urlscan.io logo urlscan.io
SecurityTrails logo

www.simon.com Open in urlscan Pro
165.254.56.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://simon.com/rewardcards
Effective URL: https://www.simon.com/rewardcards
Submission: On June 05 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 5 countries across 21 domains to perform 52 HTTP transactions. The main IP is 165.254.56.72, located in London, United Kingdom and belongs to YOTTAA-AS-1, US. The main domain is www.simon.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 21st 2020. Valid for: 2 years.
This is the only time www.simon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 20.69.216.13 8075 (MICROSOFT...)
3 165.254.56.72 393259 (YOTTAA-AS-1)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 52.58.219.239 16509 (AMAZON-02)
3 151.101.14.133 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2620:1ec:bdf::67 8068 (MICROSOFT...)
1 3.226.124.116 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2.18.233.88 16625 (AKAMAI-AS)
2 2620:116:800d... 16509 (AMAZON-02)
1 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 165.254.56.66 393259 (YOTTAA-AS-1)
3 192.229.133.90 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 104.17.209.240 13335 (CLOUDFLAR...)
1 52.30.251.90 16509 (AMAZON-02)
1 34.254.140.182 16509 (AMAZON-02)
52 28
1    20.69.216.13 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
simon.com
3    165.254.56.72 (London, United Kingdom)

ASN393259 (YOTTAA-AS-1, US)
www.simon.com
6    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.58.219.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-219-239.eu-central-1.compute.amazonaws.com
simm.netmng.com
3    151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
1    2606:4700:10::6814:14ef (United States)

ASN13335 (CLOUDFLARENET, US)
rum-static.pingdom.net
4    2620:1ec:bdf::67 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    3.226.124.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-124-116.compute-1.amazonaws.com
p.placed.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2.18.233.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-88.deploy.static.akamaitechnologies.com
adc3ef35f321fe6e725a-fb8aac3b3bf42afe824f73b606f0aa4c.ssl.cf1.rackcdn.com
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
pubads.g.doubleclick.net
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:218e:7a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    165.254.56.66 (London, United Kingdom)

ASN393259 (YOTTAA-AS-1, US)
qoe-1.yottaa.net
3    192.229.133.90 (United States)

ASN15133 (EDGECAST, US)
cdn-vzn.yottaa.net
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)
znbxgbnorumafz325-spg.siteintercept.qualtrics.com
1    52.30.251.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-251-90.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    34.254.140.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-140-182.eu-west-1.compute.amazonaws.com
rum-collector-2.pingdom.net
Domain Requested by
6 cdn.cookielaw.org www.simon.com
cdn.cookielaw.org
4 www.facebook.com www.simon.com
4 www.clarity.ms www.simon.com
www.clarity.ms
3 cdn-vzn.yottaa.net www.simon.com
3 connect.facebook.net www.simon.com
connect.facebook.net
3 www.simon.com www.simon.com
2 c.clarity.ms 1 redirects www.simon.com
2 qoe-1.yottaa.net www.simon.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 cdn.krxd.net www.simon.com
cdn.krxd.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.simon.com
www.googletagmanager.com
1 rum-collector-2.pingdom.net rum-static.pingdom.net
1 beacon.krxd.net cdn.krxd.net
1 znbxgbnorumafz325-spg.siteintercept.qualtrics.com www.simon.com
1 consumer.krxd.net cdn.krxd.net
1 c.bing.com 1 redirects
1 pixel.quantserve.com www.simon.com
1 www.google.com www.simon.com
1 rules.quantcount.com secure.quantserve.com
1 pubads.g.doubleclick.net www.simon.com
1 secure.quantserve.com www.simon.com
1 adc3ef35f321fe6e725a-fb8aac3b3bf42afe824f73b606f0aa4c.ssl.cf1.rackcdn.com www.simon.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 p.placed.com www.simon.com
1 rum-static.pingdom.net www.googletagmanager.com
1 simm.netmng.com www.simon.com
1 simon.com 1 redirects
0 www.google.de Failed www.simon.com
52 30
Subject Issuer Validity Valid
www.simon.com
Go Daddy Secure Certificate Authority - G2		 2020-01-21 -
2022-01-21		 2 years crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.netmng.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-04 -
2022-02-04		 a year crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
*.pingdom.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-15 -
2022-01-15		 a year crt.sh
www.clarity.ms
DigiCert SHA2 Secure Server CA		 2020-09-03 -
2021-09-03		 a year crt.sh
p.placed.com
Amazon		 2021-03-11 -
2022-04-09		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
*.ssl.cf1.rackcdn.com
DigiCert SHA2 Secure Server CA		 2020-04-19 -
2021-07-19		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2020-08-03 -
2022-10-03		 2 years crt.sh
www.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
c.msn.com
Microsoft RSA TLS CA 02		 2021-02-03 -
2022-02-03		 a year crt.sh
consumer.krxd.net
DigiCert SHA2 Secure Server CA		 2020-09-14 -
2021-09-14		 a year crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2020-10-26 -
2021-11-26		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.simon.com/rewardcards
Frame ID: 2E7A389305ECF002F7A92B54DA0C5208
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://simon.com/rewardcards HTTP 301
    https://www.simon.com/rewardcards Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

52
Requests

96 %
HTTPS

55 %
IPv6

21
Domains

30
Subdomains

28
IPs

5
Countries

1069 kB
Transfer

2782 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://simon.com/rewardcards HTTP 301
    https://www.simon.com/rewardcards Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=88E8E12F1DDB46B8AA61C8E2D9C60CE9&RedC=c.clarity.ms&MXFR=06AC4A9708F46F6209F35ADA0CF4615F HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=88E8E12F1DDB46B8AA61C8E2D9C60CE9&MUID=1CDB5704F7D0649104674749F6BB653D

