274 KB
11	bluewin.ch cdn.bluewin.ch	511 KB
10	onet.pl lib.onet.pl — Cisco Umbrella Rank: 46722 sgqcvfjvr.onet.pl — Cisco Umbrella Rank: 49163 csr.onet.pl — Cisco Umbrella Rank: 40730 Failed cdp.ems.onet.pl — Cisco Umbrella Rank: 61341	154 KB
8	ocdn.eu 1 redirects events.ocdn.eu — Cisco Umbrella Rank: 37666	3 KB
8	sa.com probable-zipper.sa.com	81 KB
6	push.delivery cdn-swisscom.push.delivery swisscom.push.delivery	170 KB
4	skyjs.org cdn.skyjs.org — Cisco Umbrella Rank: 844290 qcdn.skyjs.org — Cisco Umbrella Rank: 988537	157 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 479	119 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3140 collector.brandmetrics.com — Cisco Umbrella Rank: 3758	19 KB
3	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 2229	129 KB
3	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 260	4 KB
2	adnz.co cdn.adnz.co — Cisco Umbrella Rank: 178039 api.adnz.co — Cisco Umbrella Rank: 81828	11 KB
2	cwi.re 1 redirects cdn.cwi.re — Cisco Umbrella Rank: 263350	3 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269	167 KB
1	ethinking.de push.delivery.ethinking.de	22 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1786	201 B
1	codevelop.network bcdn.codevelop.network — Cisco Umbrella Rank: 297163	26 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2224	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 899	315 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 449	1 KB
1	yieldlove.com cdn-a.yieldlove.com — Cisco Umbrella Rank: 24440	139 KB
1	geojs.io get.geojs.io — Cisco Umbrella Rank: 17216	601 B
1	mpod.ch end.mpod.ch — Cisco Umbrella Rank: 128804	303 B
1	ringier-advertising.ch cdn.ringier-advertising.ch — Cisco Umbrella Rank: 214631	121 KB
1	scsstatic.ch rcp.scsstatic.ch — Cisco Umbrella Rank: 462988	4 KB
100	26

	Domain	Requested by
14	production-livingdocs-bluewin-ch.imgix.net	probable-zipper.sa.com
12	cdn.cookielaw.org	rcp.scsstatic.ch cdn.cookielaw.org probable-zipper.sa.com
11	cdn.bluewin.ch	probable-zipper.sa.com cdn.bluewin.ch
8	events.ocdn.eu	1 redirects probable-zipper.sa.com sgqcvfjvr.onet.pl
8	probable-zipper.sa.com	probable-zipper.sa.com
5	sgqcvfjvr.onet.pl	lib.onet.pl
4	swisscom.push.delivery	cdn-swisscom.push.delivery
4	assets.adobedtm.com	rcp.scsstatic.ch assets.adobedtm.com
3	cdn.skyjs.org	cdn.bluewin.ch cdn.skyjs.org
3	cdn.confiant-integrations.net	cdn-a.yieldlove.com cdn.confiant-integrations.net cdn.ringier-advertising.ch
3	sb.scorecardresearch.com	2 redirects probable-zipper.sa.com
2	cdp.ems.onet.pl	sgqcvfjvr.onet.pl
2	cdn.cwi.re	1 redirects probable-zipper.sa.com
2	cdn.brandmetrics.com	cdn.ringier-advertising.ch cdn.brandmetrics.com
2	lib.onet.pl	cdn.ringier-advertising.ch lib.onet.pl
2	securepubads.g.doubleclick.net	cdn-a.yieldlove.com securepubads.g.doubleclick.net
2	cdn-swisscom.push.delivery	probable-zipper.sa.com
1	qcdn.skyjs.org	cdn.skyjs.org
1	push.delivery.ethinking.de
1	api.adnz.co	cdn.adnz.co
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	ping.chartbeat.net	probable-zipper.sa.com
1	bcdn.codevelop.network	cdn.ringier-advertising.ch
1	cdn.adnz.co	cdn.ringier-advertising.ch
1	csr.onet.pl	sgqcvfjvr.onet.pl
1	static.chartbeat.com	probable-zipper.sa.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cdn.jsdelivr.net	cdn-a.yieldlove.com
1	cdn-a.yieldlove.com	cdn.ringier-advertising.ch
1	get.geojs.io	cdn.ringier-advertising.ch
1	end.mpod.ch	probable-zipper.sa.com
1	cdn.ringier-advertising.ch	probable-zipper.sa.com
1	rcp.scsstatic.ch	probable-zipper.sa.com
100	33

This site contains links to these domains. Also see Links.

Domain
www.swisscom.ch
www.mycloud.ch
tv.blue.ch
www.local.ch
www.swisscom.com
community.swisscom.ch
tvair.swisscom.ch
jass.bluewin.ch
twitter.com
www.facebook.com
wa.me
bluewin.ch
www.blueplus.ch
tel.local.ch
shoplocator.swisscom.ch
www.ringier-advertising.ch
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
probable-zipper.sa.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
rcp.production.scsstatic.ch SwissSign RSA TLS OV ICA 2021 - 1	`2023-08-03` - `2024-08-03`	a year	crt.sh
cdn.bluewin.ch Amazon RSA 2048 M02	`2023-06-19` - `2024-07-17`	a year	crt.sh
*.push.delivery Amazon RSA 2048 M02	`2023-10-19` - `2024-11-15`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
cdn.ringier-advertising.ch Amazon RSA 2048 M03	`2023-11-27` - `2024-12-25`	a year	crt.sh
geojs.io E1	`2024-03-11` - `2024-06-09`	3 months	crt.sh
cdn-a.yieldlove.com Amazon RSA 2048 M02	`2023-09-12` - `2024-10-09`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2024-03-16` - `2024-06-14`	3 months	crt.sh
skyjs.org E1	`2024-03-15` - `2024-06-13`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.onet.pl GeoTrust TLS ECC CA G1	`2023-07-11` - `2024-05-14`	10 months	crt.sh
brandmetrics.com GTS CA 1P5	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.ems.onet.pl R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
bcdn.codevelop.network R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2023-05-10` - `2024-06-10`	a year	crt.sh
*.ocdn.eu GeoTrust TLS RSA CA G1	`2023-12-21` - `2024-12-20`	a year	crt.sh
push.delivery.ethinking.de Amazon RSA 2048 M02	`2023-03-30` - `2024-04-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://probable-zipper.sa.com/
Frame ID: 37CF00A6B30A9AE5AA01C342D2C4D7E7
Requests: 98 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ecco chi prenderà il posto che è stato per oltre un decennio di Barbara D’Urso | blue News

Page URL History Show full URLs

http://probable-zipper.sa.com/ HTTP 307
https://probable-zipper.sa.com/ Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

100
Requests

96 %
HTTPS

0 %
IPv6

26
Domains

33
Subdomains

31
IPs

6
Countries

2266 kB
Transfer

6954 kB
Size

14
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: https://www.swisscom.ch/it/clienti-privati.html
Title: Clienti privati

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/business.html
Title: Business

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/chi-siamo.html
Title: Chi Siamo

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/login
Title: My Swisscom

Search URL Search Domain Scan URL

URL: https://www.mycloud.ch/?cid=BW_home_toolbar_icon_claim4
Title: myCloud

Search URL Search Domain Scan URL

URL: https://tv.blue.ch/
Title: TV

Search URL Search Domain Scan URL

URL: https://www.local.ch/it?utm_source=bluewin&utm_medium=partner&utm_content=header
Title: Elenco tel.

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/customer/online/app/MyData?mode=overview
Title: I miei dati

Search URL Search Domain Scan URL

URL: https://www.swisscom.com/bin/scs/portal/sso/?logout=1&SNA=bw_portal&RURL=https://probable-zipper.sa.com/it/index.html
Title: Logout

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/myswisscom?lang=it
Title: MySwisscom

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/clienti-privati/aiuto/stato-rete-servizi.html
Title: Guasti

Search URL Search Domain Scan URL

URL: https://community.swisscom.ch/
Title: Commnity

Search URL Search Domain Scan URL

URL: http://tvair.swisscom.ch/sport
Title: Live TV

Search URL Search Domain Scan URL

URL: https://jass.bluewin.ch/
Title: Jass Fédéral

Search URL Search Domain Scan URL

URL: https://www.local.ch/it?utm_source=bluewin&utm_medium=partner&utm_content=navigation
Title: Elenco tel.

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fprobable-zipper.sa.com%2Fit%2Fspettacolo%2Fmyrta-merlino-le-novit-di-pomeriggio-5-e-il-consiglio-di-maria-de-filippi-1824424.html&text=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fprobable-zipper.sa.com%2Fit%2Fspettacolo%2Fmyrta-merlino-le-novit-di-pomeriggio-5-e-il-consiglio-di-maria-de-filippi-1824424.html

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https%3A%2F%2Fprobable-zipper.sa.com%2Fit%2Fspettacolo%2Fmyrta-merlino-le-novit-di-pomeriggio-5-e-il-consiglio-di-maria-de-filippi-1824424.html

Search URL Search Domain Scan URL

URL: https://bluewin.ch/it/sport-invernali/prima-pensavo-di-essere-visibile-solo-tramite-i-risultati-ora-sono-una-donna-che-sta-bene-2137226.html
Title: Lara Gut-Behrami: «Prima pensavo di essere visibile solo vincendo, mentre adesso...»

Search URL Search Domain Scan URL

URL: https://bluewin.ch/it/attualita/regionali/allerta-arriva-altra-neve-2137287.html
Title: MeteoSvizzera lancia l'allarme 3 per mezzo Ticino per forti nevicate

Search URL Search Domain Scan URL

URL: https://bluewin.ch/it/attualita/diversi/passante-trova-bimbo-di-tre-anni-sui-binari-scampata-la-tragedia-2137540.html
Title: Passante trova un bimbo di tre anni sui binari, tragedia scampata

Search URL Search Domain Scan URL

URL: https://bluewin.ch/it/spettacolo/melissa-satta-parla-dell-ex-matteo-berettini-non-sono-una-bomba-sexy-2137172.html
Title: Melissa Satta parla dell’ex Matteo Berettini e della presunta dipendenza dal sesso

Search URL Search Domain Scan URL

URL: https://bluewin.ch/it/attualita/diversi/il-conducente-fermato-in-austria-per-eccesso-estremo-di-velocita-si-spiega-2137165.html
Title: Il conducente fermato in Austria a 230 km/h spiega perché andava così veloce

Search URL Search Domain Scan URL

URL: https://www.blueplus.ch/it/a-proposito-di-blue
Title: Azienda

Search URL Search Domain Scan URL

URL: https://www.blueplus.ch/it/lavorare-in-blue
Title: Lavorare in blue

Search URL Search Domain Scan URL

URL: https://www.blueplus.ch/it/jobs
Title: Offerte di lavoro

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/clienti-privati/mobile.html
Title: Mobile

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/clienti-privati/internet.html
Title: Internet

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/clienti-privati/tv.html
Title: TV

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/clienti-privati/abbonamento-combinato.html
Title: Abo combinato

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/clienti-privati/prodotti.html
Title: Dispositivi

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/clienti-privati/aiuto/assistenza-supporto.html
Title: Assistenza e supporto

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/clienti-privati/aiuto.html
Title: Aiuto

Search URL Search Domain Scan URL

URL: http://www.swisscom.ch/it/business/start-up/start.html
Title: StartUp

Search URL Search Domain Scan URL

URL: http://www.swisscom.ch/it/business/pmi.html
Title: PMI

Search URL Search Domain Scan URL

URL: http://www.swisscom.ch/it/business/enterprise.html
Title: Enterprise Customers

Search URL Search Domain Scan URL

URL: http://www.swisscom.ch/it/about/azienda.html
Title: L'azienda

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/about/news.html
Title: News

Search URL Search Domain Scan URL

URL: http://www.swisscom.ch/it/about/investitori.html
Title: Investitori

Search URL Search Domain Scan URL

URL: http://www.swisscom.ch/it/about/governance.html
Title: Governance

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/about/carriera.html
Title: Lavoro & carriera

Search URL Search Domain Scan URL

URL: http://www.swisscom.ch/it/mediamitico.html
Title: Mediamitico

Search URL Search Domain Scan URL

URL: http://www.swisscom.ch/it/scuole-in-internet.html
Title: Scuole in Internet

Search URL Search Domain Scan URL

URL: http://www.swisscom.ch/it/about/innovazione.html
Title: Innovazione

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/it/about/sostenibilita.html
Title: Responsabilità

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/login/
Title: Area clienti

Search URL Search Domain Scan URL

URL: https://tel.local.ch/it?utm_source=bluewin&utm_medium=partner&utm_content=footer
Title: Elenco telefonico

Search URL Search Domain Scan URL

URL: http://shoplocator.swisscom.ch/it/locator
Title: Shop Locator

Search URL Search Domain Scan URL

URL: https://www.ringier-advertising.ch/de/brand/blue-news/
Title: Publicità

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: Ulteriori informazioni

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://probable-zipper.sa.com/ HTTP 307
https://probable-zipper.sa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://sb.scorecardresearch.com/b?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1711503791950&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.199.4&cs_fpid=1711503791884_32280826&mp_login=3&mp_tax=432&mp_format=1026&c7=https%3A%2F%2Fprobable-zipper.sa.com%2F&c8=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso%20%7C%20blue%20News&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1711503791950&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.199.4&cs_fpid=1711503791884_32280826&mp_login=3&mp_tax=432&mp_format=1026&c7=https%3A%2F%2Fprobable-zipper.sa.com%2F&c8=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso%20%7C%20blue%20News&c9= HTTP 302
https://end.mpod.ch/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1711503791950&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.199.4&cs_fpid=1711503791884_32280826&mp_login=3&mp_tax=432&mp_format=1026&c7=https%3A%2F%2Fprobable-zipper.sa.com%2F&c8=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso%20%7C%20blue%20News&c9=&cs_rdr_ts=1711503792&cs_rdr_uid=1196734d1507928c4f5a7a41711503792

