urlscan.io logo urlscan.io
SecurityTrails logo

www.simon.com Open in urlscan Pro
140.174.12.171  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://simon.com/
Effective URL: https://www.simon.com/
Submission: On July 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 5 countries across 23 domains to perform 77 HTTP transactions. The main IP is 140.174.12.171, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.simon.com. The Cisco Umbrella rank of the primary domain is 197044.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 5th 2023. Valid for: a year.
This is the only time www.simon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 20.69.216.13 8075 (MICROSOFT...)
2 140.174.12.171 393259 (YOTTAA-AS-1)
8 2606:4700::68... 13335 (CLOUDFLAR...)
13 151.101.194.133 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
7 140.174.14.84 393259 (YOTTAA-AS-1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 35.244.142.80 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.158.7.124 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 108.138.15.119 16509 (AMAZON-02)
1 65.9.66.64 16509 (AMAZON-02)
11 104.17.208.240 13335 (CLOUDFLAR...)
1 54.194.199.158 16509 (AMAZON-02)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 18.66.122.42 16509 (AMAZON-02)
1 52.71.117.98 14618 (AMAZON-AES)
2 35.190.10.96 15169 (GOOGLE)
1 34.120.92.56 396982 (GOOGLE-CL...)
1 54.197.253.103 14618 (AMAZON-AES)
77 27
1    20.69.216.13 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
simon.com
2    140.174.12.171 (United States)

ASN393259 (YOTTAA-AS-1, US)
www.simon.com
8    2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
13    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
cdn-fsly.yottaa.net
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    140.174.14.84 (Frankfurt am Main, Germany)

ASN393259 (YOTTAA-AS-1, US)
qoe-1.yottaa.net
1    2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:e4::ac40:ac0c (United States)

ASN13335 (CLOUDFLARENET, US)
siteimproveanalytics.com
1    35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
1    2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    35.158.7.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-7-124.eu-central-1.compute.amazonaws.com
84061.global.siteimproveanalytics.io
2    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:10::6816:3768 (United States)