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request rewardcards
www.simon.com/
Redirect Chain
  • http://simon.com/rewardcards
  • https://www.simon.com/rewardcards
81 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.72 London, United Kingdom, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
49e8e1901bded41a490d7a965a0a8dd00e1c5e91ed050b95f087a143e1a5459b
Security Headers
Name Value
Content-Security-Policy default-src *.splashthat.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com d3j72de684fey1.cloudfront.net mipubapistorageprod.blob.core.windows.net 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com web-proxy.mappedin.com *.fullstory.com *.googleusercontent.com *.movies-previews.com cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com fcmatch.youtube.com blob: snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.google.com.mx *.gstatic.cn; img-src stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.cookielaw.org *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.yahoo.com *.google.com *.yimg.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com *.fullstory.com *.movies-previews.com *.googleusercontent.com mipubapistorageprod.blob.core.windows.net; script-src d3j72de684fey1.cloudfront.net *.rackspacecloud.com *.mappedin.com 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net *.facebook.com *.simon.com *.qualtrics.com *.doubleclick.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com data: *.facebook.net *.clickmeter.com 'self' 'unsafe-inline' *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net mipubapistorageprod.blob.core.windows.net *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com; script-src-elem *.facebook.com *.facebook.net data: *.pingdom.net *.krxd.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com *.gstatic.cn *.google.com *.yimg.com *.doubleclick.net *.qualtrics.com web-proxy.mappedin.com 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com.mx mipubapistorageprod.blob.core.windows.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.simon.com
:scheme
https
:path
/rewardcards
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
content-type
text/html; charset=utf-8
pragma
no-cache
expires
-1
set-cookie
ASP.NET_SessionId=e5152mzu1ojjfqwuyys4dlpa; path=/; secure; HttpOnly; SameSite=Lax
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
access-control-allow-origin
http://*.simon.com https://*.simon.com https://*.simon-ops.com http://*.simon-ops.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
Content-Type, soapaction
cache-control
no-cache
x-yottaa-os
404
x-yottaa-optimizations
ob/1000 si/34D1a5fe3848-1622834623-2228363738 tts/1622836220739 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
content-security-policy
default-src *.splashthat.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com d3j72de684fey1.cloudfront.net mipubapistorageprod.blob.core.windows.net 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com web-proxy.mappedin.com *.fullstory.com *.googleusercontent.com *.movies-previews.com cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com fcmatch.youtube.com blob: snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.google.com.mx *.gstatic.cn; img-src stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.cookielaw.org *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.yahoo.com *.google.com *.yimg.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com *.fullstory.com *.movies-previews.com *.googleusercontent.com mipubapistorageprod.blob.core.windows.net; script-src d3j72de684fey1.cloudfront.net *.rackspacecloud.com *.mappedin.com 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net *.facebook.com *.simon.com *.qualtrics.com *.doubleclick.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com data: *.facebook.net *.clickmeter.com 'self' 'unsafe-inline' *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net mipubapistorageprod.blob.core.windows.net *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com; script-src-elem *.facebook.com *.facebook.net data: *.pingdom.net *.krxd.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com *.gstatic.cn *.google.com *.yimg.com *.doubleclick.net *.qualtrics.com web-proxy.mappedin.com 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com.mx mipubapistorageprod.blob.core.windows.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
content-encoding
gzip
age
0
x-yottaa-metrics
3421a5fe382c/[250,245,-] 34D1a5fe3848/[-,252.773]

Redirect headers

Date
Sat, 05 Jun 2021 04:24:34 GMT
Content-Type
text/html; charset=utf-8
Content-Length
150
Connection
keep-alive
Cache-Control
private
Location
https://www.simon.com/rewardcards
Server
Microsoft-IIS/10.0
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
web.min.css
www.simon.com/dist/styles/ 		203 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.simon.com/dist/styles/web.min.css
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.72 London, United Kingdom, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
3baf248ff08a512257f1cb6b9915cf949998a6cc062de57e3f05c16ba61fa45b
Security Headers
Name Value
Content-Security-Policy default-src snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.simon.com *.yottaa.net *.clarity.ms fcmatch.youtube.com blob: d3j72de684fey1.cloudfront.net *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com *.yimg.com d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net web-proxy.mappedin.com 'self' 'unsafe-inline' 'unsafe-eval' *.google.com.mx *.gstatic.cn *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com www.google-analytics.com; img-src p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com match.adsrvr.org; script-src px.ads.linkedin.com *.facebook.net *.facebook.com *.qualtrics.com *.krxd.net *.doubleclick.net d3j72de684fey1.cloudfront.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com 'self' 'unsafe-inline' 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com rules.quantcount.com *.pingdom.net data:; script-src-elem rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net px.ads.linkedin.com p.adsymptotic.com www.linkedin.com *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv *.yahoo.com *.cookielaw.org *.onetrust.com 'self' 'unsafe-inline' 'unsafe-eval' *.google.com.mx *.gstatic.cn *.clarity.ms simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.yottaa.net *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com web-proxy.mappedin.com *.fullstory.com; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/dist/styles/web.min.css
pragma
no-cache
cookie
ASP.NET_SessionId=e5152mzu1ojjfqwuyys4dlpa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.simon.com
referer
https://www.simon.com/rewardcards
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.simon.com/rewardcards
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44792
x-yottaa-optimizations
ob/100011001 si/34D1a5fe3848-1622763416-2586636257 tts/1622821622169 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
vary
Accept-Encoding
content-length
38399
x-xss-protection
1; mode=block
x-yottaa-forcecache
true
last-modified
Fri, 04 Jun 2021 17:28:50 GMT
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
etag
W/"0f56156759d71:0"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css
x-yottaa-os
200
x-yottaa-metrics
3421a5fe382d/[453,437,-] 34D1a5fe3848/[hit]
content-security-policy
default-src snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.simon.com *.yottaa.net *.clarity.ms fcmatch.youtube.com blob: d3j72de684fey1.cloudfront.net *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com *.yimg.com d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net web-proxy.mappedin.com 'self' 'unsafe-inline' 'unsafe-eval' *.google.com.mx *.gstatic.cn *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com www.google-analytics.com; img-src p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com match.adsrvr.org; script-src px.ads.linkedin.com *.facebook.net *.facebook.com *.qualtrics.com *.krxd.net *.doubleclick.net d3j72de684fey1.cloudfront.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com 'self' 'unsafe-inline' 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com rules.quantcount.com *.pingdom.net data:; script-src-elem rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net px.ads.linkedin.com p.adsymptotic.com www.linkedin.com *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv *.yahoo.com *.cookielaw.org *.onetrust.com 'self' 'unsafe-inline' 'unsafe-eval' *.google.com.mx *.gstatic.cn *.clarity.ms simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.yottaa.net *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com web-proxy.mappedin.com *.fullstory.com; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
H8Znzy3Akix+HhQXpXQuNw==
age
5000
vary
Accept-Encoding
content-length
5809
cf-request-id
0a7c03763c00002b1e3a0cc000000001
x-ms-lease-status
unlocked
last-modified
Tue, 01 Jun 2021 19:18:08 GMT
server
cloudflare
etag
0x8D92531FD64E522
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f0be0815-901e-015c-4ce1-576f4a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
65a6a1d06c222b1e-FRA
gtm.js
www.googletagmanager.com/ 		198 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-BXDR
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc1b00546c092c24d6d691a9579f309a8c4687823cfb96a61b51f95f8a7b2fcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49551
x-xss-protection
0
last-modified
Sat, 05 Jun 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 05 Jun 2021 04:24:34 GMT
05ed0efa-bf20-4973-aadc-0fc8f2935d9b.json
cdn.cookielaw.org/consent/05ed0efa-bf20-4973-aadc-0fc8f2935d9b/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/05ed0efa-bf20-4973-aadc-0fc8f2935d9b/05ed0efa-bf20-4973-aadc-0fc8f2935d9b.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c8fd8f4ed6ebd57cfbfdaaa40ca9c810f586a5f56a45f24a43ae1d49a8c60e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ZlINjwWx4xHIMIeQYBXHIw==
age
4543
vary
Accept-Encoding
content-length
1509
cf-request-id
0a7c03767400004df4b3a85000000001
x-ms-lease-status
unlocked
last-modified
Wed, 21 Apr 2021 21:09:21 GMT
server
cloudflare
etag
0x8D90509BC33BF9E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9767a5f8-f01e-0180-10d3-373d19000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
65a6a1d0bf834df4-FRA
js
www.googletagmanager.com/gtag/ 		119 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-27H1864FVV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-BXDR
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a3999f799910424a1cfb18f8ee14b5cf73af38e87945b10e95676744150536b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46689
x-xss-protection
0
expires
Sat, 05 Jun 2021 04:24:34 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-BXDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4391
date
Sat, 05 Jun 2021 03:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 05 Jun 2021 05:11:23 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24155
x-fb-rlafr
0
pragma
public
x-fb-debug
kKconsN7zqR3Fvo6QlbbGs9gYbdFmGsBiCrnBi+tfUbQgqK4U91eo7EO+bEGqzP9iE87dgjBX+zn+Z7VqV6Apw==
x-fb-trip-id
1527350943
x-frame-options
DENY
date
Sat, 05 Jun 2021 04:24:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
simm.netmng.com/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simm.netmng.com/?aid=4715&siclientid=
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.219.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-219-239.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
last-modified
Thu, 09 Jul 2015 13:35:47 GMT
server
nginx
accept-ranges
bytes
etag
"559e78b3-0"
content-length
0
content-type
text/html
safdqjeaq.js
cdn.krxd.net/controltag/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/safdqjeaq.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b9afb1abf22958ef527ca538187fa95d9aed67a27126cd645a66c5320cb3c8c

