id.westfield.com Open in urlscan Pro
108.157.188.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%...
Submission: On June 15 via manual (June 15th 2024, 10:52:15 am UTC) from DE — Scanned from DE

Summary HTTP 50 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 50 HTTP transactions. The main IP is 108.157.188.57, located in United States and belongs to AMAZON-02, US. The main domain is id.westfield.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 8th 2024. Valid for: a year.

This is the only time id.westfield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	108.157.188.57 108.157.188.57	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	188.40.62.8 188.40.62.8	24940 (HETZNER-AS) (HETZNER-AS)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6813:a641	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	12

12 108.157.188.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-188-57.mxp53.r.cloudfront.net

id.westfield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn.urw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.40.62.8 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mail.geonames.org

www.geonames.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.westfield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resourcesurwscth.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:a641 (United States)

ASN13335 (CLOUDFLARENET, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	westfield.com id.westfield.com www.westfield.com — Cisco Umbrella Rank: 384778 Failed	489 KB
10	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 893	27 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	212 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	183 KB
3	azureedge.net resourcesurwscth.azureedge.net — Cisco Umbrella Rank: 439517	808 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 296	829 B
2	geonames.org www.geonames.org — Cisco Umbrella Rank: 761628	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	16 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 3342	41 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	295 B
1	urw.com cdn.urw.com — Cisco Umbrella Rank: 443745	2 KB
50	11

	Domain	Requested by
12	id.westfield.com	id.westfield.com
10	js-agent.newrelic.com	id.westfield.com
10	cdn.cookielaw.org	id.westfield.com
4	www.googletagmanager.com	id.westfield.com resourcesurwscth.azureedge.net
3	resourcesurwscth.azureedge.net	www.westfield.com resourcesurwscth.azureedge.net
2	bam.nr-data.net	id.westfield.com
2	www.geonames.org
1	cdn.jsdelivr.net	www.westfield.com
1	res.cloudinary.com
1	geolocation.onetrust.com	id.westfield.com
1	www.westfield.com	id.westfield.com
1	cdn.urw.com
50	12

This site contains links to these domains. Also see Links.

Domain
westfield.com
www.westfield.com
www.onetrust.com

Subject Issuer	Validity	Valid
prod.id.westfield.com Amazon RSA 2048 M02	`2024-02-08` - `2025-03-09`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
cdn.urw.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-06`	a year	crt.sh
www.geonames.org R3	`2024-05-07` - `2024-08-05`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.westfield.com RapidSSL TLS RSA CA G1	`2023-09-12` - `2024-09-28`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-14` - `2024-06-22`	6 months	crt.sh
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 04	`2024-03-29` - `2025-03-24`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
Frame ID: 43208184E861235C58644832FE973E66
Requests: 41 HTTP requests in this frame

Frame: https://www.westfield.com/de-de/terms-and-conditions?nobanner=true&webview=1
Frame ID: 4F4A10CE00095EBF620BD86F299132A0
Requests: 1 HTTP requests in this frame

Frame: https://www.westfield.com/de-de/terms-and-conditions?nobanner=true&webview=1
Frame ID: 7ED99013CDCB3811E5EA7EB800DD3915
Requests: 1 HTTP requests in this frame

Frame: https://www.westfield.com/de-de/terms-and-conditions?nobanner=true&webview=1
Frame ID: 69BB5DE208B3D9938AB373FE775D7285
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

One Connect

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

50
Requests

96 %
HTTPS

73 %
IPv6

11
Domains

12
Subdomains

12
IPs

2
Countries

1788 kB
Transfer

7375 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://westfield.com/de-DE/privacy-notice
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.westfield.com/en-us/privacy-notice
Title: Privacy Notice.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 403 Primary Request step1 Show response
id.westfield.com/register/ 123 KB
24 KB 258ms
136ms Document
text/html 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.188.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-188-57.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f6bea8906ed3e40daf15b48cd79dfa0f86fba6ccc68a9b6891d039cc0e7cfbd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-type: text/html
date: Sat, 15 Jun 2024 10:52:08 GMT
etag: W/"4cdef44f7bd709bc761d8f0e0d8fd005"
last-modified: Wed, 12 Jun 2024 08:26:27 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
x-amz-cf-id: pWTvLPBX9eFNH4I3sxlkQ5ehLd8yRK5grpSkKnvOJezsQdSCTi00Pg==
x-amz-cf-pop: MXP53-P1
x-amz-error-code: AccessDenied
x-amz-error-message: Access Denied
x-amz-version-id: 8mX8lGaE5VtYNG6zxRCKB77.chx4sxEt
x-cache: Error from cloudfront

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 265 KB
79 KB 167ms
75ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NMH6ZV9

Requested by

Host: id.westfield.com
URL: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5834fba8235b534d6e5a17126ea1df12aedd183f80f6ce99813a434c290d751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80265
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Jun 2024 10:52:09 GMT

GET
H2 200 index.6033bafa.js Show response
id.westfield.com/assets/ 570 KB
187 KB 58ms
58ms Script
text/javascript 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.westfield.com/assets/index.6033bafa.js
Requested by: Host: id.westfield.com
URL: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.188.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-188-57.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ff8cc1105961dcef8431d03c9b7773a0cc9f141c489820f039f2ebcb91399dc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
Origin: https://id.westfield.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: HT3h71qELruR4rjMOsBX_COnZh09_2H.
content-encoding: gzip
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
date: Sat, 15 Jun 2024 10:15:51 GMT
last-modified: Wed, 12 Jun 2024 08:26:26 GMT
server: AmazonS3
x-amz-cf-pop: MXP53-P1
age: 2419
etag: W/"b85d0eed70af92c9bbbf3dc93be8a10b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: io50oOp_ukZjBQPeDgiGwnjSVAj7krE4MeqCk-X4lrDASV55naaKHA==

