Submitted URL: http://sendmail.mallfinder.com/ls/click?upn=-2BjsACwMBPHlxULfKMbNQQJvAG9i1O7J91p-2BAMeQnWzspEscEmUXBZe4bJa1MFG7vm4kD_5fL-2BdZKd...
Effective URL: https://www.prairiehillsmall.com/
Submission: On October 12 via api from ES — Scanned from ES

Summary

This website contacted 23 IPs in 3 countries across 16 domains to perform 64 HTTP transactions. The main IP is 192.96.159.126, located in United States and belongs to PROFITBRICKS-USA, US. The main domain is www.prairiehillsmall.com.
TLS certificate: Issued by R3 on September 20th 2023. Valid for: 3 months.
This is the only time www.prairiehillsmall.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.96.159.127 54548 (PROFITBRI...)
1 9 192.96.159.126 54548 (PROFITBRI...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:223... 16509 (AMAZON-02)
6 2600:9000:224... 16509 (AMAZON-02)
4 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:225... 16509 (AMAZON-02)
7 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.216.60.104 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:1f14:5db... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
64 23
Apex Domain
Subdomains
Transfer
9 userway.org
cdn.userway.org — Cisco Umbrella Rank: 4730
api.userway.org — Cisco Umbrella Rank: 4698
71 KB
9 prairiehillsmall.com
www.prairiehillsmall.com
317 KB
8 googlesyndication.com
4406ba6c966282abe4a2012f48333892.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
41 KB
8 mallfinder.com
sendmail.mallfinder.com
imgathena.mallfinder.com — Cisco Umbrella Rank: 341306
mallimages.mallfinder.com — Cisco Umbrella Rank: 312395
33 KB
6 placewise.com
cdn.placewise.com — Cisco Umbrella Rank: 316049
58 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
134 KB
4 shoptopia.com
images.shoptopia.com — Cisco Umbrella Rank: 343810
188 KB
3 amazonaws.com
s3.amazonaws.com
245 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
288 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 405
fonts.googleapis.com — Cisco Umbrella Rank: 49
34 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183
83 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
54 B
1 google.es
www.google.es — Cisco Umbrella Rank: 21165
408 B
1 gstatic.com
fonts.gstatic.com
26 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
29 KB
64 16
Domain Requested by
9 www.prairiehillsmall.com 1 redirects www.prairiehillsmall.com
ajax.googleapis.com
7 cdn.userway.org www.prairiehillsmall.com
cdn.userway.org
6 cdn.placewise.com www.prairiehillsmall.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 images.shoptopia.com www.prairiehillsmall.com
4 mallimages.mallfinder.com www.prairiehillsmall.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 s3.amazonaws.com www.prairiehillsmall.com
3 www.googletagmanager.com www.prairiehillsmall.com
www.googletagmanager.com
3 imgathena.mallfinder.com www.prairiehillsmall.com
2 api.userway.org cdn.userway.org
2 maxcdn.bootstrapcdn.com www.prairiehillsmall.com
maxcdn.bootstrapcdn.com
1 www.google.com tpc.googlesyndication.com
1 4406ba6c966282abe4a2012f48333892.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.google.es www.prairiehillsmall.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.prairiehillsmall.com
1 www.googletagservices.com www.prairiehillsmall.com
1 ajax.googleapis.com www.prairiehillsmall.com
1 sendmail.mallfinder.com 1 redirects
64 24

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.placewise.com
Subject Issuer Validity Valid
www.prairiehillsmall.com
R3
2023-09-20 -
2023-12-19
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.mallfinder.com
Amazon RSA 2048 M01
2023-04-12 -
2024-05-10
a year crt.sh
cdn.mallfinder.com
Amazon RSA 2048 M01
2023-04-14 -
2024-05-12
a year crt.sh
assets.mallfinder.com
Amazon RSA 2048 M02
2023-04-14 -
2024-05-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
images.shoptopia.com
Amazon RSA 2048 M02
2023-04-14 -
2024-05-12
a year crt.sh
1667503734.rsc.cdn77.org
R3
2023-10-10 -
2024-01-08
3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2023-07-10 -
2024-06-21
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
api.userway.org
Amazon RSA 2048 M03
2023-09-02 -
2024-09-30
a year crt.sh
*.google.es
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
www.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.prairiehillsmall.com/
Frame ID: 3E78258B2766493C0D98459F6842B691
Requests: 57 HTTP requests in this frame

Frame: https://4406ba6c966282abe4a2012f48333892.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8566DD4240AE5D4507C6FBD119D60EC6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 73E15664F384E2DE21D010DEFC99F9DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 820C12AD88F1C1E15C944199E52DE292
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Prairie Hills Mall ::: Dickinson ::: NDplacewise logo

Page URL History Show full URLs

  1. http://sendmail.mallfinder.com/ls/click?upn=-2BjsACwMBPHlxULfKMbNQQJvAG9i1O7J91p-2BAMeQnWzspEscEmUXBZe4bJa1... HTTP 302
    http://www.prairiehillsmall.com/ HTTP 301
    https://www.prairiehillsmall.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

97 %
HTTPS

87 %
IPv6

16
Domains

24
Subdomains

23
IPs

3
Countries

1549 kB
Transfer

3917 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sendmail.mallfinder.com/ls/click?upn=-2BjsACwMBPHlxULfKMbNQQJvAG9i1O7J91p-2BAMeQnWzspEscEmUXBZe4bJa1MFG7vm4kD_5fL-2BdZKd8ocMNHc9SFg5en-2FcuGjGZQKoeHu1lRrTOC1yTCxdWObjq0jwePG8vWyqtEivEp3Cora5Y-2FMEUqVSYvB6bf-2FfPujtdY-2F0d8myWQ7kBwlmkhSOoSM2tPrzveKO1dppnIZIjLM-2F7PMUACi0ZJCnm9dLjdam1aNuZt0Z30cG41JgJgbMEJ3zOkqtgSFZNQpCSMSoY85-2Bt-2FQdCpJQ-2FgjrrwkczLg1iCr86Lc1BIHXcUr7a6Zjcie-2FkPMwaNV7TOwmud7xLCzrkLcFvwByGwVMlpO-2B-2BQyTUjPvsvnmpC5qvDH4Ycjq9LDy1hoqmZVkjss-2BpTLn8OFvjjnn3jtNYyKTDctlSI-2FSDmCjWlgT2rU6d6onc8-2BvO0fPBbHsZk5ahicPZWWCq4nQa6VjcrFjPipuQxCbnXtZ7Bx5YJogoM4-2FOZHp0txKT-2B3cod3fDt6xNQks5n1z-2BebiATh7FMhx-2BsCuE577mWSHSByrZ2SQbpY-3D HTTP 302
    http://www.prairiehillsmall.com/ HTTP 301
    https://www.prairiehillsmall.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.prairiehillsmall.com/
Redirect Chain
  • http://sendmail.mallfinder.com/ls/click?upn=-2BjsACwMBPHlxULfKMbNQQJvAG9i1O7J91p-2BAMeQnWzspEscEmUXBZe4bJa1MFG7vm4kD_5fL-2BdZKd8ocMNHc9SFg5en-2FcuGjGZQKoeHu1lRrTOC1yTCxdWObjq0jwePG8vWyqtEivEp3Cora5...
  • http://www.prairiehillsmall.com/
  • https://www.prairiehillsmall.com/
58 KB
59 KB
Document
General
Full URL
https://www.prairiehillsmall.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.96.159.126 , United States, ASN54548 (PROFITBRICKS-USA, US),
Reverse DNS
ip192-96-159-126.pbiaas.com
Software
Microsoft-IIS/10.0 /
Resource Hash
0398f70e4c1791c26ca6c5844382defc9e9df8a7effacfcde86480825ce8f029
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