ASN13335 (CLOUDFLARENET, US)
rum-static.pingdom.net
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
1    65.9.66.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-64.fra56.r.cloudfront.net
live.rezync.com
11    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
znbxgbnorumafz325-spg.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    54.194.199.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-199-158.eu-west-1.compute.amazonaws.com
rum-collector-2.pingdom.net
4    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    18.66.122.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-42.fra60.r.cloudfront.net
cdn.boomtrain.com
1    52.71.117.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-117-98.compute-1.amazonaws.com
people.api.boomtrain.com
2    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-px46scnlxs.px-cloud.net
1    34.120.92.56 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 56.92.120.34.bc.googleusercontent.com
b.px-cdn.net
1    54.197.253.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-253-103.compute-1.amazonaws.com
events.api.boomtrain.com
Apex Domain
Subdomains		 Transfer
20 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 14422
qoe-1.yottaa.net — Cisco Umbrella Rank: 7230
10 MB
11 qualtrics.com
znbxgbnorumafz325-spg.siteintercept.qualtrics.com — Cisco Umbrella Rank: 347037
siteintercept.qualtrics.com — Cisco Umbrella Rank: 899
90 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 407
132 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
249 B
3 boomtrain.com
cdn.boomtrain.com — Cisco Umbrella Rank: 6120
people.api.boomtrain.com — Cisco Umbrella Rank: 6506
events.api.boomtrain.com — Cisco Umbrella Rank: 9983
31 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
262 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
region1.google-analytics.com — Cisco Umbrella Rank: 1623
21 KB
3 simon.com
simon.com — Cisco Umbrella Rank: 122559
www.simon.com — Cisco Umbrella Rank: 197044
183 KB
2 px-cloud.net
collector-px46scnlxs.px-cloud.net — Cisco Umbrella Rank: 265842
1 KB
2 pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 5885
rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5447
3 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
562 B
2 doubleclick.net
10955082.fls.doubleclick.net Failed
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
182 KB
1 px-cdn.net
b.px-cdn.net — Cisco Umbrella Rank: 9636
444 B
1 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1580
2 KB
1 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1592
insight.adsrvr.org Failed
2 KB
1 siteimproveanalytics.io
84061.global.siteimproveanalytics.io — Cisco Umbrella Rank: 212557
475 B
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 2814
6 KB
1 siteimproveanalytics.com
siteimproveanalytics.com — Cisco Umbrella Rank: 4409
9 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
303 B
0 google.de Failed
www.google.de Failed
0 linkedin.com Failed
px4.ads.linkedin.com Failed
0 licdn.com Failed
snap.licdn.com Failed
77 23
Domain Requested by
13 cdn-fsly.yottaa.net www.simon.com
cdn-fsly.yottaa.net
10 siteintercept.qualtrics.com www.simon.com
siteintercept.qualtrics.com
8 cdn.cookielaw.org www.simon.com
cdn.cookielaw.org
7 qoe-1.yottaa.net www.simon.com
cdn.pdst.fm
4 www.facebook.com
3 connect.facebook.net www.simon.com
2 collector-px46scnlxs.px-cloud.net www.simon.com
2 www.google.com www.simon.com
2 www.google-analytics.com www.simon.com
www.google-analytics.com
2 www.googletagmanager.com www.simon.com
2 www.simon.com www.simon.com
1 events.api.boomtrain.com www.simon.com
1 b.px-cdn.net www.simon.com
1 people.api.boomtrain.com cdn.boomtrain.com
1 cdn.boomtrain.com www.simon.com
1 region1.google-analytics.com www.googletagmanager.com
1 rum-collector-2.pingdom.net rum-static.pingdom.net
1 znbxgbnorumafz325-spg.siteintercept.qualtrics.com www.simon.com
1 live.rezync.com www.simon.com
1 js.adsrvr.org www.simon.com
1 rum-static.pingdom.net www.simon.com
1 googleads.g.doubleclick.net www.simon.com
1 84061.global.siteimproveanalytics.io www.simon.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.pdst.fm www.simon.com
1 siteimproveanalytics.com www.simon.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 simon.com 1 redirects
0 insight.adsrvr.org Failed www.simon.com
0 www.google.de Failed www.simon.com
0 px4.ads.linkedin.com Failed www.simon.com
0 snap.licdn.com Failed www.simon.com
0 10955082.fls.doubleclick.net Failed www.googletagmanager.com
77 33
Subject Issuer Validity Valid
www.simon.com
Go Daddy Secure Certificate Authority - G2		 2023-01-05 -
2024-01-21		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2022-09-08 -
2023-10-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
siteimproveanalytics.com
GTS CA 1P5		 2023-07-03 -
2023-10-01		 3 months crt.sh
cdn.pdst.fm
GTS CA 1D4		 2023-05-27 -
2023-08-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.global.r1.siteimproveanalytics.io
Amazon RSA 2048 M02		 2023-06-15 -
2024-07-13		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-11 -
2023-07-10		 3 months crt.sh
pingdom.net
Cloudflare Inc ECC CA-3		 2022-11-13 -
2023-11-13		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.rezync.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-12-23		 10 months crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh
*.pingdom.net
Amazon RSA 2048 M01		 2023-02-10 -
2023-12-20		 10 months crt.sh
*.boomtrain.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-03-09		 a year crt.sh
*.api.boomtrain.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-11-14		 9 months crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2022-08-30 -
2023-09-29		 a year crt.sh
perimeterx.net
GeoTrust RSA CA 2018		 2022-08-30 -
2023-08-30		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.simon.com/
Frame ID: E971A5BC0B630851C97877268F136059
Requests: 77 HTTP requests in this frame