GET
H2 200 index.5edb8069.css
id.westfield.com/assets/ 25 KB
5 KB 50ms
49ms Stylesheet
text/css 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.westfield.com/assets/index.5edb8069.css
Requested by: Host: id.westfield.com
URL: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.188.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-188-57.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5edb80690162c89a02a93d40d353492230f05cbe8b3db225c55c58e14f231d7a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: zuP6XkSk7ypabuDH7XqlL7.azg_rf_gw
content-encoding: br
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
date: Sat, 15 Jun 2024 10:36:17 GMT
last-modified: Wed, 12 Jun 2024 08:26:26 GMT
server: AmazonS3
x-amz-cf-pop: MXP53-P1
age: 1182
etag: W/"ccbbff2e795c5749ceed586afc58e604"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: DXmR3Sb8fPttgWCNw0esV82eNMGqrcAoUkXHBLznMtNi1aM0Sf6bew==

GET
H2 200 en-US Show response
id.westfield.com/v1/languages/ 12 KB
5 KB 178ms
177ms Fetch
application/json 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.westfield.com/v1/languages/en-US

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.188.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-188-57.mxp53.r.cloudfront.net

Software

Resource Hash

87ba78b641e8eef0b7c819d3a0aad20beacedde3630fc6edca2023840c34c2dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 1721684@nr=0-1-1721684-1134296803-07067a92f5e5049c----1718448729488
traceparent: 00-2b04b215261da618f0ae006e47e40ca0-07067a92f5e5049c-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3MjE2ODQiLCJhcCI6IjExMzQyOTY4MDMiLCJpZCI6IjA3MDY3YTkyZjVlNTA0OWMiLCJ0ciI6IjJiMDRiMjE1MjYxZGE2MThmMGFlMDA2ZTQ3ZTQwY2EwIiwidGkiOjE3MTg0NDg3Mjk0ODh9fQ==
Referer: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 12049
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
cross-origin-embedder-policy: require-corp
x-amzn-requestid: a346aa39-ee8b-4b72-8465-2f28f0d880e8
x-amzn-remapped-connection: keep-alive
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-amz-cf-pop: MXP53-P1
cross-origin-resource-policy: same-origin
x-amz-apigw-id: ZZ7ODGEfjoEEoDw=
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"2f11-CXtXt+6DFPkK+9Jye1+ck2Ow9ag"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
x-download-options: noopen
x-amzn-remapped-date: Sat, 15 Jun 2024 10:52:09 GMT
x-amz-cf-id: 1nG1bY4YSesWUhlftw3rbtKAgZ3jvaM5vK7zvbDnEgOcviBgHh8VSw==

GET
H2 200 en Show response
id.westfield.com/v1/languages/ 12 KB
5 KB 191ms
191ms Fetch
application/json 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.westfield.com/v1/languages/en

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.188.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-188-57.mxp53.r.cloudfront.net

Software

Resource Hash

4c05be3d299d6b44fd3c09bdb27b5feccb0dc4e2ab3b7854126d00df7002f491

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 1721684@nr=0-1-1721684-1134296803-2c763b820afc1234----1718448729489
traceparent: 00-2e97a50c1a38fa0f76844de1ff7805b0-2c763b820afc1234-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3MjE2ODQiLCJhcCI6IjExMzQyOTY4MDMiLCJpZCI6IjJjNzYzYjgyMGFmYzEyMzQiLCJ0ciI6IjJlOTdhNTBjMWEzOGZhMGY3Njg0NGRlMWZmNzgwNWIwIiwidGkiOjE3MTg0NDg3Mjk0ODl9fQ==
Referer: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 12066
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
cross-origin-embedder-policy: require-corp
x-amzn-requestid: 6caeedc1-8fb6-4e1f-9da9-17736b46e7bf
x-amzn-remapped-connection: keep-alive
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-amz-cf-pop: MXP53-P1
cross-origin-resource-policy: same-origin
x-amz-apigw-id: ZZ7ODE9qDoEEasA=
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"2f22-bXmaLe0buJ/UyKVrOIs+VDosrl0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
x-download-options: noopen
x-amzn-remapped-date: Sat, 15 Jun 2024 10:52:09 GMT
x-amz-cf-id: giREZZv6473mBmYhApDXVhuvxG9_tV6bNULZiMrrPNOKIXZ1PyymOQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 334 KB
104 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W65QHWH&l=dataLayer

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a33045849f1a47ce0cc82b5cc4a5f6b575da1b515ed8f0ec3a6454fc7fd15f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106207
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Jun 2024 10:52:09 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 137ms
55ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 10:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OKrCs7nhvutcs03VCUskmw==
age: 61373
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:30 GMT
server: cloudflare
etag: 0x8DC8B517E123FAA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ae3a10ff-301e-004b-7bac-bda210000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894202511fa49b9e-FRA

GET
H2 200 692.215647de-1223.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 152ms
50ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/692.215647de-1223.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a757f891e9f4a002a7aecb7fcf4e1d74e3e43cc2dc74c3a1fe3812fe7c9a3545

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: edb.nbEw.1.PF652sORe7Bya177Yciq9
content-encoding: br
via: 1.1 varnish
date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: BRV3B3BTDSSMR8MK
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1119
x-amz-id-2: r8ZgZWpl5f0RPUMv7H+oDYEn/lPMnqHhjG+d7nR4UpzpW4UAPuWKdur6tsmtuV0BTxFrRyU1d97KWd53WukvSAmrNeDo1oRaSh8ANub9nRI=
x-served-by: cache-mxp6944-MXP
last-modified: Wed, 18 Oct 2023 20:56:46 GMT
server: AmazonS3
etag: "2a9c8457fef96067bf92a4ec54fb10b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 218

GET
H2 200 779.215647de-1223.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 149ms
47ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/779.215647de-1223.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

226b38d4dd6197b2d2989ef529f69e83ee3ff816b601033ee5ad3ba07fa76307

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Imx1ZJKNKnpqLRb7.L0vmedxhbCDlWF1
content-encoding: br
via: 1.1 varnish
date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: GR8W4MNS8FTYMQQ6
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3355
x-amz-id-2: PdBhnW9PvVfsWp1JipLdP6/In1Fi5fr3TDbUF9FwWWEQ056DLeOh6kmI+XOnyGLbwiG0Z4P+MdrBVAYKKxXjEyyCGWZJz1ZrObJbOHjzXlA=
x-served-by: cache-mxp6944-MXP
last-modified: Wed, 18 Oct 2023 20:56:53 GMT
server: AmazonS3
etag: "1f9dc6167676d6db728e844d20a97ad5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 223