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sat, 05 Jun 2021 04:24:34 GMT
via
1.1 varnish, 1.1 varnish
age
173
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
6022
x-served-by
config-service-a005-ash-prod.krxd.net, cache-bwi5141-BWI, cache-fra19130-FRA
x-response-time
0
x-do-esi
esi
x-timer
S1622867075.763257,VS0,VE89
etag
"594b59886da0d06c3240fa45f4258314a3b6da19"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 2, 1
pa-5a1c6fb130a8ef0007000046.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/pa-5a1c6fb130a8ef0007000046.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-BXDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ad4078265c38b70dfbb6a54489556bae4f425870839e49203785b74d8994a0

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 11 May 2021 14:01:36 GMT
server
cloudflare
etag
W/"609a8e40-1852"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
65a6a1d0fbea4ee6-FRA
cf-request-id
0a7c03769b00004ee6b6aa6000000001
expires
Sat, 05 Jun 2021 04:29:34 GMT
53dryjcrcx
www.clarity.ms/tag/ 		479 B
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/53dryjcrcx
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
49d51c47ea6f82b6ed4f1f830952a0f15dace415b511ef213b06e8d842442d39

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
x-powered-by
ASP.NET
x-azure-ref
0gvy6YAAAAAAR1eLBp67aSJN/eEEAXAQHRlJBRURHRTEwMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f
content-length
479
expires
-1
impression
p.placed.com/api/v2/sync/ 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.placed.com/api/v2/sync/impression?partner=optimedia&version=1.0&plaid=a1119sm-wsdirq4&payload_campaign_identifier=sm-wsdscom&payload_timestamp=1492042880&payload_type=impression
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.124.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-124-116.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 05 Jun 2021 04:24:35 GMT
Via
1.1 ip-172-22-6-138.ec2.internal
Server
Apache-Coyote/1.1
Age
0
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		164 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
65a6a1d0fedc3233-FRA
cf-request-id
0a7c03769b000032338209a000000001
404_1200.jpg
adc3ef35f321fe6e725a-fb8aac3b3bf42afe824f73b606f0aa4c.ssl.cf1.rackcdn.com/Simon%20Website/404/ 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adc3ef35f321fe6e725a-fb8aac3b3bf42afe824f73b606f0aa4c.ssl.cf1.rackcdn.com/Simon%20Website/404/404_1200.jpg
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c211cd289c46a31af602fdd7a8849c0892a8d7d65c08a4cdbbd1362bddd0a6a7