Request Chain 44

https://cdn.cwi.re/publishers/bluewin.ch-IT/cwire.min.js HTTP 301
https://cdn.cwi.re/artifacts/creatives/creatives-loader/creatives-loader-compat.js

Request Chain 51

https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ts=1711503793232 HTTP 302
https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ts=1711503793232&_ca=1&uuid=202403270243138048107262

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
probable-zipper.sa.com/
Redirect Chain

http://probable-zipper.sa.com/
https://probable-zipper.sa.com/

91 KB
20 KB

718ms
605ms

Document
text/html

172.67.180.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://probable-zipper.sa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

430a3e924b5d799fd6bd50f05f34f399400afd06ff9bc54244d8d216a1a67358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 86abb01e2f59a7e9-SYD
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 27 Mar 2024 01:43:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8b5D0WE5dJG8fPxoHBUSbaTKSNQKkiJtXRwkDe02MrGlfWeVA1K9feJEjOS5fhQabBcuTLPaJrVfFEPX03fuEeHzOwd4nqcDgc8fT8hd1hEW2Xm8hCHPnyKcXUAvZ7rRJl0WYrrByzM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Location: https://probable-zipper.sa.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK datalayer-sync-min.js Show response
rcp.scsstatic.ch/content/dam/swisscomsite/static1httl/cdn/ 7 KB
4 KB 1475ms
291ms Script
application/javascript 195.186.209.232
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://rcp.scsstatic.ch/content/dam/swisscomsite/static1httl/cdn/datalayer-sync-min.js

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

195.186.209.232 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

9c2bdbff042e3c61e76290aa2e8b3e1730ce5dbe7143e24e7f26f124a6ba5901

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 27 Mar 2024 01:43:11 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
age: 0
grace
X-Cache-Status: uncacheable
X-Cache: HIT - 70
Connection: keep-alive
Content-Length: 3613
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=7,8,9,EDGE
Referrer-Policy: origin
Last-Modified: Wed, 27 Mar 2024 01:40:22 GMT
X-TTL: 3600.000
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS, POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Robots-Tag: noindex
X-Cache-Hits: 70

GET
H2 200 styles.css
cdn.bluewin.ch/6.1.34/ 413 KB
52 KB 438ms
6ms Stylesheet
text/css 108.158.32.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluewin.ch/6.1.34/styles.css
Requested by: Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-35.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9432669a6dd405a88204a0114bd50250196d95d93dfa67abaedf1cf0fd35f4e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 09:53:20 GMT
content-encoding: br
via: 1.1 352b1001018ea123117ef28ad154f522.cloudfront.net (CloudFront)
last-modified: Mon, 11 Mar 2024 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
age: 56991
x-amz-server-side-encryption: AES256
etag: W/"43492a5525747f6af7d383ffe14ca25f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: YQ-F8KIu8OxoEeE4R1hS_t1HRzZPUm9_HwTkBX4uWGRKw7bY1shEVw==

GET
H3 200 init_advertising.0333f5d9e6e3704ac591.js Show response
probable-zipper.sa.com/assets/dist/ 42 KB
18 KB 903ms
903ms Script
application/javascript 172.67.180.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://probable-zipper.sa.com/assets/dist/init_advertising.0333f5d9e6e3704ac591.js

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b8380e40488d1ae6b638910b3fe7265594d958ad860b79a4749577c53134fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
Origin: https://probable-zipper.sa.com
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-encoded-content-length: 17944
x-dns-prefetch-control: on
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: 55b93dbfa0bd, 2995e72c9abe
x-encoded-content-encoding: gzip
last-modified: Wed, 06 Dec 2023 12:23:11 GMT
server: cloudflare
etag: W/"a799-18c3f150398"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6QZzqhoFu0ezBPvXpPH9DnkM1oe%2Fj4SIQC1HU7vqIjTZeXuOvroddaBTGryE0bVSQDHkawK0%2B9vFwSSrzRGIT3d0ECrhcufJtwtsWb8RUzGaLZrE25c%2BjbkqF0H5nTy4CFvspJX7GN5"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 86abb024cde9a7e9-SYD
x-cache-hits: 9470351

GET
H2 200 webpush-production.js Show response
cdn-swisscom.push.delivery/bluewin/3.1.2/ 137 KB
137 KB 614ms
3ms Script
application/javascript 108.158.32.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swisscom.push.delivery/bluewin/3.1.2/webpush-production.js?v=5.199.4
Requested by: Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-32.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3451828e75cf4087bc16a1b4185714833a6d85fe359b8c642c47b377c88b20d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: iwn.a85uVQzKY9gBxWUsfKP4bgJTNtPF
date: Mon, 25 Mar 2024 07:57:06 GMT
via: 1.1 998f2e65b8600f6b6ddabdbf7f97c846.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 04:09:53 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
age: 150367
etag: "2824d4d8f69acc93fd2047947cbbb960"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=172800
accept-ranges: bytes
content-length: 140017
x-amz-cf-id: ZNVkXTyFpcUu677zDzYhR3GdqQYADPeyAo6QimpPlDLXCU5wVfga2w==

GET
H3 200 safaripush.js Show response
probable-zipper.sa.com/safaripush/ 32 KB
10 KB 920ms
920ms Script
application/javascript 172.67.180.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://probable-zipper.sa.com/safaripush/safaripush.js

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c1d12de4da3f2ce9fda12c2ecc15797a0e2c793d8cee52702c47c612b0d54bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-encoded-content-length: 9357
x-dns-prefetch-control: on
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: ad0194cb38e4, a7b626095b2c
x-encoded-content-encoding: gzip
last-modified: Wed, 23 Aug 2023 13:28:28 GMT
server: cloudflare
etag: W/"7e2c-18a22950c60"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0TK6fp5EfQtXNXuEYfV8WaeedDh3%2F%2BQhG8ns%2FsFAvFRdxFTX4ddpkpqCF4%2FU2wK%2F2mQny3g2qHHJvRwwlDbbq6nKm74ddxHgWe4Si4d2eawZlcRu4GvGVunDfruZG35dYnBeIOi6R2b"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 86abb02b3de9a7e9-SYD
x-cache-hits: 6553632

GET
H2 200 c99d5c62-f4ac-49d1-9ea6-06df02ba028c.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/ 6 KB
6 KB 319ms
5ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/c99d5c62-f4ac-49d1-9ea6-06df02ba028c.png?w=994&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

0caf16548fb06c5579ad4cf2dbc471c59618254cf4f2c1c5961cfe866dd38405

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:10 GMT
x-content-type-options: nosniff
age: 2354000
x-cache: HIT, HIT
x-imgix-id: d1bd2c1ae6018c21c089f04b7d8f5a9abf6d66f1
cross-origin-resource-policy: cross-origin
content-length: 5651
x-served-by: cache-sjc10064-SJC, cache-syd10162-SYD
x-imgix-render-farm: 02.131592
last-modified: Wed, 28 Feb 2024 19:49:51 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 4c624246-9e3f-46d5-8e2b-714f570430c6.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/ 7 KB
7 KB 318ms
4ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/4c624246-9e3f-46d5-8e2b-714f570430c6.png?w=994&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

7a221c8f9612a16fd7f7370ac3c6bc31339f7dbdf328f1bbb4261d26123d1de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:10 GMT
x-content-type-options: nosniff
age: 1382723
x-cache: HIT, HIT
x-imgix-id: 9774f1e20475d6499ed83b3000ed0a15ed5aa09e
cross-origin-resource-policy: cross-origin
content-length: 6879
x-served-by: cache-sjc10037-SJC, cache-syd10162-SYD
last-modified: Mon, 11 Mar 2024 01:37:47 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 92c7237a-10c0-4ad6-840f-ca1263fd6b8f.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/ 14 KB
14 KB 4ms
3ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/92c7237a-10c0-4ad6-840f-ca1263fd6b8f.png?w=994&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

405a0ef42fed6a6615fbcbb8d72b01eecc229692063a656e4b8b1171673d2456

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:10 GMT
x-content-type-options: nosniff
age: 770267
x-cache: HIT, HIT
x-imgix-id: 79865f8b225e590787052bfbce15c5d1f620a494
cross-origin-resource-policy: cross-origin
content-length: 14305
x-served-by: cache-sjc10051-SJC, cache-syd10162-SYD
last-modified: Mon, 18 Mar 2024 03:45:23 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 185ff123-9d0c-4cc9-bc87-000464f8d38b.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/ 9 KB
9 KB 4ms
4ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/185ff123-9d0c-4cc9-bc87-000464f8d38b.png?w=994&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6351200898e8b79dab49d74ccb927791de5c727d886cadc0304255ec669803c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:10 GMT
x-content-type-options: nosniff
age: 3764743
x-cache: HIT, HIT
x-imgix-id: 5ba1e5c3e2b539a4bce025e7638263ad7ab8b23e
cross-origin-resource-policy: cross-origin
content-length: 9385
x-served-by: cache-sjc1000121-SJC, cache-syd10162-SYD
x-imgix-render-farm: 01.132136
last-modified: Mon, 12 Feb 2024 11:57:27 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dff60eca-f62c-4778-8302-2c4670073f0a.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/ 14 KB
14 KB 4ms
3ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/dff60eca-f62c-4778-8302-2c4670073f0a.png?w=994&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

092fb4b4f56d9a1cb0fd7a8495840462301ae9d2fd861c11ab245a5162791b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:10 GMT
x-content-type-options: nosniff
age: 2437488
x-cache: HIT, HIT
x-imgix-id: 50738ac28d4ee265a0d3590f56c568ac41aaf84f
cross-origin-resource-policy: cross-origin
content-length: 14187
x-served-by: cache-sjc1000136-SJC, cache-syd10162-SYD
x-imgix-render-farm: 02.131592
last-modified: Tue, 27 Feb 2024 20:38:22 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5882c254-82e6-4b96-b1f7-9a69199bf83c.png
production-livingdocs-bluewin-ch.imgix.net/2022/12/21/ 18 KB
19 KB 146ms
145ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2022/12/21/5882c254-82e6-4b96-b1f7-9a69199bf83c.png?w=994&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

751de84056066daada8f0770653a02f8d7f1a29f586943560079087ca28da14b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:12 GMT
x-content-type-options: nosniff
age: 722379
x-cache: HIT, MISS
x-imgix-id: a0b2be0a8f904c8e772979c1a6bbf58cf60af641
cross-origin-resource-policy: cross-origin
content-length: 18714
x-served-by: cache-sjc10026-SJC, cache-syd10162-SYD
last-modified: Mon, 18 Mar 2024 17:03:32 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 email-decode.min.js Show response
probable-zipper.sa.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 5ms
4ms Script
application/javascript 172.67.180.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://probable-zipper.sa.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2024 10:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fc0d6b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VIUrQBGJzsmZRkk%2F7KU%2BhaNKyd%2F%2FSoJppP03KcwMg84SMNspkhCnI4RE%2FWp8V1eJ1XIUlBemS8pSZXXt6AaWU2G4m3OyJePJEcv5Slv7XPse81gHJ9nxi6MREQWtE01Ksk7hIkfAd4d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86abb0240d05a7e9-SYD
expires: Fri, 29 Mar 2024 01:43:10 GMT

GET
H2 200 scripts.js Show response
cdn.bluewin.ch/6.1.34/ 642 KB
165 KB 8ms
7ms Script
application/javascript 108.158.32.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluewin.ch/6.1.34/scripts.js
Requested by: Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-35.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0b5caf4da2469b44bba4d9f46f76ea1840ec1b57aad8ecffb4b65ab6512265a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 23:16:18 GMT
content-encoding: gzip
via: 1.1 352b1001018ea123117ef28ad154f522.cloudfront.net (CloudFront)
last-modified: Mon, 11 Mar 2024 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
age: 8814
x-amz-server-side-encryption: AES256
etag: W/"a5a632dd71b176eeca6e41240226a96d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Sdd6koUByG_lQen8JwwajHPQUFuse1eBVaC_ChvnSFg7iqysKiI5sQ==

GET
H3 200 delivery.f75fe9b71eccfd23b73f.js Show response
probable-zipper.sa.com/assets/dist/ 73 KB
28 KB 1228ms
1227ms Script
application/javascript 172.67.180.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://probable-zipper.sa.com/assets/dist/delivery.f75fe9b71eccfd23b73f.js

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

342d84413606b2c9364ea2cb59915ea807bdf1e0d3380bacc1ed1c5b7c76b3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
Origin: https://probable-zipper.sa.com
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-encoded-content-length: 27526
x-dns-prefetch-control: on
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: ad0194cb38e4, 181cb8414342
x-encoded-content-encoding: gzip
last-modified: Tue, 20 Feb 2024 08:33:10 GMT
server: cloudflare
etag: W/"123e6-18dc5a5bd70"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T1Dllkl5YIGVMUKP%2BqWhqI17dRNTUL0tu37bbNMw0Q09D%2BVUrZFk904ZBtw5QG8B6aRu8DtJ%2Ba9zy3HV1AnjdkiXyQdYWQZlEWGMqBur8Q51XvAK2Z36rluH3f%2FvFv9bepUYOhd%2FAx0U"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 86abb02b4dfba7e9-SYD
x-cache-hits: 3691117

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 342ms
27ms Script
application/javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: rcp.scsstatic.ch
URL: https://rcp.scsstatic.ch/content/dam/swisscomsite/static1httl/cdn/datalayer-sync-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Pg1MHDpg+UGdovxhidM4Kg==
age: 24572
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6839
x-ms-lease-status: unlocked
last-modified: Mon, 25 Mar 2024 19:35:31 GMT
server: cloudflare
etag: 0x8DC4D02BBED1BE7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 051912c6-f01e-0066-7c97-7f76a3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86abb02d4ac55521-SYD