GET
H2 200 823.215647de-1223.js Show response
js-agent.newrelic.com/ 3 KB
1 KB 153ms
52ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/823.215647de-1223.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf2b7b8c9c5756454079e4eb012128b38f569bcc9d32a5b895df5396ae5052b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: jBRx.m1etn0vjgyTb_HqYpeEFg0T9PGX
content-encoding: br
via: 1.1 varnish
date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: P884A3ZEW0SNWE6F
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1266
x-amz-id-2: 32ifyR7DLjazkQBF3PR3TslaTFX66hnu0X+fGNGDnV7uYrPv8NBAV6Zj2fV+yARnjoacU7f5RvI=
x-served-by: cache-mxp6944-MXP
last-modified: Wed, 18 Oct 2023 20:57:02 GMT
server: AmazonS3
etag: "ce7762cf4b6665f79c15503dbccd6c68"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 224

GET
H2 200 785.215647de-1223.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 148ms
47ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/785.215647de-1223.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e87e201d3ac066d6522dc7a17d02df52163ae9e47173244f017d23476f9e1eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Lq1SZb0W7TJykN0y8GcbhkSZK8ybFIpK
content-encoding: br
via: 1.1 varnish
date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: 0EECJWPYMQF2EZC9
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2195
x-amz-id-2: uqb6Fdt4HRmL0+PvoRQxEf3sYwfRwXbBQb1b9JFHDdfMhCCeQ0rtSuZUejzIAw+v/sYeS4Mrgj4=
x-served-by: cache-mxp6944-MXP
last-modified: Wed, 18 Oct 2023 20:56:54 GMT
server: AmazonS3
etag: "85340359c90104ea511047eb2b57ebb5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 222

GET
H2 200 325.215647de-1223.js Show response
js-agent.newrelic.com/ 1 KB
715 B 150ms
49ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/325.215647de-1223.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b1ffa703af97cbc8af57a71d2ba52caf7f68d6d34b50190aa9b7d0cb53233e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: SKvo.V1QzAeojoalaiTl6vWTsyMzxiSb
content-encoding: br
via: 1.1 varnish
date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: 5W3QGVTZCXBVEJ8K
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 510
x-amz-id-2: LNMOYoWJ6kJrb76p5joot3B2agdwxlXpj+Elid1PnTsXMIDL5txWMLZgyN5EH8jJn1OuVIIbrZU=
x-served-by: cache-mxp6944-MXP
last-modified: Wed, 18 Oct 2023 20:56:16 GMT
server: AmazonS3
etag: "8bfb1318203f2143642fa7f2620e90b9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 219

GET
H2 200 112.215647de-1223.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 151ms
50ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/112.215647de-1223.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c408e00f3bc7c005e9abb9d43b2e6ad3def85e0941ab974a9e3bd76673c8a4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: zyDAKmGA2cIl.j_RshfHw5fOQDBkbwX6
content-encoding: br
via: 1.1 varnish
date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: W5HY1VNDMRFNB0GA
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2696
x-amz-id-2: Y7A9JL8vRvtacyibRvX2ckBwvIe2nBV0dbUu1j03oLIZNy3ZiRtbjYArLosMseoKbEvpHSbzI4TzCT0P2fsbhODgBPc5nLrcENXQ78UyI4g=
x-served-by: cache-mxp6944-MXP
last-modified: Wed, 18 Oct 2023 20:56:00 GMT
server: AmazonS3
etag: "b225b095bddb200dcb67ba7625a14e0b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 201

GET
H2 200 960.215647de-1223.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 50ms
50ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/960.215647de-1223.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

88e0b9009e3713315a92b60c0b4bf76feb8d00397659b1ddcc6ec50a7e0f7f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: PfOZWQQ0QJ3x207NHFtDSABKCVHTj1dl
content-encoding: br
via: 1.1 varnish
date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: 2F4HMW81HFX56GK5
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2126
x-amz-id-2: 0ksmuG/o/3/QDX/E2BLAAMDfP0n7JpeBgDn3SRghn9rsigruQN2txYBuCt+b5++tbDPmnrTxXCHAzlDfpv4u0uUoBFOUODbbVnccqYVbA9U=
x-served-by: cache-mxp6944-MXP
last-modified: Wed, 18 Oct 2023 20:57:19 GMT
server: AmazonS3
etag: "57e420fb6a7c52d0c27d5548fef4de16"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 198

GET
H2 200 307.215647de-1223.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 51ms
51ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/307.215647de-1223.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ffa86b44a28a0a3cb18c772b09c2b4cd5812be3c763b445ec5c9d70ff48b0dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 1A4n793pamq0B5Zbibp1BlIggSgyl1QQ
content-encoding: br
via: 1.1 varnish
date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: 8AXSNCWRTZX57V21
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3846
x-amz-id-2: USxWPnAYc6pVkkHSbLbSDA0w4WBMYpx+3cguV/wkJqMlJgejL19OsNcAgpG+Imyo01t2HsBKRnz2148BaZ0mFC2Ckn8KAFOC
x-served-by: cache-mxp6944-MXP
last-modified: Wed, 18 Oct 2023 20:56:15 GMT
server: AmazonS3
etag: "cca13aa273adc25aced599968bea0601"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 200

GET
H2 200 817.215647de-1223.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 90ms
90ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/817.215647de-1223.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebd6c996822a5f23a3cd2a32ba98f37e4672270107d2cc7c9f220fdaed67482a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DzszpmDA0jSyFWIgVf7ka6hpyf_zJNu3
content-encoding: br
via: 1.1 varnish
date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: W5W791B8XD3MYA6G
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 958
x-amz-id-2: sPSuY6iy1Mkk4YNdnaAykdk8fd0/Na58wf3MyiUVw0BC/KYkNbwTsCQFZzB33rFGpVOUh2Ps1AQ=
x-served-by: cache-mxp6944-MXP
last-modified: Wed, 18 Oct 2023 20:56:58 GMT
server: AmazonS3
etag: "a5dc24e5a104adfcf70621ff7fb620ff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 199