cache-control
public, max-age=3600;
connection
close
content-language
en-US
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=UTF-8
date
Thu, 12 Oct 2023 13:02:47 GMT
referrer-policy
no-referrer-when-downgrade
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-country-ref
ES
x-echo
Echo
x-frame-options
SAMEORIGIN
x-privacy-ref
GDPR
x-xss-protection
1; mode=block

Redirect headers

content-length
0
location
https://www.prairiehillsmall.com/
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
947
age
13552885
cdn-cachedat
11/22/2022 18:16:02
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f5f004e42486d40f8f7c778e443f29de
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
814f8a3bd9f114f1-MAD
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 19:39:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
321835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33495
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Oct 2024 19:39:00 GMT
common.js
imgathena.mallfinder.com/images/js/utils/
4 KB
2 KB
Script
General
Full URL
https://imgathena.mallfinder.com/images/js/utils/common.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:d:4526:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
32d365cd834e35c11ec2263d5f2e7809b1cbfd87693e345605c9f9ac22458249

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:39:18 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
10066971
x-privacy-ref
GDPR
x-cache
Hit from cloudfront
x-echo
Echo
last-modified
Tue, 07 Apr 2020 16:35:01 GMT
server
Microsoft-IIS/10.0
x-country-ref
DE
etag
W/"2f61b97bfacd61:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
gg50GnshaD4gRVZIOHavwCdCd560ay5Lkq3jpfqjcjDlsg78XmXKPw==
main-v1636389637740.css
www.prairiehillsmall.com/css/house@GPCME/
769 KB
71 KB
Stylesheet
General
Full URL
https://www.prairiehillsmall.com/css/house@GPCME/main-v1636389637740.css
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.96.159.126 , United States, ASN54548 (PROFITBRICKS-USA, US),
Reverse DNS
ip192-96-159-126.pbiaas.com
Software
Microsoft-IIS/10.0 /
Resource Hash
b8ad059ca17974b3df4e3a7ab4a85d17b0072b17358766c97196e7e120b802bb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains
x-privacy-ref
GDPR
x-echo
Echo
content-length
72130
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Nov 2021 16:40:25 GMT
server
Microsoft-IIS/10.0
x-country-ref
ES
etag
"80e25d54bfd4d71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536001, immutable
accept-ranges
bytes
slick.min.js
cdn.placewise.com/assets/js/vendor/slick/v1.8.1/
42 KB
11 KB
Script
General
Full URL
https://cdn.placewise.com/assets/js/vendor/slick/v1.8.1/slick.min.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:e200:1f:c0af:eac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 22:33:09 GMT
content-encoding
gzip
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified
Wed, 17 Feb 2021 15:11:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
7482587
etag
W/"d5a61c749e44e47159af8a6579dda121"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
SpMkmBc99owpZ6KgulIL4vwk0AVu6eB6XFtcrhMKHdhKkMlPdRe_5A==
omodal.js
mallimages.mallfinder.com/js/omodal/v1.1.1/
16 KB
5 KB
Script
General
Full URL
https://mallimages.mallfinder.com/js/omodal/v1.1.1/omodal.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e00:1d:83c6:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
f85ec814313bbdab4336992b5d33827d788c4a208edaf14fda4384eea2c47602
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
date
Thu, 12 Oct 2023 12:58:07 GMT
x-amz-cf-pop
FRA56-P5
age
281
x-privacy-ref
GDPR
x-cache
Hit from cloudfront
p3p
policyref="http://www.mallfinder.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa PSAa PSDa OTPa OUR NOR UNI COM NAV INT CNT STA PRE LOC"
last-modified
Thu, 17 Mar 2022 17:21:58 GMT
server
Microsoft-IIS/7.5
x-country-ref
DE
etag
W/"e0a6782233ad81:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=3600;
x-amz-cf-id
_q5wuWpe_ariwVaAEA8HUp2eJq_r_H46uaZiTD6TlCNBnt6DbC1B5Q==
gpt.js
www.googletagservices.com/tag/js/
98 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66f6bd4005452d000b45789332ccc5344c3c510fa4321f823022462fbf6a6e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29496
x-xss-protection
0
server
cafe
etag
691 / 19642 / 31078730 / config-hash: 11301574316168306510
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 12 Oct 2023 13:02:56 GMT
js
www.googletagmanager.com/gtag/
254 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P96XJ06HPY
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a239dd4d0c6652e983748954f4d3023f7cb26194873b0ae747b7065fbed395d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88269
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 12 Oct 2023 13:02:56 GMT
lodash.min.js
cdn.placewise.com/assets/js/vendor/lodash/v3.8.0/
50 KB
19 KB
Script
General
Full URL
https://cdn.placewise.com/assets/js/vendor/lodash/v3.8.0/lodash.min.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:e200:1f:c0af:eac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c7cb072a403d2651fd7fad5848e81c5bf6ad67e8ab000f9da01bcb4a0239e6

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 14:43:44 GMT
content-encoding
gzip
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jul 2023 13:27:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
944352
etag
W/"300413f9adb03718a28335d0d36dda6b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=989898, immutable
x-amz-cf-id
twLn9z1eme7aJ7yHYqZoOVApmd2bjZWBYCkrxPMwHLZ5m-L9Z36-Zw==
moment.min.js
cdn.placewise.com/assets/js/vendor/moment/v2.24.0/
52 KB
17 KB
Script
General
Full URL
https://cdn.placewise.com/assets/js/vendor/moment/v2.24.0/moment.min.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:e200:1f:c0af:eac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 10:18:02 GMT
content-encoding
gzip
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified
Wed, 17 Feb 2021 15:11:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
7440294
etag
W/"761502841c035afcf6a9bdc5d0a20d11"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
xHFoeUvS0bMH1UGQQfV51ablu5JHkywWerAH4hjf2ir4z4QHTGkKsw==
jQuery.md5.js
imgathena.mallfinder.com/images/js/md5/v1.2.1/
9 KB
3 KB
Script
General
Full URL
https://imgathena.mallfinder.com/images/js/md5/v1.2.1/jQuery.md5.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:d:4526:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
41f41aa3f32ea20a820c36488c40e2acb8f022c35d91c69a1d1c75e63edebf54