GET
H2 200 launch-5c478d1148ab.min.js Show response
assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/ 352 KB
106 KB 318ms
3ms Script
application/x-javascript 23.198.63.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/launch-5c478d1148ab.min.js
Requested by: Host: rcp.scsstatic.ch
URL: https://rcp.scsstatic.ch/content/dam/swisscomsite/static1httl/cdn/datalayer-sync-min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-63-128.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 987fe16a06480857707ae20da4ad1207a246d68f87c400f5c06af8eb6d910317

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:12 GMT
content-encoding: gzip
last-modified: Tue, 17 Oct 2023 19:59:31 GMT
server: AkamaiNetStorage
etag: "042bb880d57ae26662fc21cae6477cad:1697572771.785707"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://probable-zipper.sa.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 107996
expires: Wed, 27 Mar 2024 02:43:12 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 20ms
3ms Script
application/javascript 18.67.93.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-39.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 06:28:04 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 69308
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: G6oBIk7vnjTS9EHnOG_OAPY6e39Vd1X7ihwHKnTZg1EoNYebL-tTrw==

GET
H2 200 TheSansB_500_.d7955bec1417e0168f42adfe7ceaf8b5.woff2
cdn.bluewin.ch/6.1.34/ 51 KB
51 KB 1341ms
1034ms Font
font/woff2 108.158.32.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluewin.ch/6.1.34/TheSansB_500_.d7955bec1417e0168f42adfe7ceaf8b5.woff2
Requested by: Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.34/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-35.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6010e95e45ae8c7c0064724e1ea3ac9495ae55a6241633446db052364c06f5f3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdn.bluewin.ch/6.1.34/styles.css
Origin: https://probable-zipper.sa.com
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
via: 1.1 6a4dfdcfcfb0f1ec6c6b93f91e56563a.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 52044
last-modified: Mon, 11 Mar 2024 16:26:03 GMT
server: AmazonS3
etag: "d7955bec1417e0168f42adfe7ceaf8b5"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: qcFMflhR1dWbR-JDz2ie89s9KkPq9t_G5r02CnQEyiaXILuUF9cGeg==

GET
H2 200 sdx-icons.1f2718c892af58d0486a4216e56eb717.woff2
cdn.bluewin.ch/6.1.34/ 20 KB
21 KB 1356ms
1048ms Font
font/woff2 108.158.32.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluewin.ch/6.1.34/sdx-icons.1f2718c892af58d0486a4216e56eb717.woff2
Requested by: Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.34/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-35.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6f337768e0e2b4df4002bb6a9a7d63198338ff583e49f78611a3f91dc7d8b8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdn.bluewin.ch/6.1.34/styles.css
Origin: https://probable-zipper.sa.com
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
via: 1.1 6a4dfdcfcfb0f1ec6c6b93f91e56563a.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 20772
last-modified: Mon, 11 Mar 2024 16:26:10 GMT
server: AmazonS3
etag: "1f2718c892af58d0486a4216e56eb717"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: 96msRYhpud2tBtrkoJQ4K3vwqZe0t1T4BvVsCKL1KdxauLS_55HGAw==

GET
H2 200 TheSansB_600_.a54202ef3bf0e3da19bca052e636ca9c.woff2
cdn.bluewin.ch/6.1.34/ 54 KB
54 KB 1341ms
1034ms Font
font/woff2 108.158.32.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluewin.ch/6.1.34/TheSansB_600_.a54202ef3bf0e3da19bca052e636ca9c.woff2
Requested by: Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.34/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-35.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e39a8bb7dc50616b9f41997f90bbb8330be6eb35bb973995618c38a0e3c21f4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdn.bluewin.ch/6.1.34/styles.css
Origin: https://probable-zipper.sa.com
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
via: 1.1 6a4dfdcfcfb0f1ec6c6b93f91e56563a.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 55008
last-modified: Mon, 11 Mar 2024 16:26:03 GMT
server: AmazonS3
etag: "a54202ef3bf0e3da19bca052e636ca9c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: AtnEbndgl8Qr23zkth660rgcOCdrsIbTw2_xV6DzjUtVR7rDVLspvw==

GET
H2 200 TheSansB_700_.7dac4ba6f5bfb4ba199e7fe3454a6780.woff2
cdn.bluewin.ch/6.1.34/ 48 KB
49 KB 1362ms
1054ms Font
font/woff2 108.158.32.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluewin.ch/6.1.34/TheSansB_700_.7dac4ba6f5bfb4ba199e7fe3454a6780.woff2
Requested by: Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.34/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-35.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09525fb3b4747dfbceaa9401af3c089fae3aa045934b77ec444cfe62c0efd3da

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdn.bluewin.ch/6.1.34/styles.css
Origin: https://probable-zipper.sa.com
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
via: 1.1 6a4dfdcfcfb0f1ec6c6b93f91e56563a.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 49592
last-modified: Mon, 11 Mar 2024 16:26:03 GMT
server: AmazonS3
etag: "7dac4ba6f5bfb4ba199e7fe3454a6780"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: QKG3GrPuR3C20vsOmqkf-5wK05U4IYt549jt42HaOc6tHjmkGM_MPg==

GET
H2 200 TheSansB_400_.4f0d59a18ca1c88dcfbbce6510b21da5.woff2
cdn.bluewin.ch/6.1.34/ 50 KB
50 KB 1338ms
1032ms Font
font/woff2 108.158.32.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluewin.ch/6.1.34/TheSansB_400_.4f0d59a18ca1c88dcfbbce6510b21da5.woff2
Requested by: Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.34/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-35.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0cc4ee9dc83925f474ab0b5ed3a5395038c979e157d4bae8e67225f1b0922d8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdn.bluewin.ch/6.1.34/styles.css
Origin: https://probable-zipper.sa.com
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
via: 1.1 6a4dfdcfcfb0f1ec6c6b93f91e56563a.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 50708
last-modified: Mon, 11 Mar 2024 16:26:03 GMT
server: AmazonS3
etag: "4f0d59a18ca1c88dcfbbce6510b21da5"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: LGJI7xD0IuVGo5_qRhEO-NkkiDPg3s151srDgORCoILodJOhaZ9JNA==

GET
H2 200 TheSansB_400i.33ba31da9b75b8d3eb8f86d6d8b2ca57.woff2
cdn.bluewin.ch/6.1.34/ 49 KB
49 KB 1374ms
1068ms Font
font/woff2 108.158.32.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluewin.ch/6.1.34/TheSansB_400i.33ba31da9b75b8d3eb8f86d6d8b2ca57.woff2
Requested by: Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.34/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-35.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d210ae97241d56e7785760f06e1f93cb44693f79dc4ba351f3aa695400f9e8f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdn.bluewin.ch/6.1.34/styles.css
Origin: https://probable-zipper.sa.com
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
via: 1.1 6a4dfdcfcfb0f1ec6c6b93f91e56563a.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 50052
last-modified: Mon, 11 Mar 2024 16:26:03 GMT
server: AmazonS3
etag: "33ba31da9b75b8d3eb8f86d6d8b2ca57"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: Z8lyH2rx_ClC1yX7WS8jBb4aAgr1TEJ-DN6wLgSvYIVUl9ESnxbGCA==

GET
H2 200 atm.js Show response
cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/ 560 KB
121 KB 430ms
7ms Script
application/javascript 13.35.147.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Requested by: Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/assets/dist/init_advertising.0333f5d9e6e3704ac591.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-26.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89edb02111cfd8adf8830224f33a01ae87fe644a8626698e5fe9095b0f356c58

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: WsW4nHgTP0hBa3QJi6HgmmWZ6Gq68T0v
content-encoding: gzip
via: 1.1 56e3030ee748cd5ccc335e8eb40c7800.cloudfront.net (CloudFront)
date: Wed, 27 Mar 2024 01:33:36 GMT
last-modified: Tue, 05 Mar 2024 10:17:00 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C1
age: 577
x-amz-server-side-encryption: AES256
etag: W/"1f424d6eb2f908b1dc6ba015be25a707"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=900
x-amz-cf-id: 9vZLsPuIo1lrbe3FX7Kls2rVHAeGET2FChp7EXgHxvvZ0FP4MdhIRA==

GET
H2 200 li-icons.9e8640181583ce45efe867eac3c03c3b.woff
cdn.bluewin.ch/6.1.34/ 2 KB
3 KB 1292ms
1032ms Font
font/woff 108.158.32.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluewin.ch/6.1.34/li-icons.9e8640181583ce45efe867eac3c03c3b.woff
Requested by: Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.34/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-35.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2267e82969e7da8b2fee71c9a5699c507c30dcdb91c732a45298ec2b4b8c8459

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdn.bluewin.ch/6.1.34/styles.css
Origin: https://probable-zipper.sa.com
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
via: 1.1 6a4dfdcfcfb0f1ec6c6b93f91e56563a.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2236
last-modified: Mon, 11 Mar 2024 16:26:09 GMT
server: AmazonS3
etag: "9e8640181583ce45efe867eac3c03c3b"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: MSKvaD4uI0Y40lfXG7g2vygTVEdafleForSrUX4gMaktj6vpMjTCZw==

GET
H2

200

b2
end.mpod.ch/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1711503791950&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.199.4&cs_fpid=1711503791884_32280826...
https://sb.scorecardresearch.com/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1711503791950&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.199.4&cs_fpid=1711503791884_3228082...
https://end.mpod.ch/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1711503791950&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.199.4&cs_fpid=1711503791884_32280826&mp_login=3&...

43 B
303 B

759ms
249ms

Image
image/gif

35.71.191.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://end.mpod.ch/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1711503791950&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.199.4&cs_fpid=1711503791884_32280826&mp_login=3&mp_tax=432&mp_format=1026&c7=https%3A%2F%2Fprobable-zipper.sa.com%2F&c8=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso%20%7C%20blue%20News&c9=&cs_rdr_ts=1711503792&cs_rdr_uid=1196734d1507928c4f5a7a41711503792

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Server

35.71.191.239 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ac99c40bc9e28338c.awsglobalaccelerator.com

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://probable-zipper.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 27 Mar 2024 01:43:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 20 Jul 2018 07:27:02 GMT
server: nginx
x-permitted-cross-domain-policies: master-only
etag: "5b518ec6-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 27 Mar 2024 01:43:12 GMT
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: SYD62-P1
x-cache: Miss from cloudfront
location: https://end.mpod.ch/b2?c1=2&c2=17584446&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1711503791950&ns_c=UTF-8&mp_brand=blue%20News&ns_site=bluewin.ch&mp_v=5.199.4&cs_fpid=1711503791884_32280826&mp_login=3&mp_tax=432&mp_format=1026&c7=https%3A%2F%2Fprobable-zipper.sa.com%2F&c8=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso%20%7C%20blue%20News&c9=&cs_rdr_ts=1711503792&cs_rdr_uid=1196734d1507928c4f5a7a41711503792
content-length: 0
x-amz-cf-id: bU2tfBAT9naMtKgzgG08bUUbivdhnei5NWFFw-QYJNMjgc3QYACRLg==

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 2ms
2ms Script
application/x-javascript 23.198.63.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/launch-5c478d1148ab.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-63-128.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:12 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://probable-zipper.sa.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Wed, 27 Mar 2024 02:43:12 GMT

GET
H2 200 e038ef37-dafe-47b6-a008-7d96f3a80149.json Show response
cdn.cookielaw.org/consent/e038ef37-dafe-47b6-a008-7d96f3a80149/ 4 KB
2 KB 618ms
312ms XHR
application/x-javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e038ef37-dafe-47b6-a008-7d96f3a80149/e038ef37-dafe-47b6-a008-7d96f3a80149.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b462a4d73579b858a23aca5c23b3e4e70f5206852c6de99c73ef4ed6748fcc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: mjreC4YQ7F9pbx1xmGQ9Ug==
content-length: 1634
x-ms-lease-status: unlocked
last-modified: Mon, 04 Mar 2024 12:40:41 GMT
server: cloudflare
etag: 0x8DC3C484D43253B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9fe0aca0-d01e-004e-4946-7e170b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86abb02f8ba5a894-SYD
expires: Thu, 28 Mar 2024 01:43:12 GMT

GET
H3 200 country Show response
get.geojs.io/v1/ip/ 3 B
601 B 261ms
245ms XHR
text/plain 172.67.70.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.geojs.io/v1/ip/country

Requested by

Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f071b3ac1df8010de1188b5b2242440baec2a80d1c19849d9514f1622c0d1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: df93c4aeaf15f58e27ca342c75eda27a-NYC
x-geojs-location: NYC
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6lN5cN6z1K%2FCljQPh4xh9bdrjv7%2BwL55tIHsNNYOTd6N%2FfGoXl6VZZtdglESBcgjvYtR%2BcJNeWgBbT%2F1jAqA%2FsqJCgVQ61KMGqx8NYovsV5ILhQ2FcFdGU0UE7Sag%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
cf-ray: 86abb02eadabab01-SYD

GET
H2 200 yieldlove.js Show response
cdn-a.yieldlove.com/v2/ 434 KB
139 KB 37ms
16ms Script
application/javascript 108.158.20.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?bluewin.it
Requested by: Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-52.syd62.r.cloudfront.net
Software: / Express
Resource Hash: 7ecfaafc0101fac594b8c7043c42078edf52c2be4e995c9675750ee446058eea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 23:04:44 GMT
content-encoding: gzip
via: 1.1 505047c0efc37a1900f1288c6f749f90.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P3
age: 9508
x-powered-by: Express
etag: "6c965-goIyCp5DXujIY5feZabBsUBIH8s"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800, stale-while-revalidate=2592000
x-amz-cf-id: Fo9qeGj87pkH940nxfipoZ-9LzVoOkq_979TY3xP-zM4YrtVjOEuog==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 312ms
1ms Fetch
application/json 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?bluewin.it