GET
H2 200 378.215647de-1223.js Show response
js-agent.newrelic.com/ 17 KB
6 KB 91ms
90ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/378.215647de-1223.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6dabc51abad962efcfc47a6303909ba3cf193bcb33b21573090186f42b3384cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: zQkUJ.WQ9mnxt65fCx6GpRQf2PiZiZMj
content-encoding: br
via: 1.1 varnish
date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: W5HZEY7JXM99B7FZ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6193
x-amz-id-2: 0kilk0OiRiW7bunPA7a/fYkjDR9Z3I3tlmTQf5fBaIE7HLfU36PXJLJF5FmiK8zwVPMNkFhHy4I=
x-served-by: cache-mxp6944-MXP
last-modified: Wed, 18 Oct 2023 20:56:21 GMT
server: AmazonS3
etag: "2705e6768fceda2e9c8355d65e268d7c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 196

GET
H2 200 fav~o~icon~o~westfield.ashx
cdn.urw.com/les4temps/-/media/Unibail/Country~o~FR/Les4Temps/ 1 KB
2 KB 532ms
103ms Other
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.urw.com/les4temps/-/media/Unibail/Country~o~FR/Les4Temps/fav~o~icon~o~westfield.ashx?mh=32&mw=32&revision=19e40a93-5a84-42ce-8baf-d8bafcd90ee3&hash=DB43772511E1FC24819AB424FBF6A132

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

796f34bd94aa7b1ac8a301c70af4a47787158315dc216360e571efecda2b25d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
last-modified: Wed, 11 Sep 2019 23:22:57 GMT
content-encoding: br
vary: Accept-Encoding
x-azure-ref: 20240615T105210Z-r1695cb7469gnllsd05pknb0xw00000002dg0000000046k6
content-type: image/png
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=2592000
x-server: CD4
x-fd-int-roxy-purgeid: 63256338
x-xss-protection: 1; mode=block

GET
H2 200 Barlow.77fb1ac5.ttf
id.westfield.com/assets/ 96 KB
48 KB 50ms
50ms Font
font/ttf 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.westfield.com/assets/Barlow.77fb1ac5.ttf
Requested by: Host: id.westfield.com
URL: https://id.westfield.com/assets/index.5edb8069.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.188.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-188-57.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77fb1ac54d2ceb980e3ebdfa7a9d0f64e85a66e4fdfb7f914a7b0aa08fb33a5d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/assets/index.5edb8069.css
Origin: https://id.westfield.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: LyuEkDx4px33fZV_fsWel.9unq2F9BM2
content-encoding: gzip
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
date: Sat, 15 Jun 2024 09:57:10 GMT
last-modified: Wed, 12 Jun 2024 08:26:26 GMT
server: AmazonS3
x-amz-cf-pop: MXP53-P1
age: 3333
etag: W/"9373fb661b5c2954ab84d1b7f42774fe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: kNGT4AzJsdC6GAo77BJitSUPCHO3dntHI7Xw8JDCZcl8NQTNdOzgKA==

GET
H2 200 Balgin_bold.29a6eb1e.ttf
id.westfield.com/assets/ 100 KB
45 KB 57ms
57ms Font
font/ttf 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.westfield.com/assets/Balgin_bold.29a6eb1e.ttf
Requested by: Host: id.westfield.com
URL: https://id.westfield.com/assets/index.5edb8069.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.188.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-188-57.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29a6eb1e1947b6b5c019be892091eb83932e813e03a85eb239c1213a5ec6465f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/assets/index.5edb8069.css
Origin: https://id.westfield.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: PNxQm5JQdAxPFGoDgqXc2rrhcu0tKcgN
content-encoding: br
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
date: Sat, 15 Jun 2024 10:44:37 GMT
last-modified: Wed, 12 Jun 2024 08:26:26 GMT
server: AmazonS3
x-amz-cf-pop: MXP53-P1
age: 590
etag: W/"94ae9117c898a5d15094038c079cd627"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: dFWuiSX2E7ZvaqmxDcICa1vomVp4wMPK5tJOSVpcuxO5I-58F8Et9g==

GET
H2 200 Barlow_bold.984a0f81.ttf
id.westfield.com/assets/ 101 KB
47 KB 64ms
64ms Font
font/ttf 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.westfield.com/assets/Barlow_bold.984a0f81.ttf
Requested by: Host: id.westfield.com
URL: https://id.westfield.com/assets/index.5edb8069.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.188.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-188-57.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 984a0f81f4b34352fdf463d201091f9be8e5f6be66277779ddec6d3644d77ecf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/assets/index.5edb8069.css
Origin: https://id.westfield.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8EtcOvli9w4N1d9fkkU0Sz57hls1hg3g
content-encoding: br
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
date: Sat, 15 Jun 2024 10:36:17 GMT
last-modified: Wed, 12 Jun 2024 08:26:26 GMT
server: AmazonS3
x-amz-cf-pop: MXP53-P1
age: 1180
etag: W/"72871854aabdd7a79c4fc5038cb4faaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
x-amz-cf-id: tuj5qu03KQdPwHCy0A4eUfQ1qxHomClCiJGiNvdDFuHoENfLcOxy-g==

GET
H2 200 info Show response
id.westfield.com/v1/centers/ 843 KB
50 KB 238ms
238ms XHR
application/json 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.westfield.com/v1/centers/info?include_legaltext=true&locale=de-DE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.188.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-188-57.mxp53.r.cloudfront.net

Software

Resource Hash

37e3ac927c1dc5634342f90595b0522f17715ac9c358ad11583ad226633d8574

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-NewRelic-ID: undefined
tracestate: 1721684@nr=0-1-1721684-1134296803-c3fd87ea29d6cc7e----1718448729712
traceparent: 00-6136ee894a28064f9b658293d119f640-c3fd87ea29d6cc7e-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3MjE2ODQiLCJhcCI6IjExMzQyOTY4MDMiLCJpZCI6ImMzZmQ4N2VhMjlkNmNjN2UiLCJ0ciI6IjYxMzZlZTg5NGEyODA2NGY5YjY1ODI5M2QxMTlmNjQwIiwidGkiOjE3MTg0NDg3Mjk3MTJ9fQ==
Content-Type: application/json
Accept: application/json
Referer: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 863210
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
cross-origin-embedder-policy: require-corp
x-amzn-requestid: 983e8418-3855-4b03-970a-ad1f9c685c8f
x-amzn-remapped-connection: keep-alive
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-amz-cf-pop: MXP53-P1
cross-origin-resource-policy: same-origin
x-amz-apigw-id: ZZ7OFFXCjoEEBTA=
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"d2bea-S4jc0su03BLXU8W4qbcnxQcJjWA"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
x-download-options: noopen
x-amzn-remapped-date: Sat, 15 Jun 2024 10:52:09 GMT
x-amz-cf-id: PbH1qak-sg0Ig4MhrC3xGRd2ziFt4XdjSh2KMFNoq3rosiMx0t7U7Q==