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 05 Jun 2021 04:24:34 GMT
Origin
https://mycloud.rackspace.com
Last-Modified
Tue, 22 Jan 2019 16:14:02 GMT
X-Trans-Id
tx79caf21b8be5448389ce6-0060b478a4dfw1
ETag
e9a095e05a740f3a03cac6d9ae25101e
Content-Type
image/jpeg
X-Timestamp
1548173641.46448
Cache-Control
public, max-age=42255
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
187760
Expires
Sat, 05 Jun 2021 16:08:49 GMT
app.js
www.simon.com/dist/scripts/ 		236 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simon.com/dist/scripts/app.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.254.56.72 London, United Kingdom, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b3ce09fde42bad21a86867ac46e13f75e1ff421354a6216b0e0844f9bfb9db19
Security Headers
Name Value
Content-Security-Policy default-src snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.simon.com *.yottaa.net *.clarity.ms fcmatch.youtube.com blob: d3j72de684fey1.cloudfront.net *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com *.yimg.com d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net web-proxy.mappedin.com 'self' 'unsafe-inline' 'unsafe-eval' *.google.com.mx *.gstatic.cn *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com www.google-analytics.com; img-src p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com match.adsrvr.org; script-src px.ads.linkedin.com *.facebook.net *.facebook.com *.qualtrics.com *.krxd.net *.doubleclick.net d3j72de684fey1.cloudfront.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com 'self' 'unsafe-inline' 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com rules.quantcount.com *.pingdom.net data:; script-src-elem rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net px.ads.linkedin.com p.adsymptotic.com www.linkedin.com *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv *.yahoo.com *.cookielaw.org *.onetrust.com 'self' 'unsafe-inline' 'unsafe-eval' *.google.com.mx *.gstatic.cn *.clarity.ms simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.yottaa.net *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com web-proxy.mappedin.com *.fullstory.com; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/dist/scripts/app.js
pragma
no-cache
cookie
ASP.NET_SessionId=e5152mzu1ojjfqwuyys4dlpa; _gcl_au=1.1.1064694675.1622867075
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.simon.com
referer
https://www.simon.com/rewardcards
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.simon.com/rewardcards
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42726
x-yottaa-optimizations
ob/1011 si/34D1a5fe3848-1622763416-2586702277 tts/1622821622169 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
vary
Accept-Encoding
content-length
76095
x-xss-protection
1; mode=block
x-yottaa-forcecache
true
last-modified
Fri, 04 Jun 2021 17:28:50 GMT
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
etag
W/"0f56156759d71:0"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript
x-yottaa-metrics
3421a5fe3832/[2,-,1622822669863] 34D1a5fe3848/[hit]
content-security-policy
default-src snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.simon.com *.yottaa.net *.clarity.ms fcmatch.youtube.com blob: d3j72de684fey1.cloudfront.net *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com *.yimg.com d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net web-proxy.mappedin.com 'self' 'unsafe-inline' 'unsafe-eval' *.google.com.mx *.gstatic.cn *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com www.google-analytics.com; img-src p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com match.adsrvr.org; script-src px.ads.linkedin.com *.facebook.net *.facebook.com *.qualtrics.com *.krxd.net *.doubleclick.net d3j72de684fey1.cloudfront.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com 'self' 'unsafe-inline' 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com rules.quantcount.com *.pingdom.net data:; script-src-elem rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net px.ads.linkedin.com p.adsymptotic.com www.linkedin.com *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv *.yahoo.com *.cookielaw.org *.onetrust.com 'self' 'unsafe-inline' 'unsafe-eval' *.google.com.mx *.gstatic.cn *.clarity.ms simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.yottaa.net *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com web-proxy.mappedin.com *.fullstory.com; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sat, 12 Jun 2021 04:24:34 GMT
DFPAudiencePixel;ord=4830135947864.773;dc_seg=467718243
pubads.g.doubleclick.net/activity;dc_iu=/5349/ 		42 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/5349/DFPAudiencePixel;ord=4830135947864.773;dc_seg=467718243?
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 05 Jun 2021 04:24:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=233432681&t=pageview&_s=1&dl=https%3A%2F%2Fwww.simon.com%2Frewardcards&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Simon%20Malls&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=909844695&gjid=527892809&cid=1710377910.1622867075&tid=UA-26778601-3&_gid=1551683750.1622867075&_r=1&gtm=2wg621BXDR&z=1973551536
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 05 Jun 2021 04:24:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.simon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1140158146042774
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1140158146042774?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf8e0fab741fa2fd4df39f54de167635a0a3b5df99f2de090b09d30ccd9d0b6a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
/NsD0RAKIQOy2PExwc3QZccBAE3MkLWlVECdwWqM2yPr6YtZ7/jaS9ri6NW0mZ2vcv1ZCsYVGfCIhEXqTLip9w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 05 Jun 2021 04:24:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.16.0/ 		374 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dGCXlveaBvO7BI0nfZKP+g==
age
5565475
vary
Accept-Encoding
content-length
85065
cf-request-id
0a7c0376b900002b1eab1a4000000001
x-ms-lease-status
unlocked
last-modified
Mon, 29 Mar 2021 02:12:28 GMT
server
cloudflare
etag
0x8D8F2581A370641
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
be1a1759-401e-017c-7124-270386000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
65a6a1d12d662b1e-FRA
expires
Sun, 13 Jun 2021 04:24:34 GMT
rules-p-55i0AadBofWFE.js
rules.quantcount.com/ 		3 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-55i0AadBofWFE.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:7a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 09:26:12 GMT
via
1.1 fb7dd4ab7d279a5ac003ba27474cf5ef.cloudfront.net (CloudFront)
age
68303
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:59:20 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
x-amz-cf-id
I9_y1priPJ5MySnxT3K2hw-8ozjML9PKY5oHxEj7eNcaz5fbnm-S3Q==
collect
analytics.google.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-27H1864FVV&gtm=2oe621&_p=233432681&sr=1600x1200&_gaz=1&ul=en-us&cid=1710377910.1622867075&_s=1&dl=https%3A%2F%2Fwww.simon.com%2Frewardcards&dt=Page%20Not%20Found%20-%20Simon%20Malls&sid=1622867074&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-27H1864FVV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 05 Jun 2021 04:24:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.simon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-27H1864FVV&cid=1710377910.1622867075&gtm=2oe621&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-27H1864FVV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 05 Jun 2021 04:24:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.simon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-reports
qoe-1.yottaa.net/_/ 		3 B
191 B 		Other
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.254.56.66 London, United Kingdom, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