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7cfbe6726ad9f6e3fbe5d85b2ecfc3292ae7f866495ffc5a733165f48d7c0c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 27 Mar 2024 01:43:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 34943
x-jsd-version: 1.0.2007
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 863
x-served-by: cache-fra-eddf8230103-FRA, cache-syd10142-SYD
x-jsd-version-type: version
etag: W/"638-wgixfP2AuYnpnILXPyi5aG8wWGg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 695ms
283ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?bluewin.it

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

9336d4444945f9d00eba7ab5c6053dc8136134a83d2c0ee1ca7daa74db3a3654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29043
x-xss-protection: 0
server: cafe
etag: 577 / 19809 / m202403210101 / config-hash: 3040668237781179557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 01:43:13 GMT

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/QfxfXXboPJMmkDPTNAYvCKyk4f4/gpt_and_prebid/ 86 KB
19 KB 228ms
19ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/QfxfXXboPJMmkDPTNAYvCKyk4f4/gpt_and_prebid/config.js
Requested by: Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?bluewin.it
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7550422be924155591b0f7f7cbd4d801ec2dfce10c940671859d680376f28953

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Mar 2024 23:54:33 GMT
server: cloudflare
x-amz-request-id: PS0HYPPW0GVC2VV9
age: 276
etag: W/"c69c86de54ef3b6209209500efa6a4ff"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 86abb0321b56dfb5-SYD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: a8igheDCLrNiur9n8l+QJ/L915/gPM21th2cIG7QHm1mJBubUTNzGXmCKr6HAkGs++vkp2bCzMY2uvmanMx8QA==

GET
H2 200 4fcacb20-a517-40e9-bc24-f5257d178456.jpeg
production-livingdocs-bluewin-ch.imgix.net/2023/07/24/ 27 KB
27 KB 151ms
151ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2023/07/24/4fcacb20-a517-40e9-bc24-f5257d178456.jpeg?w=994&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

2ad7bfdfb7306f713b6e9e7525086e2e25b3e31a4b221b24559f56e1d5d924b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:12 GMT
x-content-type-options: nosniff
age: 1860586
x-cache: HIT, MISS
x-imgix-id: 6c347f9eaa4f1da7b0ae6119a08408fc2030b15b
cross-origin-resource-policy: cross-origin
content-length: 27414
x-served-by: cache-sjc10049-SJC, cache-syd10162-SYD
x-imgix-render-farm: 02.131592
last-modified: Tue, 05 Mar 2024 12:53:26 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 974f2722-6fb0-483a-96ce-36959899f774.jpeg
production-livingdocs-bluewin-ch.imgix.net/2023/07/13/ 5 KB
5 KB 152ms
152ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2023/07/13/974f2722-6fb0-483a-96ce-36959899f774.jpeg?rect=0%2C0%2C5055%2C2843&w=320&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

bd9d3ffc9736c7e3c1fb20ce6d52b18332b65bea12b7502e57d6e4fa1158dd17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:12 GMT
x-content-type-options: nosniff
age: 601970
x-cache: HIT, MISS
x-imgix-id: 60732a137a60567162d74b08ee627ea7019125bb
cross-origin-resource-policy: cross-origin
content-length: 4828
x-served-by: cache-sjc1000102-SJC, cache-syd10162-SYD
last-modified: Wed, 20 Mar 2024 02:30:22 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 int.min.js Show response
cdn.skyjs.org/bluewin.ch/ 2 KB
2 KB 742ms
314ms Script
text/javascript 172.64.145.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.skyjs.org/bluewin.ch/int.min.js

Requested by

Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.34/scripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.145.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17492240142c475ee2fd7dc3d3d5eca157c49291f29870bbda35552fa2964047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
Origin: https://probable-zipper.sa.com
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-amz-request-id: tx00000f55c6ef1b981b5c4-006602aca4-53d07898-ams3c
x-envoy-upstream-healthchecked-cluster
content-length: 1069
last-modified: Tue, 24 Oct 2023 08:18:12 GMT
server: cloudflare
etag: "7c87929ec782a92ef61cbc2ddd395d8a"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-do-cdn-uuid: 095c611b-18ef-4310-966e-1acbe2ac0e74
x-rgw-object-type: Normal
cache-control: max-age=600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 86abb033d821a7f9-SYD

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 77 B
315 B 372ms
57ms XHR
application/json 172.64.155.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: application/json
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 86abb0337e10574b-SYD
access-control-allow-headers: Content-Type

GET
H2 200 cebd3848-227a-40bd-9ff1-97de910948f7.jpeg
production-livingdocs-bluewin-ch.imgix.net/2023/07/12/ 6 KB
6 KB 153ms
152ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2023/07/12/cebd3848-227a-40bd-9ff1-97de910948f7.jpeg?rect=0%2C0%2C1024%2C576&w=320&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

4b78109364df631af1bbf9704e42ad1fdf1499824c1a30fc496b86f8a0197e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
x-content-type-options: nosniff
age: 1265941
x-cache: HIT, MISS
x-imgix-id: 3cc374b920edc2282ba52130a148a3350a9007ab
cross-origin-resource-policy: cross-origin
content-length: 6486
x-served-by: cache-sjc1000123-SJC, cache-syd10162-SYD
last-modified: Tue, 12 Mar 2024 10:04:11 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 06a00c57-b5ee-4052-84e2-f3fbc536f272.jpeg
production-livingdocs-bluewin-ch.imgix.net/2023/07/05/ 7 KB
7 KB 159ms
158ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2023/07/05/06a00c57-b5ee-4052-84e2-f3fbc536f272.jpeg?rect=0%2C0%2C1024%2C576&w=320&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e9474c8b3065f1108c49da7fd86609e9a7da32aad79f99ef021590b7b626be78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
x-content-type-options: nosniff
age: 1581133
x-cache: HIT, MISS
x-imgix-id: c54137856ec6c025563048e84862c36da424b691
cross-origin-resource-policy: cross-origin
content-length: 7238
x-served-by: cache-sjc1000128-SJC, cache-syd10162-SYD
last-modified: Fri, 08 Mar 2024 18:31:00 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 79fe8117-ae66-4ff2-af8b-1466433b190f.jpeg
production-livingdocs-bluewin-ch.imgix.net/2023/07/03/ 5 KB
5 KB 364ms
364ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2023/07/03/79fe8117-ae66-4ff2-af8b-1466433b190f.jpeg?rect=0%2C19%2C1024%2C576&w=320&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

ae1be274467120417ab21b0c604659aeb3661d63190a9b2612bac20186ce611a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS, MISS
x-imgix-id: fccabb75e0452528a1c41508311f593e2d47f7fc
cross-origin-resource-policy: cross-origin
content-length: 4674
x-served-by: cache-sjc10027-SJC, cache-syd10162-SYD
last-modified: Wed, 27 Mar 2024 01:43:13 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202403121239/ 284 KB
87 KB 32ms
31ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202403121239/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/QfxfXXboPJMmkDPTNAYvCKyk4f4/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b914de15dd75628895223bfe09012e3687598bca4dbaa34a97234f6a8826e9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Mar 2024 16:41:24 GMT
server: cloudflare
x-amz-request-id: GQ6VA9WHGNMRYCVS
age: 1238692
etag: W/"c1e08625d829bb0007d3c12ed83ad1cb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 86abb0324b85dfb5-SYD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: aZT+8Y+lgiq6yrhdY06RfkbBVd38cpdxgKRYuo7cVhCWm024QeBt9zP/zgM30Jm3FTk6DG1G5t8=

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 323ms
2ms Script
application/x-javascript 18.67.107.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/assets/dist/delivery.f75fe9b71eccfd23b73f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.107.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-107-130.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 22:05:53 GMT
content-encoding: gzip
via: 1.1 b96ad58427ffff8b9d3959350f8c9f16.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
age: 13040
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: RhCsFlzqMnozFuAP1nAXounLJCkKJVX9gtFl5q7mLfHjs2s6TQmORw==
expires: Wed, 27 Mar 2024 22:05:53 GMT

GET
H2 200 dl.boot.min.js Show response
lib.onet.pl/s.csr/build/dlApi/ 13 KB
5 KB 15ms
3ms Script
application/javascript 18.67.111.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Requested by: Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-64.syd62.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 7172c762ffa285abc88263e0c8ec5db3768a4dddab67160430201b3b7cfbcf4e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:34:52 GMT
content-encoding: br
via: 1.1 c9801432acaf39452e5421e7eeabc4b0.cloudfront.net (CloudFront)
server: Ring Publishing - Accelerator
x-amz-cf-pop: SYD62-P2
age: 501
etag: "59f9282cd2c16391c490fa7049e4890de83da64c"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 4823
x-amz-cf-id: clI-CRcIuSe4mf-MSAYbvObZ1_L0avJUhjaXjDYCkIpR-XIUM9bHdg==

GET
H2 200 e292d913c9cb419a9c6208ba3e231a7a.js Show response
cdn.brandmetrics.com/survey/script/ 4 KB
2 KB 593ms
276ms Script
text/javascript 172.67.69.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/survey/script/e292d913c9cb419a9c6208ba3e231a7a.js
Requested by: Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5445e6290f97006b4f6bede86c144109c06e1c3da4075a4a2cea15ffc18e1169

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 26 Mar 2024 23:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JHO4qWpVgMBcrXY%2BexgnFOMC7kKy6ethLeMdF5%2FanGVxvm62Avyfu44cSU1V8kTc2mAeT4Rca%2FGLYIhoKpTZm%2F3M0IHWVPGcDtreG4EaOH7JsNi8yjHaWracGc4Fj05hvmqKvXkP"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 86abb0355fa05557-SYD
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2

200

creatives-loader-compat.js Show response
cdn.cwi.re/artifacts/creatives/creatives-loader/
Redirect Chain

https://cdn.cwi.re/publishers/bluewin.ch-IT/cwire.min.js
https://cdn.cwi.re/artifacts/creatives/creatives-loader/creatives-loader-compat.js

4 KB
3 KB

3ms
2ms

Script
text/javascript

108.158.32.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cwi.re/artifacts/creatives/creatives-loader/creatives-loader-compat.js

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Server

108.158.32.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-158-32-55.syd3.r.cloudfront.net

Software

Resource Hash

61060bc5f50e51d7bd496f3aa1c767bc3cda67987b059dab79883f449d2126ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://probable-zipper.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 99d08a30eb552b5891a16e6c0ba4a4ea.cloudfront.net (CloudFront)
date: Wed, 27 Mar 2024 01:31:32 GMT
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
x-amz-cf-pop: SYD3-P2
age: 702
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
reporting-endpoints: default="https://reports.cwi.re/re_nginx"
last-modified: Thu, 07 Dec 2023 15:55:19 GMT
etag: W/"2ba4a7059fc397a51762f1e9fbc86673"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/reports.cwi.re\/nginx"}],"group":"default","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cache-control: public, max-age=3600, stale-while-revalidate=300, s-maxage=600
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: vRPh_0l_FIMDZKmS0lLFL64_00HvsTQP4wT7efEajtFU-Nci9w3zzQ==

Redirect headers

date: Wed, 27 Mar 2024 01:43:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 99d08a30eb552b5891a16e6c0ba4a4ea.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
x-amz-cf-pop: SYD3-P2
x-cache: Miss from cloudfront
content-length: 162
reporting-endpoints: default="https://reports.cwi.re/re_nginx"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/reports.cwi.re\/nginx"}],"group":"default","max_age":604800}
content-type: text/html
location: https://cdn.cwi.re/artifacts/creatives/creatives-loader/creatives-loader-compat.js
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=300, s-maxage=600
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: 3_ew6Xj-4iGC4_OMjYKi52n9NMUzk2PylHyNHLs7v4iG7lSM8Yu_Rw==

GET
H2 200 YnVpbGQvezlza2x0NDA0fWRsQXBpL2RsLmxpYntOTWFzXzQwNH0ubWluLmpz Show response
sgqcvfjvr.onet.pl/ 324 KB
95 KB 20ms
8ms Script
application/javascript 108.158.32.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0NDA0fWRsQXBpL2RsLmxpYntOTWFzXzQwNH0ubWluLmpz
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-55.syd3.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 98a1b38b4834390ea4677f618f3c27537ef2ede47494dabd0e3b578387b41a93

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:36:31 GMT
content-encoding: br
via: 1.1 35e7be28d84a15b9277bceb653af4b4c.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
age: 402
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 96820
last-modified: Tue, 26 Mar 2024 13:03:10 GMT
server: Ring Publishing - Accelerator
etag: "68df0fb5241899d0f441063aecff28d1195191f4e986432c85420c8e578c9597"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: o6DvgKMsoWP6vi35QCsCT2Z_atebNrraInWd9LYJq30WY9fuPFscSg==

GET
H2 200 dl.aureus.min.js Show response
sgqcvfjvr.onet.pl/build/dlApi/ 2 KB
1 KB 16ms
4ms Script
application/javascript 108.158.32.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/build/dlApi/dl.aureus.min.js?4&077ac16f633bc13fc61ba37e0e5dadf0
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-55.syd3.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: aaae4aa9532a0d29d75f501420392cf81e7e0277e6ba096053eadadcb28ba53e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:42:48 GMT
content-encoding: br
via: 1.1 35e7be28d84a15b9277bceb653af4b4c.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
age: 25
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 896
last-modified: Tue, 26 Mar 2024 13:03:00 GMT
server: Ring Publishing - Accelerator
etag: "077ac16f633bc13fc61ba37e0e5dadf0"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3NmKq5KRKJPJDi9mZH2MT95vAlpB2ksZ-2rQd2miPmhgxQ1Vuqxawg==