Frame: https://10955082.fls.doubleclick.net/activityi;src=10955082;type=ret01;cat=simon0;ord=9203725468039;gtm=45He36s0;auiddc=67316742.1688380660;u1=https%3A%2F%2Fwww.simon.com%2F;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.simon.com%2F
Frame ID: E6E6601B5E4B3BD0826D859F8B2B764F
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=o8x4hrm&ref=https%3A%2F%2Fwww.simon.com%2F&upid=8g4lneo&upv=1.1.0
Frame ID: D0DD2DD137919FC5BDD82B554EDA0F3F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simon: Shopping, Dining and Entertainment Destinations Near You

Page URL History Show full URLs

  1. https://simon.com/ HTTP 301
    https://www.simon.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns

Page Statistics

77
Requests

92 %
HTTPS

44 %
IPv6

23
Domains

33
Subdomains

27
IPs

5
Countries

11163 kB
Transfer

13616 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://simon.com/ HTTP 301
    https://www.simon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://px.ads.linkedin.com/collect?pid=1419361&tm=gtmv2&url=https%3A%2F%2Fwww.simon.com%2F&v=2&fmt=js&time=1688380660208 HTTP 302
  • https://px.ads.linkedin.com/collect?pid=1419361&tm=gtmv2&url=https%3A%2F%2Fwww.simon.com%2F&v=2&fmt=js&time=1688380660208&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D1419361%26tm%3Dgtmv2%26url%3Dhttps%253A%252F%252Fwww.simon.com%252F%26v%3D2%26fmt%3Djs%26time%3D1688380660208%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?pid=1419361&tm=gtmv2&url=https%3A%2F%2Fwww.simon.com%2F&v=2&fmt=js&time=1688380660208&cookiesTest=true&liSync=true HTTP 0
  • https://px4.ads.linkedin.com/collect?pid=1419361&tm=gtmv2&url=https%3A%2F%2Fwww.simon.com%2F&v=2&fmt=js&time=1688380660208&cookiesTest=true&liSync=true&e_ipv6=AQJcYdNk6vuk3AAAAYkbVFwewXVC31Pm-_YqRbAdRjBhTg5x6TtuFku1h5QFSLdcawKlLlOf

77 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.simon.com/
Redirect Chain
  • https://simon.com/
  • https://www.simon.com/
218 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.171 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
2bc02ad4ce3b6ddb6b52086e288eab32ca3bd77ea0098593300747f9b16ec0b8
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Content-Type, soapaction
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://*.simon.com https://*.simon.com https://*.simon-ops.com http://*.simon-ops.com
age
0
content-encoding
gzip
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
content-type
text/html; charset=utf-8
date
Mon, 03 Jul 2023 10:37:39 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
x-yottaa-metrics
33218cae0c90/[10,-,1688378925215] 33D18cae0cab/[-,11.600]
x-yottaa-optimizations
ob/1000000100001100 si/33D18cae0cab-1688062147-2774632770 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0