access-control-allow-origin
*
date
Sat, 05 Jun 2021 04:24:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/json
timing-allow-origin
*
access-control-expose-headers
X-Results-Data-Source
ga-audiences
www.google.de/ads/ 		0
0
simon-circular-pro-book-c.woff2
cdn-vzn.yottaa.net/555a305b2bb0ac71b9002d22/10ec148069090139fdee0ead9ecbf798.yottaa.net/v~4b.25f.0.0/fonts/ 		60 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-vzn.yottaa.net/555a305b2bb0ac71b9002d22/10ec148069090139fdee0ead9ecbf798.yottaa.net/v~4b.25f.0.0/fonts/simon-circular-pro-book-c.woff2?yocs=B_D_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/dist/styles/web.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.90 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F346) /
Resource Hash
16c4b7933a93e06aa3495c11d36345baaa488ddf4f12a01dbb6e51bb3e887d10
Security Headers
Name Value
Content-Security-Policy default-src *.splashthat.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com d3j72de684fey1.cloudfront.net mipubapistorageprod.blob.core.windows.net 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com web-proxy.mappedin.com *.fullstory.com *.googleusercontent.com *.movies-previews.com cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com fcmatch.youtube.com blob: snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.google.com.mx *.gstatic.cn; img-src stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.cookielaw.org *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.yahoo.com *.google.com *.yimg.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com *.fullstory.com *.movies-previews.com *.googleusercontent.com mipubapistorageprod.blob.core.windows.net; script-src d3j72de684fey1.cloudfront.net *.rackspacecloud.com *.mappedin.com 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net *.facebook.com *.simon.com *.qualtrics.com *.doubleclick.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com data: *.facebook.net *.clickmeter.com 'self' 'unsafe-inline' *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net mipubapistorageprod.blob.core.windows.net *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com; script-src-elem *.facebook.com *.facebook.net data: *.pingdom.net *.krxd.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com *.gstatic.cn *.google.com *.yimg.com *.doubleclick.net *.qualtrics.com web-proxy.mappedin.com 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com.mx mipubapistorageprod.blob.core.windows.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.simon.com
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src *.splashthat.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com d3j72de684fey1.cloudfront.net mipubapistorageprod.blob.core.windows.net 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com web-proxy.mappedin.com *.fullstory.com *.googleusercontent.com *.movies-previews.com cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com fcmatch.youtube.com blob: snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.google.com.mx *.gstatic.cn; img-src stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.cookielaw.org *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.yahoo.com *.google.com *.yimg.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com *.fullstory.com *.movies-previews.com *.googleusercontent.com mipubapistorageprod.blob.core.windows.net; script-src d3j72de684fey1.cloudfront.net *.rackspacecloud.com *.mappedin.com 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net *.facebook.com *.simon.com *.qualtrics.com *.doubleclick.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com data: *.facebook.net *.clickmeter.com 'self' 'unsafe-inline' *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net mipubapistorageprod.blob.core.windows.net *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com; script-src-elem *.facebook.com *.facebook.net data: *.pingdom.net *.krxd.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com *.gstatic.cn *.google.com *.yimg.com *.doubleclick.net *.qualtrics.com web-proxy.mappedin.com 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com.mx mipubapistorageprod.blob.core.windows.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
age
6452
x-yottaa-optimizations
ob/10 si/33118cae0c60-1619510390-146107325 tts/1622836220739 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
x-yottaa-metrics
33218cae0ca4/[2,-,1622856842811] 33118cae0c60/[-,6.747]
content-length
61696
x-xss-protection
1; mode=block
x-yottaa-forcecache
true, true
last-modified
Fri, 05 May 2017 15:44:42 GMT
server
ECS (via/F346)
date
Sat, 05 Jun 2021 04:24:34 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public,max-age=7200
etag
"091483b6c5d21:0"
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type, soapaction
simon-circular-pro-bold-c.woff2
cdn-vzn.yottaa.net/555a305b2bb0ac71b9002d22/10ec148069090139fdee0ead9ecbf798.yottaa.net/v~4b.25f.0.0/fonts/ 		67 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-vzn.yottaa.net/555a305b2bb0ac71b9002d22/10ec148069090139fdee0ead9ecbf798.yottaa.net/v~4b.25f.0.0/fonts/simon-circular-pro-bold-c.woff2?yocs=B_D_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/dist/styles/web.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.90 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F343) /
Resource Hash
d8b5868763ca6a59150ba893e61fdb95bb4bf05e57d058fce35269db8fec2aea
Security Headers
Name Value
Content-Security-Policy default-src *.splashthat.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com d3j72de684fey1.cloudfront.net mipubapistorageprod.blob.core.windows.net 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com web-proxy.mappedin.com *.fullstory.com *.googleusercontent.com *.movies-previews.com cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com fcmatch.youtube.com blob: snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.google.com.mx *.gstatic.cn; img-src stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.cookielaw.org *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.yahoo.com *.google.com *.yimg.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com *.fullstory.com *.movies-previews.com *.googleusercontent.com mipubapistorageprod.blob.core.windows.net; script-src d3j72de684fey1.cloudfront.net *.rackspacecloud.com *.mappedin.com 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net *.facebook.com *.simon.com *.qualtrics.com *.doubleclick.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com data: *.facebook.net *.clickmeter.com 'self' 'unsafe-inline' *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net mipubapistorageprod.blob.core.windows.net *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com; script-src-elem *.facebook.com *.facebook.net data: *.pingdom.net *.krxd.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com *.gstatic.cn *.google.com *.yimg.com *.doubleclick.net *.qualtrics.com web-proxy.mappedin.com 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com.mx mipubapistorageprod.blob.core.windows.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.simon.com
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src *.splashthat.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com d3j72de684fey1.cloudfront.net mipubapistorageprod.blob.core.windows.net 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com web-proxy.mappedin.com *.fullstory.com *.googleusercontent.com *.movies-previews.com cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com fcmatch.youtube.com blob: snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.google.com.mx *.gstatic.cn; img-src stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.cookielaw.org *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.yahoo.com *.google.com *.yimg.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com *.fullstory.com *.movies-previews.com *.googleusercontent.com mipubapistorageprod.blob.core.windows.net; script-src d3j72de684fey1.cloudfront.net *.rackspacecloud.com *.mappedin.com 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net *.facebook.com *.simon.com *.qualtrics.com *.doubleclick.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com data: *.facebook.net *.clickmeter.com 'self' 'unsafe-inline' *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net mipubapistorageprod.blob.core.windows.net *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com; script-src-elem *.facebook.com *.facebook.net data: *.pingdom.net *.krxd.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com *.gstatic.cn *.google.com *.yimg.com *.doubleclick.net *.qualtrics.com web-proxy.mappedin.com 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com.mx mipubapistorageprod.blob.core.windows.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
age
6453
x-yottaa-optimizations
ob/100 si/2511cc02853e-1619493916-2067136930 tts/1622836220739 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
x-yottaa-metrics
2521cc028528/[6,-,1622858164589] 2511cc02853e/[-,10.201]
content-length
68696
x-xss-protection
1; mode=block
x-yottaa-forcecache
true, true
last-modified
Fri, 05 May 2017 15:44:42 GMT
server
ECS (via/F343)
date
Sat, 05 Jun 2021 04:24:34 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public,max-age=7200
etag
"091483b6c5d21:0"
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type, soapaction
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-26778601-3&cid=1710377910.1622867075&jid=909844695&gjid=527892809&_gid=1551683750.1622867075&_u=YEBAAAAAAAAAAC~&z=1849141646
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 05 Jun 2021 04:24:34 GMT
content-type
text/plain
access-control-allow-origin
https://www.simon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/05ed0efa-bf20-4973-aadc-0fc8f2935d9b/35d493db-8e37-46e4-ac57-d80fcab1812d/ 		65 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/05ed0efa-bf20-4973-aadc-0fc8f2935d9b/35d493db-8e37-46e4-ac57-d80fcab1812d/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c09e9bbbcd4fb4df740520ba85ec4a6f8619117c34850d7746cbd07c5961c36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uuUt4qfjWnXP+LoCJpZuUg==
age
5460
vary
Accept-Encoding
content-length
13925
cf-request-id
0a7c0376ed00004df4101d3000000001
x-ms-lease-status
unlocked
last-modified
Wed, 21 Apr 2021 21:09:30 GMT
server
cloudflare
etag
0x8D90509C189E84A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
537b3cb5-901e-001c-5cd3-3700f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
65a6a1d178914df4-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
DKM3/i+7h7Fs8cEMor3s2A==
age
3731312
vary
Accept-Encoding
content-length
2938
cf-request-id
0a7c03771200004df4d08ea000000001
x-ms-lease-status
unlocked
last-modified
Mon, 29 Mar 2021 02:12:19 GMT
server
cloudflare
etag
0x8D8F25814EBA7C9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
bf4da09a-e01e-0090-28d3-374daa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
65a6a1d1b8e14df4-FRA
expires
Sun, 13 Jun 2021 04:24:34 GMT
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/ 		46 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2Zi7TemSsXHh6hY5sI0Yeg==
age
3731313
vary
Accept-Encoding
content-length
11890
cf-request-id
0a7c03771300004df4b3a90000000001
x-ms-lease-status
unlocked
last-modified
Mon, 29 Mar 2021 02:12:22 GMT
server
cloudflare
etag
0x8D8F258166DAEAC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
97c565fc-a01e-0014-15d3-371b82000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
65a6a1d1b8e34df4-FRA
expires
Sun, 13 Jun 2021 04:24:34 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-26778601-3&cid=1710377910.1622867075&jid=909844695&_u=YEBAAAAAAAAAAC~&z=154574065
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 05 Jun 2021 04:24:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-reports
qoe-1.yottaa.net/_/ 		3 B
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
165.254.56.66 London, United Kingdom, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