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 11 May 2023 21:47:18 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
13274100
x-privacy-ref
GDPR
x-cache
Hit from cloudfront
x-echo
Echo
last-modified
Mon, 21 Mar 2016 18:27:06 GMT
server
Microsoft-IIS/10.0
x-country-ref
DE
etag
W/"2a3a4459f83d11:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
xo31JBoqC9nCkZofBs5lF2nB3TWBmyB0-1jdDHNq8WEFKuPTDpDSxQ==
pw_client.js
mallimages.mallfinder.com/images/js/pwofile_no_password/v2.0.1/
14 KB
4 KB
Script
General
Full URL
https://mallimages.mallfinder.com/images/js/pwofile_no_password/v2.0.1/pw_client.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e00:1d:83c6:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
f44ae2d20473d18ec02fb591305f75b57e0475976cc1032b821601a82334fa01
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
date
Thu, 12 Oct 2023 12:34:22 GMT
x-amz-cf-pop
FRA56-P5
age
1726
x-privacy-ref
GDPR
x-cache
Hit from cloudfront
p3p
policyref="http://www.mallfinder.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa PSAa PSDa OTPa OUR NOR UNI COM NAV INT CNT STA PRE LOC"
last-modified
Wed, 31 May 2023 19:59:01 GMT
server
Microsoft-IIS/7.5
x-country-ref
DE
etag
W/"a2885058fa93d91:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=3600;
x-amz-cf-id
oSDUvo7-eDZCxhnCLR40pvTxJNQ7_sOAw0PSTcVSp6NmvSp30qVkGg==
pw_profile_view.js
mallimages.mallfinder.com/images/js/pwofile_no_password/v2.0.1/
30 KB
7 KB
Script
General
Full URL
https://mallimages.mallfinder.com/images/js/pwofile_no_password/v2.0.1/pw_profile_view.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e00:1d:83c6:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
283cb1eddf8c0488a2e983a40aab5ffff93aa84d7904da2607d6d65fdbadc16d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
date
Thu, 12 Oct 2023 12:04:17 GMT
x-amz-cf-pop
FRA56-P5
age
3510
x-privacy-ref
GDPR
x-cache
Hit from cloudfront
p3p
policyref="http://www.mallfinder.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa PSAa PSDa OTPa OUR NOR UNI COM NAV INT CNT STA PRE LOC"
last-modified
Wed, 31 May 2023 19:59:02 GMT
server
Microsoft-IIS/7.5
x-country-ref
DE
etag
W/"c1f0bd58fa93d91:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=3600;
x-amz-cf-id
UXAwPPdDxt7Vc_31iiREacr3UvUAnjMR_76VFPRRuxQ3UzFkST_HVA==
profile.js
mallimages.mallfinder.com/images/js/pwofile_no_password/v2.0.1/
41 KB
8 KB
Script
General
Full URL
https://mallimages.mallfinder.com/images/js/pwofile_no_password/v2.0.1/profile.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e00:1d:83c6:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
80acf4b9ba1e0f99ffb3b5b1398085b9787f550f8218c59eb12d341ebb30f419
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
date
Thu, 12 Oct 2023 12:11:48 GMT
x-amz-cf-pop
FRA56-P5
age
3127
x-privacy-ref
GDPR
x-cache
Hit from cloudfront
p3p
policyref="http://www.mallfinder.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa PSAa PSDa OTPa OUR NOR UNI COM NAV INT CNT STA PRE LOC"
last-modified
Wed, 31 May 2023 19:59:00 GMT
server
Microsoft-IIS/7.5
x-country-ref
DE
etag
W/"a4b8e557fa93d91:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=3600;
x-amz-cf-id
Wp8s7BmrqxDczymmX013lChidDG8uqNT4n7wyY0GCGMvIYiKNN3pwQ==
mall-logo.png
www.prairiehillsmall.com/mimages/house@GPCME/
11 KB
12 KB
Image
General
Full URL
https://www.prairiehillsmall.com/mimages/house@GPCME/mall-logo.png
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.96.159.126 , United States, ASN54548 (PROFITBRICKS-USA, US),
Reverse DNS
ip192-96-159-126.pbiaas.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c58e0415ca6fd3845fe458fd7ffd6d19215f7005f3ca569bc271d6dbd132a036
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:48 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-privacy-ref
GDPR
x-echo
Echo
content-length
11501
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Aug 2018 18:34:42 GMT
server
Microsoft-IIS/10.0
x-country-ref
ES
etag
"388dc1e9040d41:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536001, immutable
accept-ranges
bytes
3.svg
cdn.placewise.com/images/api/stores/
12 KB
5 KB
Image
General
Full URL
https://cdn.placewise.com/images/api/stores/3.svg
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:e200:1f:c0af:eac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d978629f895300603e1cb893c7c5d16c446485fbe9372db52cd95adc0a5dd11

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 05:57:10 GMT
content-encoding
gzip
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2015 22:11:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
25547
etag
W/"726798d134a23926660b1548124f3031"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
dAA5i9Sb92sYnftbazEo7eySzt2vq80R_mJ1YX6ONuJNa1-M_nR0wg==
2137030235.svg
cdn.placewise.com/images/api/stores/
64 KB
5 KB
Image
General
Full URL
https://cdn.placewise.com/images/api/stores/2137030235.svg
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:e200:1f:c0af:eac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
762b85e9d451795b62e9e02015cdaae4216786c3c65ec356f21556887fd54255

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 19:33:43 GMT
content-encoding
gzip
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2015 22:16:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
62954
etag
W/"5ad76f876f14fcbb0f4aed9c7cb44efa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
KVmcFZIM2p7ZNz5yAL379AqkgsgHJWw6o-jWVYItjNhsvi1XoyeBKA==
2563.svg
cdn.placewise.com/images/api/stores/
3 KB
2 KB
Image
General
Full URL
https://cdn.placewise.com/images/api/stores/2563.svg
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:e200:1f:c0af:eac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c093b750c1fb51a204bb14f926ab8a38a91d30cfdf769290318b7fa2cabff15