Redirect headers

content-length
195
content-type
text/html
date
Mon, 03 Jul 2023 10:37:38 GMT
location
https://www.simon.com/
server
nginx
OtAutoBlock.js
cdn.cookielaw.org/consent/05ed0efa-bf20-4973-aadc-0fc8f2935d9b/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/05ed0efa-bf20-4973-aadc-0fc8f2935d9b/OtAutoBlock.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b719c660e90be982fe04cb70948a4a11c759acc63693e5778863816bd0829252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 10:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5416
content-md5
avGrZ8Rsm1WL7qqqh0Nw1A==
content-length
2838
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jun 2023 22:10:07 GMT
server
cloudflare
etag
0x8DB78ED98EC428B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c7fac9fe-701e-0112-51d6-aaaaaf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7e0e7e93396518d4-FRA
expires
Tue, 04 Jul 2023 10:37:39 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 10:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ss3gfiwT9vXTSvNlfc+4JQ==
age
60684
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6820
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jun 2023 19:28:10 GMT
server
cloudflare
etag
0x8DB78D6F96BC8B6
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
523552d4-401e-00f0-4dc2-aa0888000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7e0e7e93396618d4-FRA
web.min.css
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/styles/ 		248 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/styles/web.min.css?yocs=E_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce971a85a7560663277a75616c10868440115f03271a68cd05a7d27f5dcbf585
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
content-encoding
gzip
via
1.1 varnish
age
58581
x-yottaa-optimizations
ob/100011001 si/3811cc023146-1687978554-276951824 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
44605
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230110-FRA
x-yottaa-forcecache
true, true
last-modified
Thu, 29 Jun 2023 21:50:54 GMT
server
x-timer
S1688380660.735904,VS0,VE1
etag
"03324c7d3aad91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
x-yottaa-metrics
3821cc02315e/[129,69,-] 3811cc023146/[hit]
accept-ranges
bytes
x-cache-hits
1
05ed0efa-bf20-4973-aadc-0fc8f2935d9b.json
cdn.cookielaw.org/consent/05ed0efa-bf20-4973-aadc-0fc8f2935d9b/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/05ed0efa-bf20-4973-aadc-0fc8f2935d9b/05ed0efa-bf20-4973-aadc-0fc8f2935d9b.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb3a6cbb5590c605c01b49c4cc352735e1612c4094e5e7e5e38205b57df5495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 10:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
463
content-md5
yYtIl3aNcb5PoF8JOC679A==
content-length
2331
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jun 2023 22:10:03 GMT
server
cloudflare
etag
0x8DB78ED96F5254E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f7e19255-c01e-0026-46d6-aa4352000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7e0e7e939e412c7b-FRA
expires
Tue, 04 Jul 2023 10:37:39 GMT
gtm.js
www.googletagmanager.com/ 		312 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-BXDR
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
115b3ac3b510c72e96eaf0c25fbcff7a5e2027a6438cc80eb91c6c6f2fa5d25f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99989
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Jul 2023 10:37:39 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
650-1443_2000x180.jpg
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/content/cardless/banner/ 		262 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/content/cardless/banner/650-1443_2000x180.jpg?yocs=D_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ee000695d8f35a770d62ed584eaa991295202feda24deddb8e6b9af81225ccd
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
via
1.1 varnish
age
309745
x-yottaa-optimizations
ob/101 si/3811cc023141-1687978554-961203029 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
268270
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230110-FRA
x-yottaa-forcecache
true, true
last-modified
Wed, 02 Nov 2022 19:19:18 GMT
server
x-timer
S1688380660.778168,VS0,VE3
etag
"07fc60f0eed81:0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=604800
x-yottaa-metrics
3821cc023171/[7,-,1688070884697] 3811cc023141/[hit]
accept-ranges
bytes
access-control-allow-headers
Content-Type, soapaction
x-cache-hits
1
app.js