GET
H2 200 clickmap.min.js Show response
sgqcvfjvr.onet.pl/simetra/clickmap/5.1.0/ 2 KB
2 KB 17ms
5ms Script
application/javascript 108.158.32.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/simetra/clickmap/5.1.0/clickmap.min.js?d11d55f7ee49bd223b694aa45e565e1b
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-55.syd3.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 5624e381bd10235ab37d989a5d19eb7b266c16b3db3c191d9a2990651c1d5e3c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:31:27 GMT
x-amz-version-id: CeiDLTDx9SUhptl7BsYtzZJYkoPWMhXc
content-encoding: br
via: 1.1 35e7be28d84a15b9277bceb653af4b4c.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
age: 706
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1058
last-modified: Thu, 16 Nov 2023 10:54:17 GMT
server: Ring Publishing - Accelerator
etag: "d11d55f7ee49bd223b694aa45e565e1b"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: HZfa9NYn41VrWhPfAEv3NUP5rGG41sRjyjYguadBWLJt_00eXtSw0w==

GET
H2 200 dl.cmp.min.js Show response
sgqcvfjvr.onet.pl/build/dlApi/ 140 KB
35 KB 17ms
5ms Script
application/javascript 108.158.32.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/build/dlApi/dl.cmp.min.js?4&add404518c39e22e7988e1fb3f911f6a
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-55.syd3.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 10de890ff4c22930ca4857fecab07ed69fa8141860a641f8b51bce27ec111663

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:37:23 GMT
content-encoding: br
via: 1.1 35e7be28d84a15b9277bceb653af4b4c.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
age: 350
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 35656
last-modified: Tue, 26 Mar 2024 13:03:11 GMT
server: Ring Publishing - Accelerator
etag: "9242b36cb1d370b241b4d16f7521db99"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fvQwQ9_dbf9T6PP-3mTeF_F3fLuk9MO6fkc6c-k8K-iyit3O-by08A==

GET
H2 200 artemis.min.js Show response
sgqcvfjvr.onet.pl/simetra/artemis/0.6.2/ 14 KB
6 KB 19ms
7ms Script
application/javascript 108.158.32.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/simetra/artemis/0.6.2/artemis.min.js?1f79b58f7b6dd00e35ae1c6cd88a09c2
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-55.syd3.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 4db1d4b1acda5f39723cac7ac0e77cccaabd5821938749d3ac82944a85091d96

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:28:54 GMT
x-amz-version-id: lYQgFFRujgCLTGXyOeiuZMvAqs4OmI6h
content-encoding: br
via: 1.1 35e7be28d84a15b9277bceb653af4b4c.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
age: 859
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5570
last-modified: Fri, 17 Nov 2023 12:53:23 GMT
server: Ring Publishing - Accelerator
etag: "1f79b58f7b6dd00e35ae1c6cd88a09c2"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: udg9oDpqxp2Fdy-8fqvvSLPFkenZtvyzGH80_fLdTWaQCknF-SQ5lQ==

GET
H2 200 pixel-module.js Show response
lib.onet.pl/static/pixel/1.6.14/ 27 KB
8 KB 3ms
2ms Script
application/javascript 18.67.111.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.onet.pl/static/pixel/1.6.14/pixel-module.js?6596ed90d765601950f8be5cd9e01732
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-64.syd62.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: cbe0b141b03968fa840fcdfa2e89c82360443b0302e3da19b1d7283dcba2849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:42:42 GMT
content-encoding: br
via: 1.1 c9801432acaf39452e5421e7eeabc4b0.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 31
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7318
last-modified: Mon, 11 Mar 2024 10:22:33 GMT
server: Ring Publishing - Accelerator
etag: "6596ed90d765601950f8be5cd9e01732"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, PUT
content-type: application/javascript
x-amz-meta-md5: 6596ed90d765601950f8be5cd9e01732
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 1dghxI6PPLYCPjdCNunlJ0ez9mf3yXSnjmt0sAH_jEB53JVELP1mAg==

GET
H2

200

me Show response
events.ocdn.eu/v2/EA-5469564/
Redirect Chain

https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ts=1711503793232
https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ts=1711503793232&_ca=1&uuid=202403270243138048107262

93 B
342 B

250ms
249ms

Fetch
application/json

15.197.153.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ts=1711503793232&_ca=1&uuid=202403270243138048107262
Requested by: Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol: H2
Server: 15.197.153.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: d467166fee9ec59069da57cf31c03bc46d324e31680ad172e38fd90076337baa

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://probable-zipper.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://probable-zipper.sa.com
date: Wed, 27 Mar 2024 01:43:14 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: Ring Publishing - Accelerator
content-length: 93
content-type: application/json; charset=utf-8

Redirect headers

access-control-allow-origin: https://probable-zipper.sa.com
location: /v2/EA-5469564/me?_ac=events&_ts=1711503793232&_ca=1&uuid=202403270243138048107262
date: Wed, 27 Mar 2024 01:43:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: Ring Publishing - Accelerator

GET tags
csr.onet.pl/5469564/ 0
0

GET
H2 200 me Show response
cdp.ems.onet.pl/5469564/ 213 B
570 B 760ms
253ms XHR
application/json 99.83.230.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.ems.onet.pl/5469564/me?domain=probable-zipper.sa.com&ver=1
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0NDA0fWRsQXBpL2RsLmxpYntOTWFzXzQwNH0ubWluLmpz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 99.83.230.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1ef697b048852c56.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: 7e0fd4f149d2dd74f194c7caad423859b8ec0e755520121b4c0ad2920fc7dc5a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
server: Ring Publishing - Accelerator
access-control-allow-methods: GET
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://probable-zipper.sa.com
content-type: application/json
cache-control: private, max-age=1800
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 213

GET
H2 200 tags Show response
csr.onet.pl/5469564/ 11 B
562 B 1011ms
1010ms XHR
application/json 108.158.32.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://csr.onet.pl/5469564/tags?domain=probable-zipper.sa.com&site=BlueNewsch_IT&v=1
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0NDA0fWRsQXBpL2RsLmxpYntOTWFzXzQwNH0ubWluLmpz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-50.syd3.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 72115774e068a807b1bc1aaa7f2df4d92038535bf0ff021c0a0cf5c3d9e6642a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
via: 1.1 8e52b0323db9e9f5baf300137747fffe.cloudfront.net (CloudFront)
server: Ring Publishing - Accelerator
x-amz-cf-pop: SYD3-P2
etag: "9d172f461dfde5816bf6231e53c44d0adf686a90"
x-cache: Miss from cloudfront
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://probable-zipper.sa.com
content-type: application/json
cache-control: public, max-age=1800
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 11
x-amz-cf-id: dTLuiupjRGLphY7vse51ni_XMupaNzd6int1llw0N3GwXahvsEILlA==

GET
H2 200 me Show response
cdp.ems.onet.pl/5469564/ 212 B
568 B 750ms
254ms XHR
application/json 99.83.230.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.ems.onet.pl/5469564/me?domain=probable-zipper.sa.com&ver=1
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0NDA0fWRsQXBpL2RsLmxpYntOTWFzXzQwNH0ubWluLmpz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 99.83.230.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1ef697b048852c56.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: ba7cf61fdcdf00d35a19644dd6e14a0806b07e77a16044126c0bb6c500d6f94d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
server: Ring Publishing - Accelerator
access-control-allow-methods: GET
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://probable-zipper.sa.com
content-type: application/json
cache-control: private, max-age=1800
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 212

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/AmEuXIUpj67Xm3S6ZloFdC7gEiI/gpt_and_prebid/ 107 KB
23 KB 13ms
13ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/AmEuXIUpj67Xm3S6ZloFdC7gEiI/gpt_and_prebid/config.js
Requested by: Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 996eba747c8503c51b80debed0a4e8ee890e8cbef68c6da1bafa93b6b7a30389

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Mar 2024 23:42:31 GMT
server: cloudflare
x-amz-request-id: 3JTVJDJ8VDWD2GC1
age: 286
etag: W/"4d12496784aa8bf53ddfe35d0321e242"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 86abb033ed70dfb5-SYD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cJ1KI/yBvNmyvokq4MNxdxVAbJaI1gABJ8+Kka8zkOWWw/iUxnKHQ2uNSvF/bhu/iblb+hHWkfI=

GET
H3 200 contextual_10.js Show response
cdn.adnz.co/convey-scripts/ 25 KB
11 KB 45ms
30ms Script
application/javascript 172.67.68.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adnz.co/convey-scripts/contextual_10.js

Requested by

Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7a7aee163fec25402103df999389034017bd95ed11f4da0b74e1d9931087a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000363f8083ad1f6d19-0065fb0380-13329ca-default
age: 4709
x-cache-status: HIT
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Mar 2024 15:38:10 GMT
server: cloudflare
etag: W/"ae443a4a4bf01a6c16402e6d88481248"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZ5vyHGuFDe21CGlZHkd9xExgAAw9CIjSwBduxuhp%2BYPW4to%2Bxvh9fvRXuLWVcYNKYbWnPTIIxz3Dl2%2B3AU8jU1BmtTPzBdMYHAh%2B7WKeeutxVciMQcgJIlb4Pfc"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
x-rgw-object-type: Normal
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 86abb034091fa7f6-SYD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With

GET
H2 200 publisherHelperTemporary.js Show response
bcdn.codevelop.network/static/adformats/global/ 141 KB
26 KB 425ms
2ms Script
application/javascript 103.180.114.1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://bcdn.codevelop.network/static/adformats/global/publisherHelperTemporary.js
Requested by: Host: cdn.ringier-advertising.ch
URL: https://cdn.ringier-advertising.ch/prod/tagmanager/bluewin.ch_it/latest/atm.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SYD1-1151 /
Resource Hash: 86075410b6f2d0ca58b0b8fb1a63cca3ddd4bcc0af2b8baa07d7dcb2a8f88c19

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
content-encoding: br
cdn-edgestorageid: 1151
cdn-storageserver: SYD-386
cdn-cachedat: 03/19/2024 15:37:09
cdn-pullzone: 80150
last-modified: Fri, 15 Mar 2024 11:50:09 GMT
server: BunnyCDN-SYD1-1151
cdn-fileserver: 558
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65f435f1-23462"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 4b0e8f5a-bd80-4528-9adc-3a61f309911b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=10800
cdn-requestid: 712997f676e9e7919626f06fe452d52d
cdn-requestcountrycode: AU
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/ 430 KB
105 KB 17ms
17ms Script
application/javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ekgyiOgvSPjNzcyXVUS11Q==
age: 35712
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106739
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:28 GMT
server: cloudflare
etag: 0x8DC3E996ED117D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e31c6377-501e-009b-7f34-71f886000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86abb0341f715521-SYD

GET
H2 200 it.json Show response
cdn.cookielaw.org/consent/e038ef37-dafe-47b6-a008-7d96f3a80149/9f3e8697-123d-48aa-bdfc-17375200f40d/ 225 KB
44 KB 1365ms
1364ms Fetch
application/x-javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e038ef37-dafe-47b6-a008-7d96f3a80149/9f3e8697-123d-48aa-bdfc-17375200f40d/it.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbffdd5c2d3b1e18c499d2816fb77b9ad2484919d118773466e43251e3716689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: hl9TZV8L6CbQu+v7S2beRQ==
content-length: 45272
x-ms-lease-status: unlocked
last-modified: Mon, 04 Mar 2024 12:40:57 GMT
server: cloudflare
etag: 0x8DC3C4857287CE9
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5c8cb6cb-701e-0047-0f6d-7f52d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86abb0346f3ca894-SYD
expires: Thu, 28 Mar 2024 01:43:14 GMT

GET
H2 200 iab2V2Data.json Show response
cdn.cookielaw.org/vendorlist/ 562 KB
73 KB 291ms
291ms Fetch
application/x-javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2V2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1175a5b092eab5caec6133007584f7d7ba0a2a3cb66f85f6c692ab4e6399cbb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QezXw+TatyuvZ8zWcITVQw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 74302
x-ms-lease-status: unlocked
last-modified: Tue, 26 Mar 2024 09:28:42 GMT
server: cloudflare
etag: 0x8DC4D7720BEBFEE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9b473671-001e-005d-366d-7f3307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86abb0346f3da894-SYD

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/ 60 KB
17 KB 18ms
18ms Script
application/javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: eGDl38dOO3s2Tcv31zHSXg==
age: 13051
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 17104
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:27 GMT
server: cloudflare
etag: 0x8DC3E996DDC2DD7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fe36dc53-001e-0010-2a2f-71fceb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86abb0346faf5521-SYD

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 619ms
205ms Image
image/gif 3.226.87.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=it.bluewin.ch&p=%2Fit%2Fspettacolo%2Fmyrta-merlino-le-novit-di-pomeriggio-5-e-il-consiglio-di-maria-de-filippi-1824424.html&u=1h2_8Dmx3OF5ymEB&d=probable-zipper.sa.com&g=39535&g0=Spettacolo%2CEntertainment%20all&g1=Covermedia&g4=article&n=1&f=00001&c=0&x=0&m=0&y=2853&o=1600&w=1113&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fprobable-zipper.sa.com%2F&b=3799&t=CyOmV9BJkXmxDXUSLNCj1PF6D-LMm3&V=143&i=Ecco%20chi%20prender%C3%A0%20il%20posto%20che%20%C3%A8%20stato%C2%A0per%20oltre%20un%20decennio%20di%20Barbara%20D%E2%80%99Urso&tz=-480&sn=1&sv=BMLv9hByfQuPYWPo6BS9gznCFlZvm&sr=external&sd=1&im=061b0cf3&_
Requested by: Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.87.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-87-76.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 27 Mar 2024 01:43:13 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/ 439 KB
138 KB 4ms
3ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

6741e40d6f221184f305d53cdd6de5d97ab2a9b176439a803b53079767c02b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 11:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52125
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141204
x-xss-protection: 0
server: cafe
etag: 1088271010723479833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 26 Mar 2025 11:14:28 GMT