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:44:01 GMT
content-encoding
gzip
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2015 22:14:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
22736
etag
W/"670f1bbdcdc92b8ee51f7ab44375221e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
i0WzuQkxQ9zVDLRnS_CJjeMUGMtMxT1_qd2KIImWF5jNrpQA14V7Ww==
2248
images.shoptopia.com/mcache/200x150/store/
6 KB
6 KB
Image
General
Full URL
https://images.shoptopia.com/mcache/200x150/store/2248
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6800:14:8902:e640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.10 (Ubuntu) /
Resource Hash
f41d3324ad0d648feb49c233f4fd9849b4d59380b15404f50c88d05aa7136098
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Thu, 12 Oct 2023 13:02:56 GMT
via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
1725
x-privacy-ref
GDPR
x-cache
Hit from cloudfront
p3p
policyref="http://www.mallfinder.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa PSAa PSDa OTPa OUR NOR UNI COM NAV INT CNT STA PRE LOC"
content-length
5738
last-modified
Wed, 14 Nov 2018 20:47:02 GMT
server
Apache/2.4.10 (Ubuntu)
x-country-ref
DE
etag
"166a-57aa6094c8a6a"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
public, max-age=3600;
accept-ranges
bytes
x-amz-cf-id
amQ51G5R4qQ_BDuq7MqWNtpU7ZuA00JMlbNPQjdERwaZImOb3qSGug==
2137050456
images.shoptopia.com/mcache/200x150/store/
25 KB
25 KB
Image
General
Full URL
https://images.shoptopia.com/mcache/200x150/store/2137050456
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6800:14:8902:e640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.10 (Ubuntu) /
Resource Hash
08225d202ce21e75e26362b1eb9330b62c70683cfb879f657e2c96bcb2d5a9f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Thu, 12 Oct 2023 13:02:56 GMT
via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-privacy-ref
GDPR
x-cache
RefreshHit from cloudfront
p3p
policyref="http://www.mallfinder.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa PSAa PSDa OTPa OUR NOR UNI COM NAV INT CNT STA PRE LOC"
content-length
25263
last-modified
Mon, 17 Aug 2020 20:12:36 GMT
server
Apache/2.4.10 (Ubuntu)
x-country-ref
DE
etag
"62af-5ad18643fd5c8"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
public, max-age=3600;
accept-ranges
bytes
x-amz-cf-id
w6hGBvaKDIBHhRzqQQaU-_6uJNC-sIPcRC2mqWD8WS6SahK7zjtawA==
2137094718
images.shoptopia.com/mcache/200x150/store/
4 KB
5 KB
Image
General
Full URL
https://images.shoptopia.com/mcache/200x150/store/2137094718
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6800:14:8902:e640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.10 (Ubuntu) /
Resource Hash
48f44a015763fc0105a033aae360ba02529d0ea0016f6fc97f0f582cffe0a1b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Thu, 12 Oct 2023 13:02:56 GMT
via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
2806
x-privacy-ref
GDPR
x-cache
Hit from cloudfront
p3p
policyref="http://www.mallfinder.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa PSAa PSDa OTPa OUR NOR UNI COM NAV INT CNT STA PRE LOC"
content-length
4112
last-modified
Thu, 08 Dec 2022 18:08:14 GMT
server
Apache/2.4.10 (Ubuntu)
x-country-ref
DE
etag
"1010-5ef54ebbec512"
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
public, max-age=3600;
accept-ranges
bytes
x-amz-cf-id
rfxV72Vb_WJBuqqKmAJ46V_yoRoC05BPNQmWEOcLOzwkGw4o6GSDlw==
shopsave.jpg
www.prairiehillsmall.com/mimages/house@GPCME/
55 KB
55 KB
Image
General
Full URL
https://www.prairiehillsmall.com/mimages/house@GPCME/shopsave.jpg
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.96.159.126 , United States, ASN54548 (PROFITBRICKS-USA, US),
Reverse DNS
ip192-96-159-126.pbiaas.com
Software
Microsoft-IIS/10.0 /
Resource Hash
ea4c74db8714869fb124d0ea0bb5d6f7106693400cc96670b943cba6751e3f53
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:48 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-privacy-ref
GDPR
x-echo
Echo
content-length
55863
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Aug 2018 06:13:51 GMT
server
Microsoft-IIS/10.0
x-country-ref
ES
etag
"5b652d9f2840d41:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536001, immutable
accept-ranges
bytes
sales-events.jpg
www.prairiehillsmall.com/mimages/house@GPCME/
71 KB
72 KB
Image
General
Full URL
https://www.prairiehillsmall.com/mimages/house@GPCME/sales-events.jpg
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.96.159.126 , United States, ASN54548 (PROFITBRICKS-USA, US),
Reverse DNS
ip192-96-159-126.pbiaas.com
Software
Microsoft-IIS/10.0 /
Resource Hash
49ccc4de899c9eaf539dcb57224a9999e098150e29a79fb0854f282d143ebecd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:49 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-privacy-ref
GDPR
x-echo
Echo
content-length
73167
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 Sep 2018 15:43:22 GMT
server
Microsoft-IIS/10.0
x-country-ref
ES
etag
"c0ee8757f845d41:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536001, immutable
accept-ranges
bytes
trends.jpg
www.prairiehillsmall.com/mimages/house@GPCME/
43 KB
44 KB
Image
General
Full URL
https://www.prairiehillsmall.com/mimages/house@GPCME/trends.jpg
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.96.159.126 , United States, ASN54548 (PROFITBRICKS-USA, US),
Reverse DNS
ip192-96-159-126.pbiaas.com
Software
Microsoft-IIS/10.0 /
Resource Hash
625284c6d069f628c797d4fdaba40a583bb22dfdcf37c8d9374a44efab88f732
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:49 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-privacy-ref
GDPR
x-echo
Echo
content-length
44308
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Aug 2018 06:13:54 GMT
server
Microsoft-IIS/10.0
x-country-ref
ES
etag
"6b9fd2a02840d41:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536001, immutable
accept-ranges
bytes
jquery.selectric.js
imgathena.mallfinder.com/images/js/selectric/v1.9.3/
7 KB
3 KB
Script
General
Full URL
https://imgathena.mallfinder.com/images/js/selectric/v1.9.3/jquery.selectric.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3e00:d:4526:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7b93a14d95ba9ec05036fe944b16b57d3843e345800521fc84e95690f6d188bf

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 02:54:06 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
7207716
x-privacy-ref
GDPR
x-cache
Hit from cloudfront
x-echo
Echo
last-modified
Thu, 12 Jan 2017 00:51:35 GMT
server
Microsoft-IIS/10.0
x-country-ref
DE
etag
W/"bf1f2c66e6cd21:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
rRmRMlKk_uneRYqkPy1mZQ_8dNmKztBR258fEHEGFZhhYf0jmnxWPQ==
production-v1636389637740.min.js
www.prairiehillsmall.com/js/house@GPCME/
9 KB
4 KB
Script
General
Full URL
https://www.prairiehillsmall.com/js/house@GPCME/production-v1636389637740.min.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.96.159.126 , United States, ASN54548 (PROFITBRICKS-USA, US),
Reverse DNS
ip192-96-159-126.pbiaas.com
Software
Microsoft-IIS/10.0 /
Resource Hash
b11104a40e708027819dfe1e8b5c77341591990850e97285c8c27ce30425a646
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains
x-privacy-ref
GDPR
x-echo
Echo
content-length
3189
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Nov 2021 16:40:27 GMT
server
Microsoft-IIS/10.0
x-country-ref
ES
etag
"80f8f55bfd4d71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536001, immutable
accept-ranges
bytes
widget.js
cdn.userway.org/
2 KB
2 KB
Script
General
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8aafad8c9e4ea01007a997934f7edf20230319d743f54124cabc2e1277c5cb24