GET
H2 200 logo_westfield.f39ec5e4.svg
id.westfield.com/assets/ 5 KB
2 KB 48ms
48ms Image
image/svg+xml 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.westfield.com/assets/logo_westfield.f39ec5e4.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.188.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-188-57.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f39ec5e498cc918cb3dd87725f5ff185ff7ce90b34855825f23a9e7d4c429d57

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: gqAVvVSU5GGEInMLsqm1jwtziMKPRc6U
content-encoding: br
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
date: Sat, 15 Jun 2024 10:36:17 GMT
last-modified: Wed, 12 Jun 2024 08:26:26 GMT
server: AmazonS3
x-amz-cf-pop: MXP53-P1
age: 1605
etag: W/"822cac5882e51be057c195405daf95c7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: WoBgnVY6eTL5nvE9LGkwhFyEhJenddlWTYoah5YZXRNh_ULVYj-mGg==

GET
H2 200 cross.4ec43b04.svg
id.westfield.com/assets/ 336 B
709 B 49ms
49ms Image
image/svg+xml 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.westfield.com/assets/cross.4ec43b04.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.188.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-188-57.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ec43b045387889aeac1960cd109dd887573790171bddcaf15cd7688d64015b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: q4iIA2XiofIrH3Eq_UqhFjpdJ7GwZlz.
date: Sat, 15 Jun 2024 10:04:51 GMT
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jun 2024 08:26:26 GMT
server: AmazonS3
x-amz-cf-pop: MXP53-P1
age: 2902
etag: "f9721297999610b663fba2f902cf4063"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
content-length: 336
x-amz-cf-id: hy_vd1jo5a4jvOZwN2pWzy-eehsN9QsPLGqRvUJ45yuqBueVnbOiTQ==

GET
H/1.1 200
OK us.gif
www.geonames.org/flags/x/ 6 KB
7 KB 146ms
38ms Image
image/gif 188.40.62.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geonames.org/flags/x/us.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

188.40.62.8 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.geonames.org

Software

Apache/2.4.37 (AlmaLinux) mod_jk/1.2.48 OpenSSL/1.1.1k /

Resource Hash

1cdcd1ad1e30b70afd961d363a930e2db03dd3afaf7be1a1151e814e9a3ae390

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 10:52:09 GMT
Last-Modified: Tue, 19 Aug 2003 17:56:06 GMT
Server: Apache/2.4.37 (AlmaLinux) mod_jk/1.2.48 OpenSSL/1.1.1k
ETag: "192a-3c542d53a1980"
X-Frame-Options: sameorigin
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6442
Expires: Sat, 22 Jun 2024 10:52:09 GMT

GET
H2 200 de-DE Show response
id.westfield.com/v1/languages/ 14 KB
6 KB 245ms
245ms Fetch
application/json 108.157.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.westfield.com/v1/languages/de-DE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.188.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-188-57.mxp53.r.cloudfront.net

Software

Resource Hash

33e8f52ab82ea77d2cb7a84f754171971f17a7296090f561cd782a4a96788b24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
tracestate: 1721684@nr=0-1-1721684-1134296803-2c3a0413b00232e2----1718448729723
traceparent: 00-cf4ca457f00fb8986943c20e4386b700-2c3a0413b00232e2-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3MjE2ODQiLCJhcCI6IjExMzQyOTY4MDMiLCJpZCI6IjJjM2EwNDEzYjAwMjMyZTIiLCJ0ciI6ImNmNGNhNDU3ZjAwZmI4OTg2OTQzYzIwZTQzODZiNzAwIiwidGkiOjE3MTg0NDg3Mjk3MjN9fQ==
Referer: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 14237
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront)
cross-origin-embedder-policy: require-corp
x-amzn-requestid: 1366e7be-4fcb-4579-947b-a30f44b4f7cf
x-amzn-remapped-connection: keep-alive
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-amz-cf-pop: MXP53-P1
cross-origin-resource-policy: same-origin
x-amz-apigw-id: ZZ7OFF39joEEQfw=
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"379d-dojx9/z0Y/+AXkdeRBXulBpcsRI"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
x-download-options: noopen
x-amzn-remapped-date: Sat, 15 Jun 2024 10:52:09 GMT
x-amz-cf-id: 3JDyr9Ek9GM4gN7OCsJC1woes5V7qDP_20KwKSTdx1jOY9qdtmGSHw==

GET terms-and-conditions
www.westfield.com/de-de/ Frame 4F4A 0
0

GET
H/1.1 200
OK de.gif
www.geonames.org/flags/x/ 1 KB
2 KB 133ms
39ms Image
image/gif 188.40.62.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geonames.org/flags/x/de.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

188.40.62.8 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.geonames.org

Software

Apache/2.4.37 (AlmaLinux) mod_jk/1.2.48 OpenSSL/1.1.1k /

Resource Hash

c01e11fba230899801e2d50a195504b1d528f90376a1c7c60f06dd697be64f45

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 10:52:09 GMT
Last-Modified: Sun, 14 Apr 2019 10:17:48 GMT
Server: Apache/2.4.37 (AlmaLinux) mod_jk/1.2.48 OpenSSL/1.1.1k
ETag: "4d9-5867ad8facb00"
X-Frame-Options: sameorigin
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1241
Expires: Sat, 22 Jun 2024 10:52:09 GMT

GET
H2 200 8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd.json Show response
cdn.cookielaw.org/consent/8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd/ 4 KB
2 KB 220ms
140ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd/8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d7e48c59e1adf493ee40ce8d2d146e1864c0ed69b336613f8e10fa76090af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 10:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 48740
content-md5: e2EAOP5h82xD9Id8/y2coQ==
content-length: 1581
x-ms-lease-status: unlocked
last-modified: Tue, 19 Mar 2024 16:55:46 GMT
server: cloudflare
etag: 0x8DC48356C44CE0A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5793876a-501e-008b-021e-7a3dee000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894202526c5d9000-FRA
expires: Sun, 16 Jun 2024 10:52:10 GMT