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/scripts/ 		242 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/scripts/app.js?yocs=E_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ffb53a5076d2dd933b8eb43ce7b4d38601c8068f948855265a05e38d5cf7f8a4
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
content-encoding
gzip
via
1.1 varnish
age
50542
x-yottaa-optimizations
ob/1100 si/3811cc023141-1687978554-963417302 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
78223
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230110-FRA
x-yottaa-forcecache
true, true
last-modified
Thu, 29 Jun 2023 21:50:54 GMT
server
x-timer
S1688380660.778129,VS0,VE2
etag
"03324c7d3aad91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
x-yottaa-metrics
3821cc02316a/[6,-,1688157280891] 3811cc023141/[-,45.316]
accept-ranges
bytes
x-cache-hits
1
homepage.js
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/scripts/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/scripts/homepage.js?yocs=E_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e0864947aef199aff5de0d134415c55f868f6c245bd3daeab2f7068f790e6a5
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
content-encoding
gzip
via
1.1 varnish
age
50084
x-yottaa-optimizations
ob/11100 si/2611cc028371-1688062903-1813380526 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
11433
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230110-FRA
x-yottaa-forcecache
true, true
last-modified
Thu, 29 Jun 2023 21:50:54 GMT
server
x-timer
S1688380660.778242,VS0,VE2
etag
"03324c7d3aad91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
x-yottaa-metrics
2621cc028332/[4,-,1688157335770] 2611cc028371/[-,11.446]
accept-ranges
bytes
x-cache-hits
1
mall-signup.js
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/scripts/ 		134 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/scripts/mall-signup.js?yocs=E_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99a6bc93e96588a4f16db8dde79dd1b740de7402b46882312de8fbd4a7fe2983
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
content-encoding
gzip
via
1.1 varnish
age
50539
x-yottaa-optimizations
ob/1101 si/3811cc023141-1687978554-963414723 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
44007
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230110-FRA
x-yottaa-forcecache
true, true
last-modified
Thu, 29 Jun 2023 21:50:54 GMT
server
x-timer
S1688380660.778209,VS0,VE1
etag
"03324c7d3aad91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
x-yottaa-metrics
3821cc02315e/[6,-,1688157280574] 3811cc023141/[hit]
accept-ranges
bytes
x-cache-hits
1
redesign-google-analytics.js
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/scripts/ 		2 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/scripts/redesign-google-analytics.js?yocs=E_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
165dcc8e5e1f4a598bfaae7a74122d15c7bb3ed5d282a3358d750774553211d8
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
content-encoding
gzip
via
1.1 varnish
age
50540
x-yottaa-optimizations
ob/11100 si/3811cc023141-1687978554-963414796 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
595
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230110-FRA
x-yottaa-forcecache
true, true
last-modified
Thu, 29 Jun 2023 21:50:54 GMT
server
x-timer
S1688380660.778441,VS0,VE1
etag
"03324c7d3aad91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
x-yottaa-metrics
3821cc023157/[3,-,1688157279854] 3811cc023141/[-,7.250]
accept-ranges
bytes
x-cache-hits
1
truncated
/ 		573 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c55c5e9ffb5817611cd465e48bb1fb180e221cd31b9a275b9e7c8d7b78a4632a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
simon-circular-pro-bold-c.woff2
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/fonts/ 		67 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/fonts/simon-circular-pro-bold-c.woff2?yocs=B_D_NA_
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/styles/web.min.css?yocs=E_NA_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d8b5868763ca6a59150ba893e61fdb95bb4bf05e57d058fce35269db8fec2aea
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/styles/web.min.css?yocs=E_NA_
Origin
https://www.simon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
via
1.1 varnish
age
4356
x-yottaa-optimizations
ob/1 si/2511cc028a74-1687972678-1326334237 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
68696
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230089-FRA
x-yottaa-forcecache
true, true
last-modified