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 12 Oct 2023 13:02:56 GMT
via
1.1 c4d787a1103a5c1f813ed02541260b4a.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HAM50-P1
age
121
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
3548
x-accel-date
1697112228
x-77-nzt
AcO1qhE3Nzf/3A0AAA
x-accel-expires
@1697115828
x-77-age
3548
last-modified
Tue, 10 Oct 2023 16:59:51 GMT
server
CDN77-Turbo
etag
W/"9c81a894586d3941047a4428a6d116d7"
x-77-nzt-ray
4c156224e0c3f9e280ee27659133740d
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
content-type
application/javascript
x-amz-cf-id
h56Dll0t8n9s9b-r0sLqdpzgVAjLwb5KiS-CoXkCQ4B6v9qyCGRNjA==
css
fonts.googleapis.com/
1 KB
854 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Allura
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/css/house@GPCME/main-v1636389637740.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b0bf68e7f3e9c014b87051232e846d3ea452f20c3be90324ce294f9245f8c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/css/house@GPCME/main-v1636389637740.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Oct 2023 13:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 12:58:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Oct 2023 13:02:56 GMT
gtm.js
www.googletagmanager.com/
581 KB
118 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5376MBZ
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69c19559abf9d661ab5d2adf23b235ddf2164f4252995caa5823c3ff4c45addd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120600
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Oct 2023 13:02:56 GMT
hero.jpg
images.shoptopia.com/mcache/1440x640/mimages_with_crop/987/house@GPCME/
151 KB
152 KB
Image
General
Full URL
https://images.shoptopia.com/mcache/1440x640/mimages_with_crop/987/house@GPCME/hero.jpg
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6800:14:8902:e640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.10 (Ubuntu) /
Resource Hash
928372012739bb488984f8e7304b62f1f9f06e0c732e7b24f960e40d7f854ab8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:56 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-privacy-ref
GDPR
x-cache
Miss from cloudfront
p3p
policyref="http://www.mallfinder.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa PSAa PSDa OTPa OUR NOR UNI COM NAV INT CNT STA PRE LOC"
content-length
154656
last-modified
Thu, 04 Feb 2021 14:55:04 GMT
server
Apache/2.4.10 (Ubuntu)
x-country-ref
DE
etag
"25c20-5ba83e382dc14"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=3600;
accept-ranges
bytes
x-amz-cf-id
gnWdZ3pgg7EUfuQqR8rC26g26mGmycarTmMtVHJ0RY5LT9fi-raQDg==
Montserrat-Regular.woff2
s3.amazonaws.com/placewisesitecontent/fonts/montserrat/
81 KB
82 KB
Font
General
Full URL
https://s3.amazonaws.com/placewisesitecontent/fonts/montserrat/Montserrat-Regular.woff2
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/css/house@GPCME/main-v1636389637740.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.60.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7306fa4345df000b6119e16e2375463219c109a075f67a86efe36530b2705657

Request headers

Referer
https://www.prairiehillsmall.com/css/house@GPCME/main-v1636389637740.css
Origin
https://www.prairiehillsmall.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 13:02:57 GMT
Last-Modified
Wed, 17 Feb 2021 15:18:31 GMT
Server
AmazonS3
x-amz-request-id
C4PAWZ9G95ETA2FH
ETag
"29b21f3d253f6d2b50ce6950201c0e40"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, PUT, POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin, ETag
Cache-Control
public, max-age=31536000, immutable
Accept-Ranges
bytes
Content-Length
83260
x-amz-id-2
z9ZKBstHCFy1BsKXc9GnvyYJK4OvIYzqs+rrny4IUGzwn0+TGVxGEbd2d24ZbQqECRZcmu+raGo=
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.prairiehillsmall.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1072
cdn-cachedat
10/09/2023 12:23:04
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5633649fef1bbd4783b3241174a183cc
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
814f8a4259d22fa6-MAD
cdn-requestpullsuccess
True
Montserrat-Bold.woff2
s3.amazonaws.com/placewisesitecontent/fonts/montserrat/
81 KB
82 KB
Font
General
Full URL
https://s3.amazonaws.com/placewisesitecontent/fonts/montserrat/Montserrat-Bold.woff2
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/css/house@GPCME/main-v1636389637740.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.60.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
84b73d6a57332d515d5ab04056617f5a0b9664351941cb61717fa8328bd8598e

Request headers

Referer
https://www.prairiehillsmall.com/css/house@GPCME/main-v1636389637740.css
Origin
https://www.prairiehillsmall.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 13:02:57 GMT
Last-Modified
Wed, 17 Feb 2021 15:18:31 GMT
Server
AmazonS3
x-amz-request-id
C4P7MM3QA555TAT8
ETag
"a119469ce0ee575bb5dd234302039918"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, PUT, POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin, ETag
Cache-Control
public, max-age=31536000, immutable
Accept-Ranges
bytes
Content-Length
83204
x-amz-id-2
ufOjD5bVukl2ZHYP9f8I/I481fGtSP8jc1zZYc3l32ZruBCIa71B08zjtm/u3DqRrw7EYrBgg9E=
9oRPNYsQpS4zjuA_iwgW.woff2
fonts.gstatic.com/s/allura/v21/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/allura/v21/9oRPNYsQpS4zjuA_iwgW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allura
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
378b9b4f34551157e0e4a2237a85e0db9556e2f52b3d2d0f9b3d88ba6f82da60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.prairiehillsmall.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 22:33:51 GMT
x-content-type-options
nosniff
age
397745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26576
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:19:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 22:33:51 GMT
Montserrat-SemiBold.woff2
s3.amazonaws.com/placewisesitecontent/fonts/montserrat/
80 KB
81 KB
Font
General
Full URL
https://s3.amazonaws.com/placewisesitecontent/fonts/montserrat/Montserrat-SemiBold.woff2
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/css/house@GPCME/main-v1636389637740.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.60.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7637fd0708f784a232ef2298f0e7b325186dd5eb9805e1dde626d0538e494ea8

Request headers

Referer
https://www.prairiehillsmall.com/css/house@GPCME/main-v1636389637740.css
Origin
https://www.prairiehillsmall.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 13:02:57 GMT
Last-Modified
Wed, 17 Feb 2021 15:18:31 GMT
Server
AmazonS3
x-amz-request-id
C4P94YYN5QPYXKA5
ETag
"91c6aee64965e877dfaed1f2f0ef12ae"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, PUT, POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin, ETag
Cache-Control
public, max-age=31536000, immutable
Accept-Ranges
bytes
Content-Length
82408
x-amz-id-2
uwOliQN8IVtrxi/wd/OY5jXM7aywqCuY6cDbgB9Agn7KJJeuM2Lpces/gfpG+ZfxTVN9SwF0qpY=
/
www.prairiehillsmall.com/live_update/op_mess/
24 B
555 B
XHR
General
Full URL
https://www.prairiehillsmall.com/live_update/op_mess/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.96.159.126 , United States, ASN54548 (PROFITBRICKS-USA, US),
Reverse DNS
ip192-96-159-126.pbiaas.com
Software
Microsoft-IIS/10.0 /
Resource Hash
152375195f057557404e2f8da4dfeea9d6e84c20c6c349086199fd39fd905cc4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.prairiehillsmall.com/
X-Requested-With
XMLHttpRequest
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:49 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
Microsoft-IIS/10.0
referrer-policy
no-referrer-when-downgrade
x-country-ref
ES
x-frame-options
SAMEORIGIN
x-privacy-ref
GDPR
content-type
application/json;charset=UTF-8
cache-control
public, max-age=3600;
x-robots-tag
noindex, nofollow
x-echo
Echo
content-length
24
x-xss-protection
1; mode=block
widget_app_base_1696957054779.js
cdn.userway.org/widgetapp/2023-10-10-16-57-34/
135 KB
40 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2023-10-10-16-57-34/widget_app_base_1696957054779.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1edc8d87c5995d37d634751fbf1f081fc066d2c8d90f29e66d3fbc0cf97d59bc