access-control-allow-origin
*
date
Sat, 05 Jun 2021 04:24:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/json
timing-allow-origin
*
access-control-expose-headers
X-Results-Data-Source
ga-audiences
www.google.de/ads/ 		0
0
pixel;r=228413481;rf=0;a=p-55i0AadBofWFE;url=https%3A%2F%2Fwww.simon.com%2Frewardcards;uht=2;fpan=1;fpa=P0-670370796-1622867074838;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=228413481;rf=0;a=p-55i0AadBofWFE;url=https%3A%2F%2Fwww.simon.com%2Frewardcards;uht=2;fpan=1;fpa=P0-670370796-1622867074838;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=simon.com;je=0;sr=1600x1200x24;dst=1;et=1622867074838;tzo=-120;ogl=
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 05 Jun 2021 04:24:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
161020634341891
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/161020634341891?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fd6bad9fe755b4c1d118adf09dfedae90ac1b7a9006ed72e0a416d9ad11373e0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
Kksmk6mb7vZamyGSYTZqjMEunsKZYAv6Q569wDBQ1FAH4PWeGdvAddM2ItkLKo2EyghwZqJwrCkmrtmqUKrUEA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 05 Jun 2021 04:24:35 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1140158146042774&ev=PageView&dl=https%3A%2F%2Fwww.simon.com%2Frewardcards&rl=&if=false&ts=1622867074857&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622867074854.1029398033&it=1622867074742&coo=false&dpo=LDU&dpoco=1&dpost=1000&exp=l0&rqm=GET
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 05 Jun 2021 04:24:34 GMT
clarity.js
www.clarity.ms/vmss-scus/s/0.6.13/ 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/vmss-scus/s/0.6.13/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/53dryjcrcx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
65273119e256096ceca5b848928dd7f731ed42c6bfdeb132950ca9a34a98d374

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
br
etag
"1d756572db92087"
last-modified
Mon, 31 May 2021 19:57:26 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
public,max-age=86400
x-azure-ref
0gvy6YAAAAADouBB/Ln/+RbZJ3cVtg2eWRlJBRURHRTEwMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges
bytes
request-context
appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=88E8E12F1DDB46B8AA61C8E2D9C60CE9&RedC=c.clarity.ms&MXFR=06AC4A9708F46F6209F35ADA0CF4615F
  • https://c.clarity.ms/c.gif?CtsSyncId=88E8E12F1DDB46B8AA61C8E2D9C60CE9&MUID=1CDB5704F7D0649104674749F6BB653D
42 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=88E8E12F1DDB46B8AA61C8E2D9C60CE9&MUID=1CDB5704F7D0649104674749F6BB653D
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 05 Jun 2021 04:24:34 GMT
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"506f5bd17ad71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 05 Jun 2021 04:24:34 GMT
x-msedge-ref
Ref A: A1F83F1AE56C494F924056752C45957A Ref B: FRAEDGE1412 Ref C: 2021-06-05T04:24:34Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=88E8E12F1DDB46B8AA61C8E2D9C60CE9&MUID=1CDB5704F7D0649104674749F6BB653D
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
controltag.js.0631b7d64dbbd3656a8b7368ad227a04
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/safdqjeaq.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sat, 05 Jun 2021 04:24:34 GMT
content-encoding
gzip
age
9849150
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1945741
content-length
84451
x-served-by
cache-fra19130-FRA
last-modified
Thu, 15 Oct 2020 07:09:29 GMT
x-timer
S1622867075.924363,VS0,VE0
etag
"0631b7d64dbbd3656a8b7368ad227a04"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 13 Oct 2030 07:09:28 GMT
simon-circular-pro-light-c.woff2
cdn-vzn.yottaa.net/555a305b2bb0ac71b9002d22/10ec148069090139fdee0ead9ecbf798.yottaa.net/v~4b.25f.0.0/fonts/ 		53 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-vzn.yottaa.net/555a305b2bb0ac71b9002d22/10ec148069090139fdee0ead9ecbf798.yottaa.net/v~4b.25f.0.0/fonts/simon-circular-pro-light-c.woff2?yocs=B_D_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/dist/styles/web.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.90 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
/
Resource Hash
de8b7eefdf0a42f27db830cc777daa110c7d4244afb4d60471d230b567cbee9d
Security Headers
Name Value
Content-Security-Policy default-src *.splashthat.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com d3j72de684fey1.cloudfront.net mipubapistorageprod.blob.core.windows.net 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com web-proxy.mappedin.com *.fullstory.com *.googleusercontent.com *.movies-previews.com cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com fcmatch.youtube.com blob: snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.google.com.mx *.gstatic.cn; img-src stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.cookielaw.org *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.yahoo.com *.google.com *.yimg.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com *.fullstory.com *.movies-previews.com *.googleusercontent.com mipubapistorageprod.blob.core.windows.net; script-src d3j72de684fey1.cloudfront.net *.rackspacecloud.com *.mappedin.com 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net *.facebook.com *.simon.com *.qualtrics.com *.doubleclick.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com data: *.facebook.net *.clickmeter.com 'self' 'unsafe-inline' *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net mipubapistorageprod.blob.core.windows.net *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com; script-src-elem *.facebook.com *.facebook.net data: *.pingdom.net *.krxd.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com *.gstatic.cn *.google.com *.yimg.com *.doubleclick.net *.qualtrics.com web-proxy.mappedin.com 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com.mx mipubapistorageprod.blob.core.windows.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.simon.com
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src *.splashthat.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com d3j72de684fey1.cloudfront.net mipubapistorageprod.blob.core.windows.net 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com web-proxy.mappedin.com *.fullstory.com *.googleusercontent.com *.movies-previews.com cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com fcmatch.youtube.com blob: snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.google.com.mx *.gstatic.cn; img-src stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.cookielaw.org *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.yahoo.com *.google.com *.yimg.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com *.fullstory.com *.movies-previews.com *.googleusercontent.com mipubapistorageprod.blob.core.windows.net; script-src d3j72de684fey1.cloudfront.net *.rackspacecloud.com *.mappedin.com 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net *.facebook.com *.simon.com *.qualtrics.com *.doubleclick.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com data: *.facebook.net *.clickmeter.com 'self' 'unsafe-inline' *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net mipubapistorageprod.blob.core.windows.net *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com; script-src-elem *.facebook.com *.facebook.net data: *.pingdom.net *.krxd.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com *.gstatic.cn *.google.com *.yimg.com *.doubleclick.net *.qualtrics.com web-proxy.mappedin.com 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com.mx mipubapistorageprod.blob.core.windows.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
age
1811
x-yottaa-optimizations
ob/101 si/23114047a17c-1619453924-1858790536 tts/1622836220739 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
x-yottaa-metrics
23214047a1e4/[9,-,1622858435497] 23114047a17c/[hit]
content-length
54540
x-xss-protection
1; mode=block
x-yottaa-forcecache
true, true
last-modified
Fri, 05 May 2017 15:44:42 GMT
server
date
Sat, 05 Jun 2021 04:24:35 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public,max-age=7200
etag
"091483b6c5d21:0"
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type, soapaction
e8bc91b9-bec6-499d-b41a-7f80d0f4b1fc
consumer.krxd.net/consent/get/ 		306 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/e8bc91b9-bec6-499d-b41a-7f80d0f4b1fc?idt=device&dt=kxcookie&callback=Krux.ns.simonproperty.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2c22e82767012a69a60fc0756db2e260dca50ec4cc49d321f910e4587af8b72e