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 51 KB
16 KB 286ms
286ms Script
text/javascript 172.67.69.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e292d913-c9cb-419a-9c62-08ba3e231a7a&toploc=probable-zipper.sa.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/survey/script/e292d913c9cb419a9c6208ba3e231a7a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2276b817db5549897894e60c8850f396dbf0170b4c9c6387cd672e2d3aac68f2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 27 Mar 2024 01:43:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oST%2FtYB1Ys6JlZdLzJzO%2FSYfgrZPnNiCeIYd2f3SF7yn7kwyo%2BzmnVsdXwafz6FYvMiCWMhKickyb7v4h9HlIviX%2F3NjaZTTP4M1qYbluP5u2MQ1R%2BGHyr%2FK88kDMaLzaBQCfThF"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 86abb037187c5557-SYD
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 3f46f0cb-015f-4a35-905a-81194023d855.jpeg
production-livingdocs-bluewin-ch.imgix.net/2024/03/25/ 8 KB
9 KB 4ms
3ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2024/03/25/3f46f0cb-015f-4a35-905a-81194023d855.jpeg?rect=0%2C0%2C3840%2C2160&w=320&auto=format

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

5aee5cd6ca2adfc0fddf8a4cc155df9b0bae066d89f2be2017f4aa86ef8544d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:13 GMT
x-content-type-options: nosniff
age: 116513
x-cache: HIT, HIT
x-imgix-id: 05a43b15731255727dcbcbbf0e29f4b165d1cdb8
cross-origin-resource-policy: cross-origin
content-length: 8514
x-served-by: cache-sjc1000119-SJC, cache-syd10162-SYD
last-modified: Mon, 25 Mar 2024 17:21:20 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=259200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
143 B 1069ms
260ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=e292d913-c9cb-419a-9c62-08ba3e231a7a&toploc=probable-zipper.sa.com&rnd=8474607
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=e292d913-c9cb-419a-9c62-08ba3e231a7a&toploc=probable-zipper.sa.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
date: Wed, 27 Mar 2024 01:43:14 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H2 200 eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIiwiZ2xvYmFsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vc... Show response
events.ocdn.eu/v2/EA-5469564/user/ 211 B
613 B 257ms
257ms Fetch
application/json 15.197.153.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/EA-5469564/user/eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIiwiZ2xvYmFsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vcHJvYmFibGUtemlwcGVyLnNhLmNvbS8ifSwidmVyc2lvbiI6IjAuNi4yIiwiZmxhZ3MiOnsiaWdub3JlSWQiOmZhbHNlfX0=
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/simetra/artemis/0.6.2/artemis.min.js?1f79b58f7b6dd00e35ae1c6cd88a09c2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.197.153.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: 8ac0986d4fc42d7720dfc711011f72c0ea80d0849ba5eede697f75a2f2c4a3cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
content-encoding: gzip
server: Ring Publishing - Accelerator
vary: Accept-Encoding
x-ats-elapsed: 0.0039999485015869
content-type: application/json
access-control-allow-origin: https://probable-zipper.sa.com
access-control-allow-methods: GET, POST, OPTIONS
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Type,DNT,Host,If-Modified-Since,Origin,Range,User-Agent,X-Requested-With

GET
H2 200 eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIiwiZ2xvYmFsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vc... Show response
events.ocdn.eu/v2/EA-5469564/user/ 211 B
612 B 256ms
255ms Fetch
application/json 15.197.153.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/EA-5469564/user/eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIiwiZ2xvYmFsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vcHJvYmFibGUtemlwcGVyLnNhLmNvbS8ifSwidmVyc2lvbiI6IjAuNi4yIiwiZmxhZ3MiOnsiaWdub3JlSWQiOmZhbHNlfX0=
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/simetra/artemis/0.6.2/artemis.min.js?1f79b58f7b6dd00e35ae1c6cd88a09c2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.197.153.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: d0067869f86ff2c390fca1e3299d7af086cbdc1cb7eb6bb470a6784d5da1c7af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
content-encoding: gzip
server: Ring Publishing - Accelerator
vary: Accept-Encoding
x-ats-elapsed: 0.003000020980835
content-type: application/json
access-control-allow-origin: https://probable-zipper.sa.com
access-control-allow-methods: GET, POST, OPTIONS
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Type,DNT,Host,If-Modified-Since,Origin,Range,User-Agent,X-Requested-With

GET
H2 200 eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIiwiZ2xvYmFsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vc... Show response
events.ocdn.eu/v2/EA-5469564/user/ 211 B
614 B 257ms
256ms Fetch
application/json 15.197.153.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/EA-5469564/user/eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIiwiZ2xvYmFsIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vcHJvYmFibGUtemlwcGVyLnNhLmNvbS8ifSwidmVyc2lvbiI6IjAuNi4yIiwiZmxhZ3MiOnsiaWdub3JlSWQiOmZhbHNlfX0=
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/simetra/artemis/0.6.2/artemis.min.js?1f79b58f7b6dd00e35ae1c6cd88a09c2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.197.153.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: c97a47256e213872b8ebe591ae8301d8cc8a6aeae35383b46dd405a51e211523

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
content-encoding: gzip
server: Ring Publishing - Accelerator
vary: Accept-Encoding
x-ats-elapsed: 0.0039999485015869
content-type: application/json
access-control-allow-origin: https://probable-zipper.sa.com
access-control-allow-methods: GET, POST, OPTIONS
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Type,DNT,Host,If-Modified-Since,Origin,Range,User-Agent,X-Requested-With

GET
H3 204 batch
api.adnz.co/api/ws-events-sink/ 0
0 314ms
307ms Fetch 172.67.68.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-events-sink/batch?visitorId=8239931692372575&tenantId=10&events=W3sidHlwZSI6IlBBR0VfSU1QUkVTU0lPTiIsImV2ZW50SWQiOjQyNTY3OTQ2OTUxNjgyMywicGFnZUltcHJlc3Npb25JZCI6MzE2NTA2NTU5MjkwODk3NywidXJsIjoiaHR0cHM6Ly9wcm9iYWJsZS16aXBwZXIuc2EuY29tL2l0L3NwZXR0YWNvbG8vbXlydGEtbWVybGluby1sZS1ub3ZpdC1kaS1wb21lcmlnZ2lvLTUtZS1pbC1jb25zaWdsaW8tZGktbWFyaWEtZGUtZmlsaXBwaS0xODI0NDI0Lmh0bWwiLCJib2R5Ijp7fX1d
Requested by: Host: cdn.adnz.co
URL: https://cdn.adnz.co/convey-scripts/contextual_10.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:14 GMT
ratelimit-reset: 1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZfBB2eh%2FUH2UZgIQsPUH5cBRatSAhPE7qPTM1YEkG%2BTaRkdwhxbHh2dg9DZaVv00YZ1UVeBp%2B%2BLB2x0hp6zXa2sCW5XJlR48lyqZBd2QiY237q2wghDvbjhiET5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://probable-zipper.sa.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
ratelimit-limit: 100
cf-ray: 86abb03aa942a7f6-SYD
ratelimit-remaining: 99
alt-svc: h3=":443"; ma=86400

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 9 KB
3 KB 294ms
294ms Fetch
application/json 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mxz2n732zKhkPcAbb+5oGw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2626
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:22 GMT
server: cloudflare
etag: 0x8DC3E996B0055CE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4a11b316-101e-001c-7326-7d6be3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86abb03d5ec6a894-SYD

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/ 62 KB
13 KB 289ms
289ms Fetch
application/json 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +7hvz1DcCYiP/7X0fBpjjw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12694
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:24 GMT
server: cloudflare
etag: 0x8DC3E996BDADDD4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fe3d31be-001e-005d-0746-7e3307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86abb03d5ec8a894-SYD

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 21 KB
4 KB 276ms
275ms Fetch
text/css 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 8b68ef9f-f01e-0092-6246-7ebd55000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86abb03d5ecba894-SYD

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
509 B 271ms
270ms Fetch
image/svg+xml 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Mon, 25 Mar 2024 19:35:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: da06abb3-101e-000c-606d-7fae8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86abb03f58eba894-SYD

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 17ms
16ms Image
image/png 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 18160
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Mon, 25 Mar 2024 19:35:37 GMT
server: cloudflare
etag: 0x8DC4D02BF9051A1
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d2ba6eb3-401e-004c-402c-7fa9b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86abb03f6fed5521-SYD

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 14ms
14ms Image
image/svg+xml 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 01:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 21277
x-ms-lease-status: unlocked
last-modified: Mon, 25 Mar 2024 19:35:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f6f2a0a1-601e-0074-26b0-7f0d73000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86abb03f6fee5521-SYD

OPTIONS
H/1.1 200 tags
swisscom.push.delivery/push-api/ 0
0 1158ms
287ms Preflight 88.198.62.154
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://swisscom.push.delivery/push-api/tags

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

88.198.62.154 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-62-154.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://probable-zipper.sa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization, content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 27 Mar 2024 01:43:16 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: DENY DENY
X-XSS-Protection: 0

OPTIONS
H/1.1 200 tags
swisscom.push.delivery/push-api/ 0
0 1141ms
276ms Preflight 88.198.62.154
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://swisscom.push.delivery/push-api/tags

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

88.198.62.154 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-62-154.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://probable-zipper.sa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization, content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 27 Mar 2024 01:43:16 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: DENY DENY
X-XSS-Protection: 0

POST
H/1.1 200 tags Show response
swisscom.push.delivery/push-api/ 3 KB
1 KB 294ms
293ms Fetch
application/json 88.198.62.154
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://swisscom.push.delivery/push-api/tags

Requested by

Host: cdn-swisscom.push.delivery
URL: https://cdn-swisscom.push.delivery/bluewin/3.1.2/webpush-production.js?v=5.199.4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

88.198.62.154 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-62-154.clients.your-server.de

Software

nginx /

Resource Hash

442dff6db0fbdca6217609f82173121e5cec3567f0a77bb1f91b28bf8484d9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer 1c838b64db4b99e2bc44fe2d40d7cbad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://probable-zipper.sa.com/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 27 Mar 2024 01:43:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: nginx
Transfer-Encoding: chunked
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-Frame-Options: DENY, DENY
Connection: keep-alive
X-XSS-Protection: 0
Expires: 0

POST
H/1.1 200 tags Show response
swisscom.push.delivery/push-api/ 3 KB
1 KB 292ms
291ms Fetch
application/json 88.198.62.154
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://swisscom.push.delivery/push-api/tags

Requested by

Host: cdn-swisscom.push.delivery
URL: https://cdn-swisscom.push.delivery/bluewin/3.1.2/webpush-production.js?v=5.199.4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

88.198.62.154 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-62-154.clients.your-server.de

Software

nginx /

Resource Hash

442dff6db0fbdca6217609f82173121e5cec3567f0a77bb1f91b28bf8484d9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer 1c838b64db4b99e2bc44fe2d40d7cbad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://probable-zipper.sa.com/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 27 Mar 2024 01:43:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: nginx
Transfer-Encoding: chunked
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-Frame-Options: DENY, DENY
Connection: keep-alive
X-XSS-Protection: 0
Expires: 0

GET
H2 200 bluenews-logo.png
cdn-swisscom.push.delivery/bluewin/images/ 30 KB
30 KB 4ms
3ms Image
image/png 108.158.32.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-swisscom.push.delivery/bluewin/images/bluenews-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-32.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fd03d35400cffeee57d6841c18e4b8767e7313693be817b2349417baee7476a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 28 Feb 2024 23:50:48 GMT
x-amz-version-id: CXuLZZe.pphWa0k2S9k_LJh72YG9Z6Ak
via: 1.1 998f2e65b8600f6b6ddabdbf7f97c846.cloudfront.net (CloudFront)
last-modified: Wed, 16 Sep 2020 12:36:01 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
age: 2339548
etag: "78d59c03ad0ad69a17e1faa510d08a90"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30563
x-amz-cf-id: JbH8Ujf-fw54t8kIUW7CI-yDAEdwkwxD8HYY3P3ONOWkB2dYjSmmzw==

GET
H2 200 unblock-chrome-italian.gif
push.delivery.ethinking.de/ethinking/gifs/ 22 KB
22 KB 625ms
4ms Image
image/gif 13.224.181.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://push.delivery.ethinking.de/ethinking/gifs/unblock-chrome-italian.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.181.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-181-82.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c57a6137261c54dad163c3c583863d634d1e9814ed88307496d7cb1564bb4e2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 05:42:47 GMT
x-amz-version-id: Bd7p72HG1aNeBNuMC_TvUIS0Uzi46qNM
via: 1.1 98c0260f137c498b550b5ea75d3bc892.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 08:36:24 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C2
age: 72028
etag: "26781c6913f77555a3828e2ab366e3af"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 22577
x-amz-cf-id: 6RrdjW_OAAy3CsnvsLR4NEIA4BqvePoO0kZK7h_1utpsvoTIF_CmYQ==

GET
H2 200 RCf7ad99b8263b4754b1cf0c2909487381-source.min.js Show response
assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/2a46319799bc/ 365 B
492 B 3ms
2ms Script
application/x-javascript 23.198.63.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/2a46319799bc/RCf7ad99b8263b4754b1cf0c2909487381-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/launch-5c478d1148ab.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-63-128.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d47add8b2cc0df7b9429f054bfa05bce22171307fc1fa52d1bc461d232c5ab5d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:15 GMT
content-encoding: gzip
last-modified: Tue, 17 Oct 2023 19:59:32 GMT
server: AkamaiNetStorage
etag: "166f6a75a4929bcce957473a087af04d:1697572772.476297"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://probable-zipper.sa.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 231
expires: Wed, 27 Mar 2024 02:43:15 GMT

GET
H3 200 webpush-vars.css
probable-zipper.sa.com/safaripush/ 250 B
735 B 631ms
630ms Stylesheet
text/css 172.67.180.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://probable-zipper.sa.com/safaripush/webpush-vars.css