Request headers

Referer
https://www.prairiehillsmall.com/
Origin
https://www.prairiehillsmall.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 12 Oct 2023 13:02:56 GMT
via
1.1 8fd479f9732c98acd630e18c99fdcc6c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HAM50-P1
age
67
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
158443
x-accel-date
1696957333
x-77-nzt
AcO1qhE3Nzf/62oCAA
x-accel-expires
@1722877333
x-77-age
158443
last-modified
Tue, 10 Oct 2023 16:59:45 GMT
server
CDN77-Turbo
etag
W/"f4764ada065606eb27ff0fe8381c5421"
x-77-nzt-ray
4c156224b9ca47eb80ee2765b0d4c11f
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
UXhebkJK8pU58B84FoQaXiSiqyHS_dxWWe590e6hQjSR4dHcGezn4g==
bIU13OLbIy
api.userway.org/api/tunings/
510 B
896 B
XHR
General
Full URL
https://api.userway.org/api/tunings/bIU13OLbIy
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-10-16-57-34/widget_app_base_1696957054779.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:1149:d50f:7505:5665 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f3b53afcd73279f1e7ab680b1d5c0a635264d94a9014a650d38beafb446fefe0

Request headers

Referer
https://www.prairiehillsmall.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 12 Oct 2023 13:02:57 GMT
etag
W/"1fe-v8xKkpObJ1MHuthwzQfey6oFzh4"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usrb929ff71f5a24ff
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
510
x-service-version
uw-pr
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/
420 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078730
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:37:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77127
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134722
x-xss-protection
0
server
cafe
etag
2928310903106852838
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 10 Oct 2024 15:37:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
46 B
588 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.prairiehillsmall.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dd2dd15e9497a3383e9b8f6f17705cf0e4ec8b1159619f50fdc49a6d6723f1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
expires
Thu, 12 Oct 2023 13:02:56 GMT
collect
region1.analytics.google.com/g/
0
260 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P96XJ06HPY&gtm=45je3ab0&_p=696375047&_gaz=1&cid=1969193911.1697115777&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697115776&sct=1&seg=0&dl=https%3A%2F%2Fwww.prairiehillsmall.com%2F&dt=Prairie%20Hills%20Mall%20%3A%3A%3A%20Dickinson%20%3A%3A%3A%20ND&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P96XJ06HPY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 13:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.prairiehillsmall.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
260 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P96XJ06HPY&cid=1969193911.1697115777&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P96XJ06HPY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 13:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.prairiehillsmall.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
241 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9310WSBGXZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P96XJ06HPY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61fa87581fd4419ba4b95e535106c323a2aec4e1a20002d0fb13e79110a6e118
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85083
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 12 Oct 2023 13:02:56 GMT
ga-audiences
www.google.es/ads/
42 B
408 B
Image
General
Full URL
https://www.google.es/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P96XJ06HPY&cid=1969193911.1697115777&gtm=45je3ab0&aip=1&z=1530971151
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 13:02:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9310WSBGXZ&gtm=45je3ab0&_p=696375047&cid=1969193911.1697115777&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697115776&sct=1&seg=0&dl=https%3A%2F%2Fwww.prairiehillsmall.com%2F&dt=Prairie%20Hills%20Mall%20%3A%3A%3A%20Dickinson%20%3A%3A%3A%20ND&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9310WSBGXZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 13:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.prairiehillsmall.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
728 B
740 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1484939237047064&correlator=3311453306630495&eid=31078730%2C44804939&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fifs&iu_parts=1076347%2Cprairiehills-Sew-Home-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697115777132&lmt=1697112177&adxs=1066&adys=1907&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.prairiehillsmall.com%2F&vis=1&psz=367x0&msz=367x0&fws=4&ohw=367&ga_vid=1969193911.1697115777&ga_sid=1697115777&ga_hid=696375047&ga_fc=true&dlt=1697115774974&idt=2135&adks=3841824202&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078730
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1a021abf30197edb21ef669c42fce33efdb658a4feb040b57e535a95e05ad4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
362
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.prairiehillsmall.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4406ba6c966282abe4a2012f48333892.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8566
6 KB
3 KB
Document
General
Full URL
https://4406ba6c966282abe4a2012f48333892.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078730
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.prairiehillsmall.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 13:02:57 GMT
expires
Fri, 11 Oct 2024 13:02:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en-US.json
cdn.userway.org/widgetapp/2023-10-10-16-57-34/locales/
500 B
937 B
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2023-10-10-16-57-34/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-10-16-57-34/widget_app_base_1696957054779.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 12 Oct 2023 13:02:57 GMT
via
1.1 eabf0052502240e2b09c2e962490cabc.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HAM50-P1
age
68
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
158436
x-accel-date
1696957341
x-77-nzt
AcO1qhE3Nzf/5GoCAA
x-accel-expires
@1722877341
x-77-age
158436
last-modified
Tue, 10 Oct 2023 16:59:45 GMT
server
CDN77-Turbo
etag
W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray
4c156224b9ca47eb81ee2765dbae3213
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
vecbRtSRcSV0DMypvXl2anzCyQ__dj4BGflJTUbMdktqSRScEzAcJA==
remediation-tool-free.js
cdn.userway.org/remediation/free/
23 KB
11 KB
Script
General
Full URL
https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1696957054779
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-10-16-57-34/widget_app_base_1696957054779.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6002854e563ff2ee9a1c404ddb308e8d3bb30b4988f4b4a881f2c6199bf56739