GET
H/1.1 200 c5c2c9c984 Show response
bam.nr-data.net/1/ 79 B
486 B 851ms
579ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/c5c2c9c984?a=1134296803&sa=1&v=1223.PROD&t=Unnamed%20Transaction&rst=837&ck=0&s=a1baf3365dc28b48&ref=https://id.westfield.com/register/step1&be=310&fe=370&dc=184&af=err,xhr,stn,spa&perf=%7B%22timing%22:%7B%22of%22:1718448728989,%22n%22:0,%22f%22:0,%22dn%22:23,%22dne%22:23,%22c%22:23,%22s%22:70,%22ce%22:122,%22rq%22:122,%22rp%22:258,%22rpe%22:306,%22dl%22:263,%22di%22:320,%22ds%22:493,%22de%22:494,%22dc%22:679,%22l%22:679,%22le%22:681%7D,%22navigation%22:%7B%7D%7D&fp=801&fcp=801&jsonp=NREUM.setToken
Requested by: Host: id.westfield.com
URL: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:10 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: *
Content-Length: 79
x-served-by: cache-fra-etou8220129-FRA

GET terms-and-conditions
www.westfield.com/de-de/ Frame 7ED9 0
0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 153ms
66ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 89420253ca2468e5-FRA
access-control-allow-headers: Content-Type

GET
H2 200 terms-and-conditions Show response
www.westfield.com/de-de/ Frame 69BB 537 KB
65 KB 300ms
300ms Document
text/html 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westfield.com/de-de/terms-and-conditions?nobanner=true&webview=1

Requested by

Host: id.westfield.com
URL: https://id.westfield.com/assets/index.6033bafa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c96913215048636a41a3b72fff2b0c03ed94584e87df25da0d549618bc025413

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://id.westfield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
content-type: text/html; charset=utf-8
date: Sat, 15 Jun 2024 10:52:10 GMT
etag: W/"5AFD61C0986EE2C2BED1AF28A9A112DB"
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-azure-ref: 20240615T105210Z-15f57b858d4j6z25pa2hf8s3t400000000ng0000000007cr
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-server: CD2TH
x-xss-protection: 1; mode=block

GET
H2 200 yvgjeuwpa27bfplgwhfa.png
res.cloudinary.com/westfielddg/image/upload/westfield-media/de/centre/logo/ 41 KB
41 KB 206ms
93ms Image
image/png 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/westfielddg/image/upload/westfield-media/de/centre/logo/yvgjeuwpa27bfplgwhfa.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30c7fce5b5814d6995be7ede3a4790a9e7bf8b8b57ef1875d14b62718b423379

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:10 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=34;start=2024-06-15T10:52:10.298Z;desc=hit,rtt;dur=39,content-info;desc="width=1182,height=734,bytes=41491,o=1,ef=(17);"
content-length: 41491
last-modified: Wed, 03 Apr 2024 11:24:43 GMT
server: cloudflare
etag: "fe7331c68c031d884d0ee2aad4e0e18f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
cf-ray: 894202544f853a91-FRA
timing-allow-origin: *

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/ 426 KB
103 KB 56ms
56ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 10:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1/fYiRcAkidM+2Rc1fEXtg==
age: 55772
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 104832
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:14 GMT
server: cloudflare
etag: 0x8DBD5D490C850BD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fbbc7bb8-101e-0041-2a9a-226167000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894202543c4a9b9e-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd/cd40bf4b-875c-4188-9ff2-8465632ebd09/ 90 KB
22 KB 65ms
65ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8e6f5b77-14a5-4f8e-b9a6-856dcb0d5cbd/cd40bf4b-875c-4188-9ff2-8465632ebd09/en.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02881cac77c0e6573a504c8624408ab63ae896c208244d506a2b23a780c45d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 10:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 82295
content-md5: 6Vyg4z0x2fuzzbixxF/NCA==
content-length: 22049
x-ms-lease-status: unlocked
last-modified: Tue, 19 Mar 2024 16:55:50 GMT
server: cloudflare
etag: 0x8DC48356EB8CE3F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 26758a14-c01e-0030-131e-7a874c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89420254eee79000-FRA
expires: Sun, 16 Jun 2024 10:52:10 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ 9 KB
3 KB 65ms
64ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCenterRounded.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 10:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8GHk3hZiMg1r5Cx6Tsv30A==
age: 45323
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2626
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:08 GMT
server: cloudflare
etag: 0x8DBD5D48D725279
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 17dba6c2-001e-00a9-7872-79f8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894202556f729000-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/ 63 KB
14 KB 53ms
53ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/otPcTab.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 10:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mt5VYaL9Mm+9OznjR6m8jw==
age: 40668
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13595
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:10 GMT
server: cloudflare
etag: 0x8DBD5D48E860A3F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: dc6ef3e1-e01e-0055-6ebf-0b2908000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894202556f739000-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ 21 KB
4 KB 55ms
55ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCommonStyles.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 10:52:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 10121
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e235a018-801e-007c-6606-24177c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 894202556f759000-FRA

GET
H2 200 national.min.css
resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/ Frame 69BB 594 KB
121 KB 263ms
80ms Stylesheet
text/css 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/css/national.min.css?version=20240610.2

Requested by

Host: www.westfield.com
URL: https://www.westfield.com/de-de/terms-and-conditions?nobanner=true&webview=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

52a3fcf26a25c9d245a3e96464d7154c68dde3b706dbe1f47511bad10d90ef3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
content-encoding: br
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 0
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jun 2024 09:15:58 GMT
etag: W/"d85599f8dfbbda1:0"
vary: Accept-Encoding
x-azure-ref: 20240615T105210Z-15f57b858d47jh6pdf2f1uy0dc00000003m000000000d9ur
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-server: CM2TH

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ Frame 69BB 59 KB
16 KB 147ms
64ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.min.js