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/safaripush/safaripush.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aabcce9eb8089e7b61c125db15d92ae0faa4d42f8bdbfcf1f71771da290f9c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-encoded-content-length: 148
x-dns-prefetch-control: on
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: ad0194cb38e4, e7b0348a26d9
x-encoded-content-encoding: gzip
last-modified: Wed, 23 Aug 2023 13:28:28 GMT
server: cloudflare
etag: W/"fa-18a22950c60"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eW9pFaQp3N%2Bxxlc0A7L0AoTMZ0vnd0LXeUBZXbTn7vePnfBEjo1e5rGLaPeydq0Q1dYaQsjd0h7mCoPlxOmagAWzHbM7IUjH7s1Fy4r6NjX%2FTRl7HuWp7XUJTxP02NCN9xznjrbVt1w4"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 86abb03fae14a7e9-SYD
x-cache-hits: 6034598

GET
H3 200 styles.css
probable-zipper.sa.com/safaripush/ 8 KB
2 KB 667ms
667ms Stylesheet
text/css 172.67.180.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://probable-zipper.sa.com/safaripush/styles.css

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/safaripush/safaripush.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d53e38bd6add65fdb28bb71b6c3e9f8703e68cfb66437dbacb28eb88dacb429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-encoded-content-length: 1990
x-dns-prefetch-control: on
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: ad0194cb38e4, c18030f30561
x-encoded-content-encoding: gzip
last-modified: Wed, 23 Aug 2023 13:28:28 GMT
server: cloudflare
etag: W/"214e-18a22950c60"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZYogn9XeZtah6fjdkrpsat%2Fk%2Byqej%2Fk%2B8Tuw5mvMJB1HjxWPlwjltLC3nJcqf7MD12qPIY0O1%2FZ%2BE1i4Ra33hwV3jsPisltV0njOsfUV2v8pIRw8hRHRkX13p2AQus1554npgGM03rp"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 86abb03fae15a7e9-SYD
x-cache-hits: 5907699

GET
H3 200 config.json Show response
probable-zipper.sa.com/safaripush/ 371 B
855 B 648ms
647ms Fetch
application/json 172.67.180.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://probable-zipper.sa.com/safaripush/config.json

Requested by

Host: probable-zipper.sa.com
URL: https://probable-zipper.sa.com/safaripush/safaripush.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb4b392e6ea505543b3d88814ec0afd6f5780b71956c5ad6ff8482c794437c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12062604
x-encoded-content-length: 253
x-dns-prefetch-control: on
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: 55b93dbfa0bd, 9a6a4de39d1e
x-encoded-content-encoding: gzip
last-modified: Wed, 23 Aug 2023 13:28:28 GMT
server: cloudflare
etag: W/"173-18a22950c60"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kVH4FN5i6CePFYtKpPN9NKp4%2F%2BWgUJSVRfBG%2FuDU0YW0T8R5ATqxSaU0u0yO%2Fo3b5wpAS8pzJCNdmIH%2BnIcfE5ubAzDU%2F8cLAaui4lGnQhmUOFsQBhX0pmj0mrcFrG9OUqkqeQLl850t"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 86abb03fae18a7e9-SYD
x-cache-hits: 6654111

GET
H2 200 acm.min.js Show response
cdn.skyjs.org/bluewin.ch/ 313 KB
91 KB 288ms
286ms Script
text/javascript 172.64.145.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.skyjs.org/bluewin.ch/acm.min.js

Requested by

Host: cdn.skyjs.org
URL: https://cdn.skyjs.org/bluewin.ch/int.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.145.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41aca1f6ec4be066011c5d102532637600c1e215c4bf73eec3ca2b7f9bb506e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
Origin: https://probable-zipper.sa.com
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-amz-request-id: tx00000e23cdd420ad47546-006602aca4-53d0d663-ams3c
x-envoy-upstream-healthchecked-cluster
content-length: 92837
last-modified: Fri, 22 Mar 2024 11:27:37 GMT
server: cloudflare
etag: "ac741935ff0d1f29f36a047d64071271"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-do-cdn-uuid: 095c611b-18ef-4310-966e-1acbe2ac0e74
x-rgw-object-type: Normal
cache-control: max-age=600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 86abb03fabc6a7f9-SYD

GET
H2 200 icon-push.51a4bc35e69e47250b37d91ec5ec2413.svg
cdn.bluewin.ch/6.1.34/ 979 B
1 KB 3ms
3ms Image
image/svg+xml 108.158.32.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bluewin.ch/6.1.34/icon-push.51a4bc35e69e47250b37d91ec5ec2413.svg
Requested by: Host: cdn.bluewin.ch
URL: https://cdn.bluewin.ch/6.1.34/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-35.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a76c2f151a973b02253149ffed720a7aa29326b8d7e5fa4e60f5bed4655ee8b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdn.bluewin.ch/6.1.34/styles.css
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 08:11:06 GMT
via: 1.1 352b1001018ea123117ef28ad154f522.cloudfront.net (CloudFront)
last-modified: Mon, 11 Mar 2024 16:26:09 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
age: 63129
x-amz-server-side-encryption: AES256
etag: "51a4bc35e69e47250b37d91ec5ec2413"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 979
x-amz-cf-id: vFPsf9zI2uck4FJ0khbldXHbaIHG9BJlAEbeNpPuG7LiTLjq0_yi8w==

GET
H2 200 RC8d7a7897a17d413ab9f97745d0af6c5f-source.min.js Show response
assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/2a46319799bc/ 1 KB
817 B 3ms
3ms Script
application/x-javascript 23.198.63.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/2a46319799bc/RC8d7a7897a17d413ab9f97745d0af6c5f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf0f8dbc2470/ac145d9e1821/launch-5c478d1148ab.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-63-128.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 41166aec0756ea772b94434e4818bc0244e4d79474858fe03e7a8bb14d39ed8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:15 GMT
content-encoding: gzip
last-modified: Tue, 17 Oct 2023 19:59:32 GMT
server: AkamaiNetStorage
etag: "166f6a75a4929bcce957473a087af04d:1697572772.476297"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://probable-zipper.sa.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 555
expires: Wed, 27 Mar 2024 02:43:15 GMT

GET
H2 200 favicon.ico
cdn.bluewin.ch/6.1.24/assets/images/ 15 KB
15 KB 7ms
6ms Other
image/x-icon 108.158.32.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluewin.ch/6.1.24/assets/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-35.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 319e21f2cefc2b5367d7f831d56793614e1556eb4091feb688893e4ed8fc5a65

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:15 GMT
via: 1.1 352b1001018ea123117ef28ad154f522.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 08:33:15 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
age: 4706
x-amz-server-side-encryption: AES256
etag: "cfe3228f9d96e21c0562b35f5114ebc7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/x-icon
accept-ranges: bytes
content-length: 15086
x-amz-cf-id: zoZ7BMp7FjENADy63_ZPCPO_DQFyohdA26NQvV-BjK1mKd5Ket32nQ==

GET
H2 204 / Show response
events.ocdn.eu/v2/ 0
203 B 250ms
250ms Fetch 15.197.153.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/?_et=PageView&_ac=kropka-stats&_rt=now&_lu=202403270243138048107262&_it=1009&_gu=202403270243138048107262&CDL=ea_notfound&RWSF=1&DP=0&RDLC=eyJ2ZXJzaW9uIjp7ImxpYnJhcnkiOnsidHJhY2tpbmciOiI1LjkuMSIsImRsYXBpIjoiMjAyNDAzMjZfMTQwMiJ9fSwidHJhY2tpbmciOnsiYXV0b3N0YXJ0Ijp0cnVlfX0%3D&RDLU=eyJpZCI6eyJhcnRlbWlzIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIiwiZXh0ZXJuYWwiOnsibW9kZWwiOiIyMDI0MDMyNzAyNDMxMzgwNDgxMDcyNjIiLCJtb2RlbHMiOnsiYXRzX3JpIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIn19fX0%3D&CL=init-20240326_1402&RI=25d63660379b10fa&C1=1711503793250&IP=202403270943132440088525&CS=800x600x24&CW=1600x1113&DU=https%3A%2F%2Fprobable-zipper.sa.com%2F&DV=bluenewsch_it&IV=202403270943132440088525&RDLCN=eyJwdWJsaWNhdGlvbiI6e30sInNvdXJjZSI6e30sIm9iamVjdCI6e319&DA=BlueNewsch_IT%2Fros&SC=1&CD=visible&RT=PageView&IZ=0&IL=0&TID=EA-5469564
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0NDA0fWRsQXBpL2RsLmxpYntOTWFzXzQwNH0ubWluLmpz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.197.153.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://probable-zipper.sa.com
date: Wed, 27 Mar 2024 01:43:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: Ring Publishing - Accelerator

GET
H2 204 /
events.ocdn.eu/v2/ 0
0 250ms
249ms Fetch 15.197.153.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/?_et=PerfEvent&_ac=kropka-monitoring&_rt=fetch&_lu=202403270243138048107262&_it=1009&_gu=202403270243138048107262&RWSF=1&RDLU=eyJpZCI6eyJhcnRlbWlzIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIiwiZXh0ZXJuYWwiOnsibW9kZWwiOiIyMDI0MDMyNzAyNDMxMzgwNDgxMDcyNjIiLCJtb2RlbHMiOnsiYXRzX3JpIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIn19fX0%3D&RT=PerfEvent&CD=visible&TR=981&TTTFB=721&TH=724&TI=2243&TC=-1&TE=-1&TN=0&TD=102&TADP=1&TE1=11&DA=BlueNewsch_IT%2Fros&TVER=20240326_1402&TIFR=0&NID=5469564&TFLASH=2&TFINI=sgqcvfjvr.onet.pl&TCVCLS=0&RI=28d4c660379b1105&IP=202403270943132440088525&CS=800x600x24&CW=1600x1113&DU=https%3A%2F%2Fprobable-zipper.sa.com%2F&DV=bluenewsch_it&IV=202403270943132440088525&IZ=0&IL=0&TID=EA-5469564&_ts=1711503795230
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0NDA0fWRsQXBpL2RsLmxpYntOTWFzXzQwNH0ubWluLmpz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.197.153.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://probable-zipper.sa.com
date: Wed, 27 Mar 2024 01:43:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: Ring Publishing - Accelerator

GET
H2 204 / Show response
events.ocdn.eu/v2/ 0
203 B 250ms
249ms Fetch 15.197.153.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/?_et=PageView&_ac=kropka-stats&_rt=now&_lu=202403270243138048107262&_it=1009&_gu=202403270243138048107262&CDL=ea_notfound&RWSF=1&DP=-1&RDLC=eyJ2ZXJzaW9uIjp7ImxpYnJhcnkiOnsidHJhY2tpbmciOiI1LjkuMSIsImRsYXBpIjoiMjAyNDAzMjZfMTQwMiJ9fSwidHJhY2tpbmciOnsiYXV0b3N0YXJ0Ijp0cnVlfX0%3D&RDLU=eyJpZCI6eyJhcnRlbWlzIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIiwiZXh0ZXJuYWwiOnsibW9kZWwiOiIyMDI0MDMyNzAyNDMxMzgwNDgxMDcyNjIiLCJtb2RlbHMiOnsiYXRzX3JpIjoiMjAyNDAzMjcwMjQzMTM4MDQ4MTA3MjYyIn19fX0%3D&CL=init-20240326_1402&RI=7ca38660379b1107&C1=1711503793263&IP=202403270943132645546060&CS=800x600x24&CW=1600x1113&DU=https%3A%2F%2Fprobable-zipper.sa.com%2F&DV=bluenewsch_it%2Fdesktop_tv&IV=202403270943132645546060&RDLCN=eyJwdWJsaWNhdGlvbiI6e30sInNvdXJjZSI6e30sIm9iamVjdCI6e319&DA=BlueNewsch_IT%2FDesktop_TV&SC=1&CD=visible&DR=https%3A%2F%2Fprobable-zipper.sa.com%2F&RT=PageView&IZ=0&IL=0&TID=EA-5469564
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0NDA0fWRsQXBpL2RsLmxpYntOTWFzXzQwNH0ubWluLmpz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.197.153.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://probable-zipper.sa.com
date: Wed, 27 Mar 2024 01:43:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: Ring Publishing - Accelerator

GET
H2 200 2434f16f-b7e8-4263-885b-3759d52a988e.jpeg
production-livingdocs-bluewin-ch.imgix.net/2024/03/25/ 4 KB
4 KB 184ms
183ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2024/03/25/2434f16f-b7e8-4263-885b-3759d52a988e.jpeg?rect=0%2C0%2C1024%2C576&w=320&auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

759bb20758d262e0e87e14902ffea4f8f3ea55ef1a1a0da27361257b9ef0e4e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:15 GMT
x-content-type-options: nosniff
age: 122374
x-cache: HIT, MISS
x-imgix-id: 1926be5368a4ba3d82a15947c1e00dcfd903399c
cross-origin-resource-policy: cross-origin
content-length: 3806
x-served-by: cache-sjc10052-SJC, cache-syd10162-SYD
last-modified: Mon, 25 Mar 2024 15:43:41 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=259200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c59c6eac-757f-4ece-8d82-e014df541407.jpeg
production-livingdocs-bluewin-ch.imgix.net/2024/03/25/ 4 KB
5 KB 4ms
4ms Image
image/avif 151.101.130.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://production-livingdocs-bluewin-ch.imgix.net/2024/03/25/c59c6eac-757f-4ece-8d82-e014df541407.jpeg?rect=0%2C0%2C1280%2C720&w=320&auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

1afeccf43f4ec20861c34795178596fd095632edf4afec3cff859e069da3800d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:15 GMT
x-content-type-options: nosniff
age: 133440
x-cache: HIT, HIT
x-imgix-id: 9bcf401eefa0f726f191c8c67775168de01d4998
cross-origin-resource-policy: cross-origin
content-length: 4574
x-served-by: cache-sjc10023-SJC, cache-syd10162-SYD
last-modified: Mon, 25 Mar 2024 12:39:15 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=259200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 config.json Show response
qcdn.skyjs.org/bluewin.ch/ 1 KB
1 KB 621ms
292ms XHR
application/json 172.64.145.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qcdn.skyjs.org/bluewin.ch/config.json