Request headers

Referer
https://www.prairiehillsmall.com/
Origin
https://www.prairiehillsmall.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 12 Oct 2023 13:02:57 GMT
via
1.1 704c2c5658d2a30f6fbdd46c73f52e10.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HAM50-P1
age
66
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
158443
x-accel-date
1696957334
x-77-nzt
AcO1qhE3Nzf/62oCAA
x-accel-expires
@1722877334
x-77-age
158443
last-modified
Tue, 10 Oct 2023 16:59:50 GMT
server
CDN77-Turbo
etag
W/"4cbc9be9a9ea05ce719edf78577e4612"
x-77-nzt-ray
4c156224b9ca47eb81ee2765f5763c31
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
76DzB50gkCi9zXmCAaFIcRdU6Fg4mveH_CiLqRgRcJb0lfLljXha2A==
body_wh.svg
cdn.userway.org/widgetapp/images/
931 B
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 12 Oct 2023 13:02:57 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
429
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
10296793
x-accel-date
1686818984
x-77-nzt
AcO1qhE3Nzf/2R2dAA
x-accel-expires
@1712738984
x-77-age
10296793
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray
4c156224e0c3f9e281ee2765da481332
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
HlEGbiuH_gjCFcAGevlGHDgcrEIP6DdjdyVOZOOBsczjT9qP0nwO2g==
spin_wh.svg
cdn.userway.org/widgetapp/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: www.prairiehillsmall.com
URL: https://www.prairiehillsmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 12 Oct 2023 13:02:57 GMT
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
429
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
10296793
x-accel-date
1686818984
x-77-nzt
AcO1qhE3Nzf/2R2dAA
x-accel-expires
@1712738984
x-77-age
10296793
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
4c156224e0c3f9e281ee2765df221832
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
3-d562hUF3b2u9thgqBziH84kLN8KO4gp6LhwwhHdJm4BZH507z6Nw==
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078730
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b8264d3ccedba198675354709bcef9e6c372576c9cec2cf3cc15b08e813672a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12236
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078730
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 13:02:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 73E1
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.prairiehillsmall.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
age
3004
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 12:12:54 GMT
expires
Fri, 11 Oct 2024 12:12:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 820C
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5f8ee544619445407ebdf094e150392ed5a35c8a6596589b140a110f117151b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PbphsUxJFExKO41BW632qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prairiehillsmall.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PbphsUxJFExKO41BW632qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 13:02:58 GMT
expires
Thu, 12 Oct 2023 13:02:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 73E1
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:04:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Oct 2024 12:04:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 820C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310100101&jk=1484939237047064&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 73E1
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ip3v-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:02:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310100101&jk=1484939237047064&bg=!09Cl0J_NAAbjlzx0w5c7ADQBe5WfOC-lHO7eydTmc8ZDWgWxszq4AjGFI-Vo_f92Tl9Y5jgkYZtxBptOCxhjrz07QMYoAgAAAD9SAAAACGgBB5kCvXGZ55ZB5X37yMn0P7CALa3eVpUpiUJzMWOjIx7Y_YdaeSltxQ4K3d_wfMXEreIFaXz4z64WZA3uf7StO39G7JQgO8vWpeh4pDcmOp4rfeSYdOu4-pyuuVMNmCO3oQWJb3vF8kHGNlL7iFpXGCQl0DDIul0ppXFID97qllA3XhYOCFhAV-bzPNSAcOnmpR1HVNQUEvTbjRAClBg-1q6_4glUvlR9qpOFk0x7Eav9UL9jvWHfNYuMFOZa5E1VmbbwaBzJSwusswP4QMdmrvcZeKCKfKnrJMaU8BpryJpEuOkuIDrg1oWXn-4a1bz9q_G8UUYXcbJIZwCdcM4PszA-QqyAf5mOwhZ-F3mLmoo7ndAZK6KDQdVNUNQ8h8mKXg453coKB9-STv8y5LcfPaavA262k7YckDEgwV9LoOO-Gd7ICobJyo8ddRJqOXOes6wDDLx3xNog2YpmEH5Jpzx8omp3HSQrx9uAnuL73hENg7iuG5lARmx4auw_DEoPQzmBATk84EWZDXo_HkZ3ve8eT6c8AzAzgzDeN5xXYRRRIUXiLhdlWqS2uojs_Rtkb2EgVj0JMuZtSrcFoFejH2cYmzc-LrGTIHJZ1C4i7fl9NI41LCD9neawUXyN7NgKFxF9GmS6N1t9JxfYo3RXRIs_fGocNqwuFAb2uHPmWnZVPg3UfN8AD9gqaxaPZCJW2kJjPc-UAPfzyhlz25xGR604Zk5uiMkw4T5RX0C6Rjxe5AuADqDxej2SUHRxkNYx2wx7qRmlI-F2afhrbqUfmzahcD-7QTgi3ftRH34OZefWRaGyWtLoswK1SrVVcDJDqFGd5taGz6lOldxKEiOkXy2-9dZdgiZB6PbRbuwY8-8FqBKblR1TIJV_g4vxjVs4DaUDIwGaOroCnV-a5OUmBCDaG1Y8711te2YmHXYaog5H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.prairiehillsmall.com%2F/DESKTOP/WIDGET_OFF/
77 B
454 B
Fetch
General
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.prairiehillsmall.com%2F/DESKTOP/WIDGET_OFF/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-10-16-57-34/widget_app_base_1696957054779.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:1149:d50f:7505:5665 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://www.prairiehillsmall.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 13:03:02 GMT
etag
W/"4d-LFMdxGwYZe/xj6Qk5mJ4pvoM+ew"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-809f5266
scan_1696957054779.js
cdn.userway.org/widgetapp/2023-10-10-16-57-34/scan/
52 KB
14 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2023-10-10-16-57-34/scan/scan_1696957054779.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-10-16-57-34/widget_app_base_1696957054779.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e82346cb8dbe953e34113ccc846918d0d71609080fdef2bb13f4e6b663dd7e11

Request headers

Referer
https://www.prairiehillsmall.com/
Origin
https://www.prairiehillsmall.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 12 Oct 2023 13:03:03 GMT
via
1.1 4142ad26eb2d1d4ff3450cfede1a3f60.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
HAM50-P1
age
106
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
158387
x-accel-date
1696957396
x-77-nzt
AcO1qhE3Nzf/s2oCAA
x-accel-expires
@1722877396
x-77-age
158387
last-modified
Tue, 10 Oct 2023 16:59:45 GMT
server
CDN77-Turbo
etag
W/"66be6219e4d776415911d72fac0f0abc"
x-77-nzt-ray
4c156224b9ca47eb87ee2765cea84c04
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
E3N2_4eEiSQwn6Yus4VfJe0Se4xsO_ISvWC_Mbjr_TANQBOy5rq1OA==
contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.prairiehillsmall.com%2F/DESKTOP/
0
0

contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.prairiehillsmall.com%2F/DESKTOP/ Frame
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.userway.org
URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.prairiehillsmall.com%2F/DESKTOP/contrib
Domain
api.userway.org
URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.prairiehillsmall.com%2F/DESKTOP/contrib