Requested by

Host: www.westfield.com
URL: https://www.westfield.com/de-de/terms-and-conditions?nobanner=true&webview=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.westfield.com/
Origin: https://www.westfield.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 326465
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15925
x-served-by: cache-fra-eddf8230043-FRA, cache-lga21973-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"eab9-PwlPAQv7DAIqUbYneNQ2HRytP9Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q4Uml0ulh%2BJXnMnvkUthZ2IVS2iq7lh4IpCxFHn%2Bezu78%2BtEaMk1jTgpZWjWNfODkGPWasGgHxZs9zsgp%2FHlSICZH6J8iIIyLC9TEBYaakkzG%2BuMGaaT8l%2FCR%2BTiLobWbSuw%2BwOKXuMGT8VULe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 894202560ee69744-FRA

GET
H2 200 main.593f6512.js Show response
resourcesurwscth.azureedge.net/dist/newunibailreactapp/static/js/ Frame 69BB 2 MB
686 KB 262ms
81ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/static/js/main.593f6512.js

Requested by

Host: www.westfield.com
URL: https://www.westfield.com/de-de/terms-and-conditions?nobanner=true&webview=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5a19a52e573e7ed5075c37f592ae808f4730ac4aab1d5226c5c8798478fea879

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
content-encoding: br
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 0
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jun 2024 09:16:09 GMT
etag: W/"eadb7fffdfbbda1:0"
vary: Accept-Encoding
x-azure-ref: 20240615T105210Z-15f57b858d47jh6pdf2f1uy0dc00000003m000000000d9us
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-server: CM2TH

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 50ms
49ms Fetch
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 10:52:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 5196
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7e4195a4-101e-0031-4b8c-bdc85d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89420255d8199000-FRA

GET
H2 200 The_Westfield_Group_logo.svg.png
cdn.cookielaw.org/logos/52823b6c-31fb-4560-a79a-8095db05be2a/a85f3092-67ef-4366-947d-71ff733bcc9b/1e9bbb7b-948c-4e23-8111-c163c69fc4d3/ 56 KB
56 KB 55ms
54ms Image
image/png 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/52823b6c-31fb-4560-a79a-8095db05be2a/a85f3092-67ef-4366-947d-71ff733bcc9b/1e9bbb7b-948c-4e23-8111-c163c69fc4d3/The_Westfield_Group_logo.svg.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c127dc5cd769f77330b34958eb514dd205f35786967684d7943191058cdb995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 10:52:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cxDkhBn4EEdS0ev6qeh8+A==
age: 55273
content-length: 56861
x-ms-lease-status: unlocked
last-modified: Fri, 10 Mar 2023 15:15:06 GMT
server: cloudflare
etag: 0x8DB217A3B4F6411
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 39288853-401e-003e-44a9-21aefc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89420255eeae9b9e-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 57ms
57ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jun 2024 10:52:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 23100
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8b6924e8-d01e-00af-02c3-bdb11a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89420255eeb09b9e-FRA

POST
H/1.1 200 c5c2c9c984 Show response
bam.nr-data.net/events/1/ 24 B
343 B 271ms
271ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/c5c2c9c984?a=1134296803&sa=1&v=1223.PROD&t=Unnamed%20Transaction&rst=1696&ck=0&s=a1baf3365dc28b48&ref=https://id.westfield.com/register/step1
Requested by: Host: id.westfield.com
URL: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read%
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://id.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 15 Jun 2024 10:52:10 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://id.westfield.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-etou8220046-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 69BB 265 KB
0 0ms
0ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NMH6ZV9

Requested by

Host: resourcesurwscth.azureedge.net
URL: https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/static/js/main.593f6512.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5834fba8235b534d6e5a17126ea1df12aedd183f80f6ce99813a434c290d751

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:09 GMT
content-encoding: br
last-modified: Sat, 15 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80265
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Jun 2024 10:52:09 GMT

GET
H2 200 unibailscripts.min.js Show response
resourcesurwscth.azureedge.net/dist/newunibailreactapp/js/ Frame 69BB 4 KB
2 KB 40ms
39ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/js/unibailscripts.min.js?version=20240610.2

Requested by

Host: resourcesurwscth.azureedge.net
URL: https://resourcesurwscth.azureedge.net/dist/newunibailreactapp/static/js/main.593f6512.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b4bd0ee953434a917e3e3eae61ab94b5017db54ad47d4a5ee346bf4a1646067f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' http://turan.urw.com/ https://turan-web.preprod.cloud.coreoz.com/ https://turan-web2.preprod.cloud.coreoz.com/ https://apollo.int.coreoz.com/world https://prod.id.westfield.com/ https://id.westfield.com/ https://turan-v2.urw.com/ https://turan-web3.preprod.cloud.coreoz.com/ https://unibail-turan-web.int.coreoz.com/
content-encoding: br
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 0
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jun 2024 05:09:38 GMT
etag: W/"59b91f8fbdbbda1:0"
vary: Accept-Encoding
x-azure-ref: 20240615T105211Z-15f57b858d47jh6pdf2f1uy0dc00000003m000000000d9v8
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-server: CM1TH

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 69BB 334 KB
0 0ms
0ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W65QHWH&l=dataLayer

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a33045849f1a47ce0cc82b5cc4a5f6b575da1b515ed8f0ec3a6454fc7fd15f8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.westfield.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 10:52:09 GMT
content-encoding: br
last-modified: Sat, 15 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Jun 2024 10:52:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.westfield.com
URL: https://www.westfield.com/de-de/terms-and-conditions?nobanner=true&webview=1

Domain: www.westfield.com
URL: https://www.westfield.com/de-de/terms-and-conditions?nobanner=true&webview=1