Fri, 05 May 2017 15:44:42 GMT
server
x-timer
S1688380660.816491,VS0,VE1
etag
"091483b6c5d21:0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public,max-age=7200
x-yottaa-metrics
2521cc028a7a/[101,99,-] 2511cc028a74/[hit]
accept-ranges
bytes
access-control-allow-headers
Content-Type, soapaction
x-cache-hits
1
summer23-mass-hero-desk.jpg
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/homepage_videos/2023summermass/ 		135 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/homepage_videos/2023summermass/summer23-mass-hero-desk.jpg?yocs=D_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1dd92b7c91fcd1e1ae95e9e306fa6b038925171f4577a728443366082d78eb8c
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
via
1.1 varnish
age
309452
x-yottaa-optimizations
ob/101 si/3811cc023144-1687978553-1063120829 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
137789
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230110-FRA
x-yottaa-forcecache
true, true
last-modified
Wed, 10 May 2023 18:07:38 GMT
server
x-timer
S1688380660.802919,VS0,VE2
etag
"954af14d6a83d91:0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=604800
x-yottaa-metrics
3821cc023155/[6,-,1688070880735] 3811cc023144/[hit]
accept-ranges
bytes
access-control-allow-headers
Content-Type, soapaction
x-cache-hits
1
summer23-mass-hero-m.jpg
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/homepage_videos/2023summermass/ 		134 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/homepage_videos/2023summermass/summer23-mass-hero-m.jpg?yocs=D_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
87eb33e98aee5464f94adc1fee011223d092134bc21d78b1a9b4b2532f18a7d0
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
via
1.1 varnish
age
309716
x-yottaa-optimizations
ob/101 si/3811cc023142-1687978554-21749811 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
136737
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230110-FRA
x-yottaa-forcecache
true, true
last-modified
Wed, 10 May 2023 18:07:38 GMT
server
x-timer
S1688380660.803239,VS0,VE2
etag
"eb8e6f4e6a83d91:0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=604800
x-yottaa-metrics
3821cc02314d/[6,-,1688070880800] 3811cc023142/[hit]
accept-ranges
bytes
access-control-allow-headers
Content-Type, soapaction
x-cache-hits
1
MallInsider_470x470.jpg
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/htmlcontent/ 		150 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/htmlcontent/MallInsider_470x470.jpg?yocs=D_NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32f2a7f7c9e87eacc7b20ecccb96217a1f5587a5b397c0a1a93d0529eb6ca63d
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
via
1.1 varnish
age
309444
x-yottaa-optimizations
ob/101 si/3811cc023145-1687978554-676261850 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
153913
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230110-FRA
x-yottaa-forcecache
true, true
last-modified
Tue, 25 Jan 2022 22:51:09 GMT
server
x-timer
S1688380660.803241,VS0,VE2
etag
"2c3c73b3e12d81:0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=604800
x-yottaa-metrics
3821cc02314b/[7,-,1688070884734] 3811cc023145/[hit]
accept-ranges
bytes
access-control-allow-headers
Content-Type, soapaction
x-cache-hits
1
summer23-mass-hero.m4v
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/homepage_videos/2023summermass/ 		9 MB
9 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/homepage_videos/2023summermass/summer23-mass-hero.m4v?yocs=NA_
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.simon.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
via
1.1 varnish
age
309781
x-yottaa-optimizations
ob/1 si/33118cae0c63-1678378170-1558776184 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
Content-Range
bytes 0-9330785/9330786
Content-Length
9330786
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230110-FRA
x-yottaa-forcecache
true
last-modified
Wed, 10 May 2023 18:08:03 GMT
server
x-timer
S1688380660.808206,VS0,VE1
etag
"cf7bcb5c6a83d91:0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/m4v
access-control-allow-origin
*
cache-control
public,max-age=604800
x-yottaa-metrics
33218cae0cf2/[78,70,-] 33118cae0c63/[hit]
accept-ranges
bytes
access-control-allow-headers
Content-Type, soapaction
x-cache-hits
0
configure.rapid.js
qoe-1.yottaa.net/api/v1/ 		16 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/api/v1/configure.rapid.js?key=etWhA4-bSWUsVg&ul=en-US&dl=https%3A%2F%2Fwww.simon.com%2F&dt=Simon%3A%20Shopping%2C%20Dining%20and%20Entertainment%20Destinations%20Near%20You&sd=24&sr=1600,1200&vp=1600,1200&ct=4g&rtt=0