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| getUrlVar function| goto_pwofile_stores function| goto_pwofile_settings function| logout_13 function| createCookie function| readCookie function| SEWsearchFormSubmit undefined| close_mymall_timeout undefined| close_search_timeout function| open_my_mall function| close_my_mall function| open_search function| close_search function| adjust_anchor_positions object| googletag object| dataLayer function| gtag function| _ function| moment function| PwClient function| PwProfileView function| User_Profile number| smallBreakPoint number| mediumBreakPoint function| hexc string| color function| equalHeight function| loadPopup function| disablePopup object| placewiseLP boolean| isTouch object| jQuery111202788902676545346 object| _userway_config object| UserWayWidgetApp function| OneModal object| omodal boolean| mlrf_lock object| pw_profile function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream boolean| _userway object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| postscribe object| google_tag_manager_external undefined| google_measure_js_timing number| google_unique_id object| UserWay function| nr function| rr function| or function| Q function| Qt function| Yt function| qt function| Y function| Jt function| te function| x object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
www.prairiehillsmall.com/ Name: CFID
Value: 153624114
www.prairiehillsmall.com/ Name: CFTOKEN
Value: 151c42e5c6dde8f-67B56121-BF26-5476-4116B92F202A6F79
www.prairiehillsmall.com/ Name: WEBSVR
Value: 4
.prairiehillsmall.com/ Name: _ga_P96XJ06HPY
Value: GS1.1.1697115776.1.0.1697115776.60.0.0
.prairiehillsmall.com/ Name: _ga
Value: GA1.1.1969193911.1697115777
.prairiehillsmall.com/ Name: _ga_9310WSBGXZ
Value: GS1.1.1697115776.1.0.1697115776.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.prairiehillsmall.com/ Name: __gads
Value: ID=d19ca4343f2088e1:T=1697115777:RT=1697115777:S=ALNI_MYAIXRjT2VLdJFwtlxqJGKZiRZ8dg
.prairiehillsmall.com/ Name: __gpi
Value: UID=00000c97247ea45e:T=1697115777:RT=1697115777:S=ALNI_MZNhkux808iyLlbbd4_5CJDustmAw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4406ba6c966282abe4a2012f48333892.safeframe.googlesyndication.com
ajax.googleapis.com
api.userway.org
cdn.placewise.com
cdn.userway.org
fonts.googleapis.com
fonts.gstatic.com
images.shoptopia.com
imgathena.mallfinder.com
mallimages.mallfinder.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
region1.analytics.google.com
region1.google-analytics.com
s3.amazonaws.com
securepubads.g.doubleclick.net
sendmail.mallfinder.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.es
www.googletagmanager.com
www.googletagservices.com
www.prairiehillsmall.com
api.userway.org
192.96.159.126
192.96.159.127
2001:4860:4802:32::36
2600:1f14:5db:eb22:1149:d50f:7505:5665
2600:9000:223e:3e00:d:4526:2800:93a1
2600:9000:223f:e00:1d:83c6:1540:93a1
2600:9000:2240:e200:1f:c0af:eac0:93a1
2600:9000:2250:6800:14:8902:e640:93a1
2606:4700::6812:acf
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9c
2a02:6ea0:c700::19
52.216.60.104
0398f70e4c1791c26ca6c5844382defc9e9df8a7effacfcde86480825ce8f029
08225d202ce21e75e26362b1eb9330b62c70683cfb879f657e2c96bcb2d5a9f8
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
152375195f057557404e2f8da4dfeea9d6e84c20c6c349086199fd39fd905cc4
1b0bf68e7f3e9c014b87051232e846d3ea452f20c3be90324ce294f9245f8c14
1edc8d87c5995d37d634751fbf1f081fc066d2c8d90f29e66d3fbc0cf97d59bc
283cb1eddf8c0488a2e983a40aab5ffff93aa84d7904da2607d6d65fdbadc16d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
32d365cd834e35c11ec2263d5f2e7809b1cbfd87693e345605c9f9ac22458249
378b9b4f34551157e0e4a2237a85e0db9556e2f52b3d2d0f9b3d88ba6f82da60
41f41aa3f32ea20a820c36488c40e2acb8f022c35d91c69a1d1c75e63edebf54
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48f44a015763fc0105a033aae360ba02529d0ea0016f6fc97f0f582cffe0a1b9
49ccc4de899c9eaf539dcb57224a9999e098150e29a79fb0854f282d143ebecd
4dd2dd15e9497a3383e9b8f6f17705cf0e4ec8b1159619f50fdc49a6d6723f1b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
5d978629f895300603e1cb893c7c5d16c446485fbe9372db52cd95adc0a5dd11
5f8ee544619445407ebdf094e150392ed5a35c8a6596589b140a110f117151b6
6002854e563ff2ee9a1c404ddb308e8d3bb30b4988f4b4a881f2c6199bf56739
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
61fa87581fd4419ba4b95e535106c323a2aec4e1a20002d0fb13e79110a6e118
625284c6d069f628c797d4fdaba40a583bb22dfdcf37c8d9374a44efab88f732
66f6bd4005452d000b45789332ccc5344c3c510fa4321f823022462fbf6a6e94
69c19559abf9d661ab5d2adf23b235ddf2164f4252995caa5823c3ff4c45addd
7306fa4345df000b6119e16e2375463219c109a075f67a86efe36530b2705657
762b85e9d451795b62e9e02015cdaae4216786c3c65ec356f21556887fd54255
7637fd0708f784a232ef2298f0e7b325186dd5eb9805e1dde626d0538e494ea8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b8264d3ccedba198675354709bcef9e6c372576c9cec2cf3cc15b08e813672a
7b93a14d95ba9ec05036fe944b16b57d3843e345800521fc84e95690f6d188bf
80acf4b9ba1e0f99ffb3b5b1398085b9787f550f8218c59eb12d341ebb30f419
84b73d6a57332d515d5ab04056617f5a0b9664351941cb61717fa8328bd8598e
8aafad8c9e4ea01007a997934f7edf20230319d743f54124cabc2e1277c5cb24
8c093b750c1fb51a204bb14f926ab8a38a91d30cfdf769290318b7fa2cabff15
928372012739bb488984f8e7304b62f1f9f06e0c732e7b24f960e40d7f854ab8
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
a239dd4d0c6652e983748954f4d3023f7cb26194873b0ae747b7065fbed395d2
a2c7cb072a403d2651fd7fad5848e81c5bf6ad67e8ab000f9da01bcb4a0239e6
a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d
b11104a40e708027819dfe1e8b5c77341591990850e97285c8c27ce30425a646
b1a021abf30197edb21ef669c42fce33efdb658a4feb040b57e535a95e05ad4c
b8ad059ca17974b3df4e3a7ab4a85d17b0072b17358766c97196e7e120b802bb
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c58e0415ca6fd3845fe458fd7ffd6d19215f7005f3ca569bc271d6dbd132a036
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82346cb8dbe953e34113ccc846918d0d71609080fdef2bb13f4e6b663dd7e11
ea4c74db8714869fb124d0ea0bb5d6f7106693400cc96670b943cba6751e3f53
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b53afcd73279f1e7ab680b1d5c0a635264d94a9014a650d38beafb446fefe0
f41d3324ad0d648feb49c233f4fd9849b4d59380b15404f50c88d05aa7136098
f44ae2d20473d18ec02fb591305f75b57e0475976cc1032b821601a82334fa01
f85ec814313bbdab4336992b5d33827d788c4a208edaf14fda4384eea2c47602