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.westfield.com/	1969-12-31 23:59:59	Name: onewestfield#lang Value: de-DE
www.westfield.com/	1969-12-31 23:59:59	Name: ASLBSA Value: 0003089d5e7334a8fc03404c3a1f741caacab474e6d405f722bd5302f174192384a4
www.westfield.com/	1969-12-31 23:59:59	Name: ASLBSACORS Value: 0003089d5e7334a8fc03404c3a1f741caacab474e6d405f722bd5302f174192384a4
.westfield.com/	1970-01-21 01:40:00	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Jun+15+2024+12%3A52%3A10+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202310.1.0&browserGpcFlag=0&isIABGlobal=false&consentId=19edcf9c-ec90-4c7b-8677-b50184c89bdf&interactionCount=0&landingPath=https%3A%2F%2Fid.westfield.com%2Fregister%2Fstep1%3Fcenter%3DDE-SC-UB001%26client_id%3D6F4DDE80E30284EE230C7061FE49B33D%26redirect_uri%3Dhttps%253A%252F%252Fplayer.qualifio.com%252Foauth%252Fcallback%26response_type%3Dcode%26scope%3Dread%25&groups=C1%3A1%2CC3%3A0%2CC2%3A0%2CC4%3A0%2CC5%3A0&hosts=H85%3A1%2CH78%3A1%2CH91%3A1%2CH8%3A1%2CH99%3A0%2CH89%3A0%2CH5%3A0%2CH70%3A0%2CH73%3A0%2CH81%3A0%2CH56%3A0%2CH71%3A0%2CH16%3A0%2CH79%3A0%2CH105%3A0%2CH92%3A0%2CH72%3A0&genVendors=V1%3A0%2C

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.westfield.com/register/step1?center=DE-SC-UB001&client_id=6F4DDE80E30284EE230C7061FE49B33D&redirect_uri=https%3A%2F%2Fplayer.qualifio.com%2Foauth%2Fcallback&response_type=code&scope=read% Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.cookielaw.org
cdn.jsdelivr.net
cdn.urw.com
geolocation.onetrust.com
id.westfield.com
js-agent.newrelic.com
res.cloudinary.com
resourcesurwscth.azureedge.net
www.geonames.org
www.googletagmanager.com
www.westfield.com
www.westfield.com
108.157.188.57
162.247.243.29
188.40.62.8
2602:816:5001::39
2606:4700:4400::6812:2089
2606:4700::6812:bb1f
2606:4700::6813:a641
2606:4700::6813:b134
2620:1ec:29:1::45
2620:1ec:bdf::45
2a00:1450:4001:813::2008
02881cac77c0e6573a504c8624408ab63ae896c208244d506a2b23a780c45d0f
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f6bea8906ed3e40daf15b48cd79dfa0f86fba6ccc68a9b6891d039cc0e7cfbd
12d7e48c59e1adf493ee40ce8d2d146e1864c0ed69b336613f8e10fa76090af5
1cdcd1ad1e30b70afd961d363a930e2db03dd3afaf7be1a1151e814e9a3ae390
1ff8cc1105961dcef8431d03c9b7773a0cc9f141c489820f039f2ebcb91399dc
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
226b38d4dd6197b2d2989ef529f69e83ee3ff816b601033ee5ad3ba07fa76307
29a6eb1e1947b6b5c019be892091eb83932e813e03a85eb239c1213a5ec6465f
30c7fce5b5814d6995be7ede3a4790a9e7bf8b8b57ef1875d14b62718b423379
33e8f52ab82ea77d2cb7a84f754171971f17a7296090f561cd782a4a96788b24
37e3ac927c1dc5634342f90595b0522f17715ac9c358ad11583ad226633d8574
4c05be3d299d6b44fd3c09bdb27b5feccb0dc4e2ab3b7854126d00df7002f491
4c127dc5cd769f77330b34958eb514dd205f35786967684d7943191058cdb995
4ec43b045387889aeac1960cd109dd887573790171bddcaf15cd7688d64015b5
52a3fcf26a25c9d245a3e96464d7154c68dde3b706dbe1f47511bad10d90ef3d
5a19a52e573e7ed5075c37f592ae808f4730ac4aab1d5226c5c8798478fea879
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
5edb80690162c89a02a93d40d353492230f05cbe8b3db225c55c58e14f231d7a
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6dabc51abad962efcfc47a6303909ba3cf193bcb33b21573090186f42b3384cc
77fb1ac54d2ceb980e3ebdfa7a9d0f64e85a66e4fdfb7f914a7b0aa08fb33a5d
796f34bd94aa7b1ac8a301c70af4a47787158315dc216360e571efecda2b25d7
7a33045849f1a47ce0cc82b5cc4a5f6b575da1b515ed8f0ec3a6454fc7fd15f8
87ba78b641e8eef0b7c819d3a0aad20beacedde3630fc6edca2023840c34c2dc
88e0b9009e3713315a92b60c0b4bf76feb8d00397659b1ddcc6ec50a7e0f7f17
984a0f81f4b34352fdf463d201091f9be8e5f6be66277779ddec6d3644d77ecf
a757f891e9f4a002a7aecb7fcf4e1d74e3e43cc2dc74c3a1fe3812fe7c9a3545
b1ffa703af97cbc8af57a71d2ba52caf7f68d6d34b50190aa9b7d0cb53233e9a
b4bd0ee953434a917e3e3eae61ab94b5017db54ad47d4a5ee346bf4a1646067f
c01e11fba230899801e2d50a195504b1d528f90376a1c7c60f06dd697be64f45
c408e00f3bc7c005e9abb9d43b2e6ad3def85e0941ab974a9e3bd76673c8a4d5
c96913215048636a41a3b72fff2b0c03ed94584e87df25da0d549618bc025413
cf2b7b8c9c5756454079e4eb012128b38f569bcc9d32a5b895df5396ae5052b2
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
e87e201d3ac066d6522dc7a17d02df52163ae9e47173244f017d23476f9e1eda
e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85
ebd6c996822a5f23a3cd2a32ba98f37e4672270107d2cc7c9f220fdaed67482a
f39ec5e498cc918cb3dd87725f5ff185ff7ce90b34855825f23a9e7d4c429d57
f5834fba8235b534d6e5a17126ea1df12aedd183f80f6ce99813a434c290d751
feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6
ffa86b44a28a0a3cb18c772b09c2b4cd5812be3c763b445ec5c9d70ff48b0dc2

id.westfield.com Open in urlscan Pro 108.157.188.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

73 %IPv6

11 Domains

12 Subdomains

12 IPs

2 Countries

1788 kBTransfer

7375 kBSize

4 Cookies

3 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

id.westfield.com Open in urlscan Pro
108.157.188.57 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

73 %
IPv6

11
Domains

12
Subdomains

12
IPs

2
Countries

1788 kB
Transfer

7375 kB
Size

4
Cookies

50 HTTP transactions
0 data transactions