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:35 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a001-dub-prod.krxd.net, cache-fra19170-FRA
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1622867075.133600,VS0,VE29
content-length
232
x-cache-hits
0, 0
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=161020634341891&ev=PageView&dl=https%3A%2F%2Fwww.simon.com%2Frewardcards&rl=&if=false&ts=1622867075081&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622867074854.1029398033&it=1622867074742&coo=false&dpo=LDU&dpoco=1&dpost=1000&exp=l0&rqm=GET
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 05 Jun 2021 04:24:35 GMT
/
znbxgbnorumafz325-spg.siteintercept.qualtrics.com/SIE/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://znbxgbnorumafz325-spg.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_bxgBnoRUMAfz325
Requested by
Host: www.simon.com
URL: https://www.simon.com/rewardcards
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ecce1ed328f9ed5bcfd9fdd942196f348488655e9c3385417f0b4c4f51bd76ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
181291
cf-polished
origSize=57083
edge-control
max-age=604800
x-envoy-upstream-service-time
8
vary
Accept-Encoding
cf-request-id
0a7c0379d300004c8cb09ce000000001
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"defb-cbVZuoByDCRETgl0CPL0pV1hTmI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
65a6a1d61ea64c8c-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
optout_check
beacon.krxd.net/ 		67 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.simonproperty.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.251.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-251-90.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
78a928a162bbe1af36350815a67b698b98bd68b8b7d678a4b064e7c13df3e9d9

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:35 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=51 t=1622867075
x-served-by
beacon-n005-dub-prod.krxd.net
content-type
text/javascript
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=5a1c6fb130a8ef0007000046&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=603&cE=662&dLE=603&dLS=594&fS=593&hS=620&rE=-1&rS=-1&reS=662&resS=945&resE=1033&uEE=-1&uES=-1&dL=950&dI=1050&dCLES=1130&dCLEE=1130&dC=1819&lES=1819&lEE=1827&s=nt&title=Page%20Not%20Found%20-%20Simon%20Malls&path=https%3A%2F%2Fwww.simon.com%2Frewardcards&ref=&sId=l6zvul7w&sST=1622867075&sIS=1&rV=0&v=1.4.1
Requested by
Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5a1c6fb130a8ef0007000046.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.140.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-140-182.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sat, 05 Jun 2021 04:24:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1140158146042774&ev=Microdata&dl=https%3A%2F%2Fwww.simon.com%2Frewardcards&rl=&if=false&ts=1622867076363&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20Not%20Found%20-%20Simon%20Malls%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.1.1622867076360.1916727889&it=1622867074742&coo=false&dpo=LDU&dpoco=1&dpost=1000&es=automatic&tm=3&exp=l0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 05 Jun 2021 04:24:36 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=161020634341891&ev=Microdata&dl=https%3A%2F%2Fwww.simon.com%2Frewardcards&rl=&if=false&ts=1622867076585&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20Not%20Found%20-%20Simon%20Malls%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.1.1622867076360.1916727889&it=1622867074742&coo=false&dpo=LDU&dpoco=1&dpost=1000&es=automatic&tm=3&exp=l0&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 04:24:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 05 Jun 2021 04:24:36 GMT
collect
www.clarity.ms/vmss-scus/ 		7 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/vmss-scus/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/vmss-scus/s/0.6.13/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 05 Jun 2021 04:24:37 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/plain
access-control-allow-origin
https://www.simon.com
access-control-allow-credentials
true
x-azure-ref
0hvy6YAAAAACt6D2NQTxJT4wFXWLntYCfRlJBRURHRTEwMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
content-length
11
request-context
appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-27H1864FVV&gtm=2oe621&_p=233432681&sr=1600x1200&ul=en-us&cid=1710377910.1622867075&_s=2&dl=https%3A%2F%2Fwww.simon.com%2Frewardcards&dt=Page%20Not%20Found%20-%20Simon%20Malls&sid=1622867074&sct=1&seg=0&en=scroll&_et=726&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-27H1864FVV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 05 Jun 2021 04:24:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.simon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.clarity.ms/vmss-scus/ 		7 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/vmss-scus/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/vmss-scus/s/0.6.13/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 05 Jun 2021 04:24:41 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/plain
access-control-allow-origin
https://www.simon.com
access-control-allow-credentials
true
x-azure-ref
0ify6YAAAAADGHHUz7K6AQ6k2uqxor5fBRlJBRURHRTEwMjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
content-length
11
request-context
appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-27H1864FVV&cid=1710377910.1622867075&gtm=2oe621&aip=1&z=455513973
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-26778601-3&cid=1710377910.1622867075&jid=909844695&_u=YEBAAAAAAAAAAC~&z=154574065

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| z function| Krux undefined| session_id undefined| timeoutValue function| eventListener undefined| timer undefined| utm_src undefined| utm_mdm undefined| acb undefined| title undefined| url undefined| cust undefined| prd function| d function| set_param undefined| pixel_src function| clarity function| jsonFeed string| apiUrl object| _qevents string| axel number| a object| gaplugins object| gaGlobal object| gaData object| otStubData function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| onYouTubeIframeAPIReady function| $ function| jQuery object| picturefillCFG function| picturefill object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| Optanon object| OneTrust string| pubcidCookie object| x object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.52.0

12 Cookies

Domain/Path Name / Value
www.simon.com/ Name: pa
Value: pa=sid%3Dl6zvul7w%26sst%3D1622867075%26sis%3D1%26rv%3D0
www.simon.com/ Name: kxsimonproperty_visits
Value: 1
.www.simon.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Sat+Jun+05+2021+06%3A24%3A34+GMT%2B0200+(Central+European+Summer+Time)&version=6.16.0&hosts=&consentId=6092ead9-ff73-4cb0-b257-5830dce9248b&interactionCount=0&landingPath=https%3A%2F%2Fwww.simon.com%2Frewardcards&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
www.simon.com/ Name: _clck
Value: s1lmj5
.simon.com/ Name: __qca
Value: P0-670370796-1622867074838
.simon.com/ Name: _fbp
Value: fb.1.1622867074854.1029398033
.simon.com/ Name: _gcl_au
Value: 1.1.1064694675.1622867075
.simon.com/ Name: _gat_UA-26778601-3
Value: 1
www.simon.com/ Name: ASP.NET_SessionId
Value: e5152mzu1ojjfqwuyys4dlpa
.simon.com/ Name: _gid
Value: GA1.2.1551683750.1622867075
.simon.com/ Name: _ga_27H1864FVV
Value: GS1.1.1622867074.1.0.1622867074.60
.simon.com/ Name: _ga
Value: GA1.1.1710377910.1622867075