Requested by

Host: cdn.skyjs.org
URL: https://cdn.skyjs.org/bluewin.ch/acm.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.145.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d3dca32d636fb2723436f1001ce1fee41a89af7f1ea96c8f3e59dbeb40da1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:16 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: EXPIRED
x-amz-request-id: tx0000035f4feda773c354d-00660379b3-53d0c211-ams3c
x-envoy-upstream-healthchecked-cluster
content-length: 657
last-modified: Tue, 26 Mar 2024 18:08:45 GMT
server: cloudflare
etag: "6547e1c5f96af9e289072eab01a3cdf9"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-do-cdn-uuid: dec20da5-5a4c-4c8d-8ec3-5fda0b5ce12f
x-rgw-object-type: Normal
cache-control: max-age=60
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 86abb043aedc574a-SYD

GET
H2 200 teasers.json Show response
cdn.skyjs.org/bluewin.ch/ 126 KB
63 KB 310ms
310ms XHR
application/json 172.64.145.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.skyjs.org/bluewin.ch/teasers.json

Requested by

Host: cdn.skyjs.org
URL: https://cdn.skyjs.org/bluewin.ch/acm.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.145.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f3f350b5a8ddcc341289c4203835e0ad46314d7d747d12f548408b91680c23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://probable-zipper.sa.com/
accept-language: en-AU,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 01:43:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: EXPIRED
x-amz-request-id: tx00000548737952088ad5e-00660379b3-53d083e0-ams3c
x-envoy-upstream-healthchecked-cluster
content-length: 64344
last-modified: Wed, 27 Mar 2024 01:38:49 GMT
server: cloudflare
etag: "71fc918f3f9fd5ee686f41fb10577bd2"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-do-cdn-uuid: 095c611b-18ef-4310-966e-1acbe2ac0e74
x-rgw-object-type: Normal
cache-control: max-age=600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 86abb041adbea7f9-SYD

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csr.onet.pl
URL: https://csr.onet.pl/5469564/tags?domain=probable-zipper.sa.com&site=BlueNewsch_IT&v=1

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
probable-zipper.sa.com/	1970-01-21 04:10:39	Name: fpid Value: 1711503791884_32280826
.scorecardresearch.com/	1970-01-21 05:01:03	Name: UID Value: 1196734d1507928c4f5a7a41711503792
.scorecardresearch.com/	1970-01-20 20:08:15	Name: PID Value: 12D6734d14ec628c4f5a9571711503792
.scorecardresearch.com/	1970-01-20 20:08:15	Name: XID Value: 1196734d1507928c4f5a7a41711503792
lib.onet.pl/	1970-01-21 04:10:39	Name: acc_segment Value: 52
sgqcvfjvr.onet.pl/	1970-01-21 04:10:39	Name: acc_segment Value: 94
.probable-zipper.sa.com/	1970-01-21 04:53:51	Name: _cb Value: 1h2_8Dmx3OF5ymEB
.probable-zipper.sa.com/	1970-01-21 04:53:51	Name: _chartbeat2 Value: .1711503793463.1711503793463.1.BMLv9hByfQuPYWPo6BS9gznCFlZvm.1
.probable-zipper.sa.com/	1970-01-20 19:25:05	Name: _cb_svref Value: external
.events.ocdn.eu/	1970-01-21 05:01:03	Name: ea_uuid Value: 202403270243138048107262
events.ocdn.eu/	1970-01-21 04:10:39	Name: acc_segment Value: 37
cdp.ems.onet.pl/	1970-01-21 04:10:39	Name: acc_segment Value: 35
csr.onet.pl/	1970-01-21 04:10:39	Name: acc_segment Value: 42
.probable-zipper.sa.com/	1970-01-20 20:54:20	Name: ats_ri Value: ri=202403270243138048107262&model=202403270243138048107262&models=eyJhdHNfcmkiOiIyMDI0MDMyNzAyNDMxMzgwNDgxMDcyNjIifQ%3D%3D&ttl_ms=3600000&expires_ms=1711507394504&version=1711503794.375

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://probable-zipper.sa.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.adnz.co
assets.adobedtm.com
bcdn.codevelop.network
cdn-a.yieldlove.com
cdn-swisscom.push.delivery
cdn.adnz.co
cdn.bluewin.ch
cdn.brandmetrics.com
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.cwi.re
cdn.jsdelivr.net
cdn.ringier-advertising.ch
cdn.skyjs.org
cdp.ems.onet.pl
collector.brandmetrics.com
csr.onet.pl
end.mpod.ch
events.ocdn.eu
geolocation.onetrust.com
get.geojs.io
lib.onet.pl
ping.chartbeat.net
probable-zipper.sa.com
production-livingdocs-bluewin-ch.imgix.net
push.delivery.ethinking.de
qcdn.skyjs.org
rcp.scsstatic.ch
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sgqcvfjvr.onet.pl
static.chartbeat.com
swisscom.push.delivery
csr.onet.pl
103.180.114.1
104.19.177.52
108.158.20.52
108.158.32.32
108.158.32.35
108.158.32.50
108.158.32.55
13.224.181.82
13.35.147.26
142.250.66.194
15.197.153.132
151.101.130.208
151.101.193.229
172.64.144.166
172.64.145.29
172.64.155.119
172.67.180.177
172.67.68.225
172.67.69.191
172.67.70.233
18.67.107.130
18.67.111.64
18.67.93.39
195.186.209.232
20.50.2.28
23.198.63.128
3.226.87.76
35.71.191.239
88.198.62.154
99.83.230.239
092fb4b4f56d9a1cb0fd7a8495840462301ae9d2fd861c11ab245a5162791b0b
09525fb3b4747dfbceaa9401af3c089fae3aa045934b77ec444cfe62c0efd3da
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0a76c2f151a973b02253149ffed720a7aa29326b8d7e5fa4e60f5bed4655ee8b
0caf16548fb06c5579ad4cf2dbc471c59618254cf4f2c1c5961cfe866dd38405
10de890ff4c22930ca4857fecab07ed69fa8141860a641f8b51bce27ec111663
1175a5b092eab5caec6133007584f7d7ba0a2a3cb66f85f6c692ab4e6399cbb3
17492240142c475ee2fd7dc3d3d5eca157c49291f29870bbda35552fa2964047
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1afeccf43f4ec20861c34795178596fd095632edf4afec3cff859e069da3800d
1b8380e40488d1ae6b638910b3fe7265594d958ad860b79a4749577c53134fe1
1c1d12de4da3f2ce9fda12c2ecc15797a0e2c793d8cee52702c47c612b0d54bd
1c57a6137261c54dad163c3c583863d634d1e9814ed88307496d7cb1564bb4e2
2267e82969e7da8b2fee71c9a5699c507c30dcdb91c732a45298ec2b4b8c8459
2276b817db5549897894e60c8850f396dbf0170b4c9c6387cd672e2d3aac68f2
22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ad7bfdfb7306f713b6e9e7525086e2e25b3e31a4b221b24559f56e1d5d924b1
319e21f2cefc2b5367d7f831d56793614e1556eb4091feb688893e4ed8fc5a65
342d84413606b2c9364ea2cb59915ea807bdf1e0d3380bacc1ed1c5b7c76b3c4
405a0ef42fed6a6615fbcbb8d72b01eecc229692063a656e4b8b1171673d2456
41166aec0756ea772b94434e4818bc0244e4d79474858fe03e7a8bb14d39ed8a
41aca1f6ec4be066011c5d102532637600c1e215c4bf73eec3ca2b7f9bb506e8
41d3dca32d636fb2723436f1001ce1fee41a89af7f1ea96c8f3e59dbeb40da1d
430a3e924b5d799fd6bd50f05f34f399400afd06ff9bc54244d8d216a1a67358
442dff6db0fbdca6217609f82173121e5cec3567f0a77bb1f91b28bf8484d9fc
4b78109364df631af1bbf9704e42ad1fdf1499824c1a30fc496b86f8a0197e10
4db1d4b1acda5f39723cac7ac0e77cccaabd5821938749d3ac82944a85091d96
4f071b3ac1df8010de1188b5b2242440baec2a80d1c19849d9514f1622c0d1cd
4f3f350b5a8ddcc341289c4203835e0ad46314d7d747d12f548408b91680c23a
5445e6290f97006b4f6bede86c144109c06e1c3da4075a4a2cea15ffc18e1169
5624e381bd10235ab37d989a5d19eb7b266c16b3db3c191d9a2990651c1d5e3c
5aee5cd6ca2adfc0fddf8a4cc155df9b0bae066d89f2be2017f4aa86ef8544d9
5e39a8bb7dc50616b9f41997f90bbb8330be6eb35bb973995618c38a0e3c21f4
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6010e95e45ae8c7c0064724e1ea3ac9495ae55a6241633446db052364c06f5f3
61060bc5f50e51d7bd496f3aa1c767bc3cda67987b059dab79883f449d2126ea
6351200898e8b79dab49d74ccb927791de5c727d886cadc0304255ec669803c6
6741e40d6f221184f305d53cdd6de5d97ab2a9b176439a803b53079767c02b4c
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
70b914de15dd75628895223bfe09012e3687598bca4dbaa34a97234f6a8826e9
7172c762ffa285abc88263e0c8ec5db3768a4dddab67160430201b3b7cfbcf4e
72115774e068a807b1bc1aaa7f2df4d92038535bf0ff021c0a0cf5c3d9e6642a
751de84056066daada8f0770653a02f8d7f1a29f586943560079087ca28da14b
7550422be924155591b0f7f7cbd4d801ec2dfce10c940671859d680376f28953
759bb20758d262e0e87e14902ffea4f8f3ea55ef1a1a0da27361257b9ef0e4e9
777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1
7a221c8f9612a16fd7f7370ac3c6bc31339f7dbdf328f1bbb4261d26123d1de4
7cfbe6726ad9f6e3fbe5d85b2ecfc3292ae7f866495ffc5a733165f48d7c0c57
7d210ae97241d56e7785760f06e1f93cb44693f79dc4ba351f3aa695400f9e8f
7d53e38bd6add65fdb28bb71b6c3e9f8703e68cfb66437dbacb28eb88dacb429
7e0fd4f149d2dd74f194c7caad423859b8ec0e755520121b4c0ad2920fc7dc5a
7ecfaafc0101fac594b8c7043c42078edf52c2be4e995c9675750ee446058eea
86075410b6f2d0ca58b0b8fb1a63cca3ddd4bcc0af2b8baa07d7dcb2a8f88c19
89edb02111cfd8adf8830224f33a01ae87fe644a8626698e5fe9095b0f356c58
8ac0986d4fc42d7720dfc711011f72c0ea80d0849ba5eede697f75a2f2c4a3cf
8fd03d35400cffeee57d6841c18e4b8767e7313693be817b2349417baee7476a
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
9336d4444945f9d00eba7ab5c6053dc8136134a83d2c0ee1ca7daa74db3a3654
987fe16a06480857707ae20da4ad1207a246d68f87c400f5c06af8eb6d910317
98a1b38b4834390ea4677f618f3c27537ef2ede47494dabd0e3b578387b41a93
996eba747c8503c51b80debed0a4e8ee890e8cbef68c6da1bafa93b6b7a30389
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9b462a4d73579b858a23aca5c23b3e4e70f5206852c6de99c73ef4ed6748fcc4
9c2bdbff042e3c61e76290aa2e8b3e1730ce5dbe7143e24e7f26f124a6ba5901
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978
aaae4aa9532a0d29d75f501420392cf81e7e0277e6ba096053eadadcb28ba53e
aabcce9eb8089e7b61c125db15d92ae0faa4d42f8bdbfcf1f71771da290f9c8c
ae1be274467120417ab21b0c604659aeb3661d63190a9b2612bac20186ce611a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7a7aee163fec25402103df999389034017bd95ed11f4da0b74e1d9931087a0c
ba7cf61fdcdf00d35a19644dd6e14a0806b07e77a16044126c0bb6c500d6f94d
bd9d3ffc9736c7e3c1fb20ce6d52b18332b65bea12b7502e57d6e4fa1158dd17
c97a47256e213872b8ebe591ae8301d8cc8a6aeae35383b46dd405a51e211523
cbe0b141b03968fa840fcdfa2e89c82360443b0302e3da19b1d7283dcba2849b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0067869f86ff2c390fca1e3299d7af086cbdc1cb7eb6bb470a6784d5da1c7af
d0b5caf4da2469b44bba4d9f46f76ea1840ec1b57aad8ecffb4b65ab6512265a
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d467166fee9ec59069da57cf31c03bc46d324e31680ad172e38fd90076337baa
d47add8b2cc0df7b9429f054bfa05bce22171307fc1fa52d1bc461d232c5ab5d
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d6f337768e0e2b4df4002bb6a9a7d63198338ff583e49f78611a3f91dc7d8b8a
e3451828e75cf4087bc16a1b4185714833a6d85fe359b8c642c47b377c88b20d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7
e9474c8b3065f1108c49da7fd86609e9a7da32aad79f99ef021590b7b626be78
f0cc4ee9dc83925f474ab0b5ed3a5395038c979e157d4bae8e67225f1b0922d8
f9432669a6dd405a88204a0114bd50250196d95d93dfa67abaedf1cf0fd35f4e
fb4b392e6ea505543b3d88814ec0afd6f5780b71956c5ad6ff8482c794437c01
fbffdd5c2d3b1e18c499d2816fb77b9ad2484919d118773466e43251e3716689

probable-zipper.sa.com Open in urlscan Pro 172.67.180.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

96 %HTTPS

0 %IPv6

26 Domains

33 Subdomains

31 IPs

6 Countries

2266 kBTransfer

6954 kBSize

14 Cookies

51 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

probable-zipper.sa.com Open in urlscan Pro
172.67.180.177 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

96 %
HTTPS

0 %
IPv6

26
Domains

33
Subdomains

31
IPs

6
Countries

2266 kB
Transfer

6954 kB
Size

14
Cookies

100 HTTP transactions
0 data transactions