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *.splashthat.com www.linkedin.com p.adsymptotic.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net data: *.facebook.net *.facebook.com *.qualtrics.com *.doubleclick.net *.yimg.com *.google.com *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net *.simon.com www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com *.rackspacecloud.com *.mappedin.com d3j72de684fey1.cloudfront.net mipubapistorageprod.blob.core.windows.net 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com *.clickmeter.com web-proxy.mappedin.com *.fullstory.com *.googleusercontent.com *.movies-previews.com cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com fcmatch.youtube.com blob: snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net *.google.com.mx *.gstatic.cn; img-src stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net 'unsafe-inline' 'self' *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.mappedin.com *.cookielaw.org *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.yahoo.com *.google.com *.yimg.com *.doubleclick.net *.krxd.net *.qualtrics.com *.facebook.com *.facebook.net data: *.pingdom.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com *.fullstory.com *.movies-previews.com *.googleusercontent.com mipubapistorageprod.blob.core.windows.net; script-src d3j72de684fey1.cloudfront.net *.rackspacecloud.com *.mappedin.com 'unsafe-eval' *.fullstory.com *.googleusercontent.com *.movies-previews.com *.splashthat.com fcmatch.youtube.com snap.licdn.com ib.adnxs.com match.adsrvr.org p.placed.com px.ads.linkedin.com rules.quantcount.com *.krxd.net *.pingdom.net *.facebook.com *.simon.com *.qualtrics.com *.doubleclick.net d1p5cqqchvbqmy.cloudfront.net *.gstatic.com *.recaptcha.net *.googleapis.com sp.analytics.yahoo.com simm.netmng.com tn.alphonso.tv stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net www.google-analytics.com *.quantserve.com *.rackcdn.com *.rackspace.com data: *.facebook.net *.clickmeter.com 'self' 'unsafe-inline' *.yahoo.com *.cookielaw.org *.onetrust.com *.clarity.ms *.yottaa.net mipubapistorageprod.blob.core.windows.net *.googletagmanager.com *.bing.com *.movienewsletters.net *.westworldmedia.com ad.doubleclick.net beacon.sojern.com pixel.sojern.com log.pinterest.com assets.pinterest.com www.linkedin.com p.adsymptotic.com *.yimg.com *.google.com; script-src-elem *.facebook.com *.facebook.net data: *.pingdom.net *.krxd.net rules.quantcount.com px.ads.linkedin.com p.adsymptotic.com www.linkedin.com assets.pinterest.com log.pinterest.com pixel.sojern.com beacon.sojern.com ad.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net tn.alphonso.tv simm.netmng.com sp.analytics.yahoo.com p.placed.com match.adsrvr.org ib.adnxs.com snap.licdn.com fcmatch.youtube.com *.splashthat.com *.movies-previews.com *.googleusercontent.com *.fullstory.com *.gstatic.cn *.google.com *.yimg.com *.doubleclick.net *.qualtrics.com web-proxy.mappedin.com 'unsafe-eval' 'unsafe-inline' 'self' d1p5cqqchvbqmy.cloudfront.net d3j72de684fey1.cloudfront.net *.clickmeter.com *.westworldmedia.com *.movienewsletters.net *.bing.com *.googletagmanager.com *.googleapis.com *.recaptcha.net *.gstatic.com *.mappedin.com *.rackspacecloud.com *.rackspace.com *.rackcdn.com *.quantserve.com www.google-analytics.com *.simon.com *.yottaa.net *.clarity.ms *.onetrust.com *.cookielaw.org *.yahoo.com *.google.com.mx mipubapistorageprod.blob.core.windows.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adc3ef35f321fe6e725a-fb8aac3b3bf42afe824f73b606f0aa4c.ssl.cf1.rackcdn.com
analytics.google.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn-vzn.yottaa.net
cdn.cookielaw.org
cdn.krxd.net
connect.facebook.net
consumer.krxd.net
geolocation.onetrust.com
p.placed.com
pixel.quantserve.com
pubads.g.doubleclick.net
qoe-1.yottaa.net
rules.quantcount.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
secure.quantserve.com
simm.netmng.com
simon.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.simon.com
znbxgbnorumafz325-spg.siteintercept.qualtrics.com
www.google.de
104.17.209.240
151.101.14.133
165.254.56.66
165.254.56.72
192.229.133.90
2.18.233.88
20.69.216.13
216.58.212.162
2600:9000:218e:7a00:6:44e3:f8c0:93a1
2606:4700:10::6814:14ef
2606:4700:10::6814:b944
2606:4700::6810:9540
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:bdf::67
2620:1ec:c11::200
2a00:1450:4001:809::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:827::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9d
2a00:1450:400c:c08::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.226.124.116
34.254.140.182
52.142.114.2
52.30.251.90
52.58.219.239
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15c8fd8f4ed6ebd57cfbfdaaa40ca9c810f586a5f56a45f24a43ae1d49a8c60e
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
16c4b7933a93e06aa3495c11d36345baaa488ddf4f12a01dbb6e51bb3e887d10
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325
2c22e82767012a69a60fc0756db2e260dca50ec4cc49d321f910e4587af8b72e
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09
3baf248ff08a512257f1cb6b9915cf949998a6cc062de57e3f05c16ba61fa45b
47ad4078265c38b70dfbb6a54489556bae4f425870839e49203785b74d8994a0
49d51c47ea6f82b6ed4f1f830952a0f15dace415b511ef213b06e8d842442d39
49e8e1901bded41a490d7a965a0a8dd00e1c5e91ed050b95f087a143e1a5459b
4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c
4b9afb1abf22958ef527ca538187fa95d9aed67a27126cd645a66c5320cb3c8c
65273119e256096ceca5b848928dd7f731ed42c6bfdeb132950ca9a34a98d374
78a928a162bbe1af36350815a67b698b98bd68b8b7d678a4b064e7c13df3e9d9
7a3999f799910424a1cfb18f8ee14b5cf73af38e87945b10e95676744150536b
7c09e9bbbcd4fb4df740520ba85ec4a6f8619117c34850d7746cbd07c5961c36
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ce09fde42bad21a86867ac46e13f75e1ff421354a6216b0e0844f9bfb9db19
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
c211cd289c46a31af602fdd7a8849c0892a8d7d65c08a4cdbbd1362bddd0a6a7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc1b00546c092c24d6d691a9579f309a8c4687823cfb96a61b51f95f8a7b2fcb
cf8e0fab741fa2fd4df39f54de167635a0a3b5df99f2de090b09d30ccd9d0b6a
d8b5868763ca6a59150ba893e61fdb95bb4bf05e57d058fce35269db8fec2aea
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8b7eefdf0a42f27db830cc777daa110c7d4244afb4d60471d230b567cbee9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
ecce1ed328f9ed5bcfd9fdd942196f348488655e9c3385417f0b4c4f51bd76ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd6bad9fe755b4c1d118adf09dfedae90ac1b7a9006ed72e0a416d9ad11373e0