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.174.14.84 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
4a34565d31986f41b63e320ba6116c560664c1bad04a7900158246ecd5c3f4fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-yottaa-optstate
none
timing-allow-origin
*
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		66 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7e0e7e950b832bf7-FRA
access-control-allow-headers
Content-Type
simon-circular-pro-book-c.woff2
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/fonts/ 		60 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/fonts/simon-circular-pro-book-c.woff2?yocs=B_D_NA_
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/styles/web.min.css?yocs=E_NA_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16c4b7933a93e06aa3495c11d36345baaa488ddf4f12a01dbb6e51bb3e887d10
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/styles/web.min.css?yocs=E_NA_
Origin
https://www.simon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:39 GMT
via
1.1 varnish
age
1444
x-yottaa-optimizations
ob/101 si/2511cc028a75-1687972678-722218593 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
61696
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230089-FRA
x-yottaa-forcecache
true, true
last-modified
Fri, 05 May 2017 15:44:42 GMT
server
x-timer
S1688380660.987555,VS0,VE2
etag
"091483b6c5d21:0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public,max-age=7200
x-yottaa-metrics
2521cc028a7d/[2,-,1688070878094] 2511cc028a75/[hit]
accept-ranges
bytes
access-control-allow-headers
Content-Type, soapaction
x-cache-hits
1
simon-circular-pro-light-c.woff2
cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/fonts/ 		53 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/4a6e24e07e33013b5e040ead9ecbf798.yottaa.net/v~4b.2d5.0.0/fonts/simon-circular-pro-light-c.woff2?yocs=B_D_NA_
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/styles/web.min.css?yocs=E_NA_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de8b7eefdf0a42f27db830cc777daa110c7d4244afb4d60471d230b567cbee9d
Security Headers
Name Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn-fsly.yottaa.net/555a305b2bb0ac71b9002d22/www.simon.com/v~4b.2d5.0.0/dist/styles/web.min.css?yocs=E_NA_
Origin
https://www.simon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 10:37:40 GMT
via
1.1 varnish
age
3563
x-yottaa-optimizations
ob/101 si/23114047a14b-1688045908-1053976100 tts/1688070867593 ti/555a305b2bb0ac71b9002d30 ai/555a305b2bb0ac71b9002d22 tm/0
x-cache
HIT
content-length
54540
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230089-FRA
x-yottaa-forcecache
true, true
last-modified
Fri, 05 May 2017 15:44:42 GMT
server
x-timer
S1688380660.083675,VS0,VE2
etag
"091483b6c5d21:0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public,max-age=7200
x-yottaa-metrics
23214047a179/[5,-,1688070880843] 23114047a14b/[hit]
accept-ranges
bytes
access-control-allow-headers
Content-Type, soapaction
x-cache-hits
1
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 08:50:45 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6415
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 03 Jul 2023 10:50:45 GMT
activityi;src=10955082;type=ret01;cat=simon0;ord=9203725468039;gtm=45He36s0;auiddc=67316742.1688380660;u1=https%3A%2F%2Fwww.simon.com%2F;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~...
10955082.fls.doubleclick.net/ Frame E6E6 		0
0
siteanalyze_84061.js
siteimproveanalytics.com/js/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteimproveanalytics.com/js/siteanalyze_84061.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ac0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d739f1ba697b38e23af17131b12a8e092b4b0e3a625859c6ebf5cd9c9b7ca5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:40 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
S2NC1XRREA9HGBTP
age
1303
alt-svc
h3=":443"; ma=86400
content-length
8532
x-amz-id-2
r1jguFPkqDIGE5RBfeAE3zAX2Kw6NLEWkDkbghbwYt0rC/5xHEAJQS3ugB8HRVFolqrqtoJivKM=
last-modified
Mon, 16 May 2022 09:37:36 GMT
server
cloudflare
etag
"911935a896599c7976f4b817fcc6e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pwZW4ozfvCeN7WXzn4gXz5DTqyP2ybuaS2UUNXUu7VSmlMlb6G2XjBxi9%2FynyyFy48f0fAEMFMf%2FhC0PrQSH5srLte9Bl%2FCOL5lBEh7w3F%2B74nBU4nr%2BPeVYpLZZJoTD8sKyYdd1ihyzAzciEX9abT9Gnoctf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, no-transform
accept-ranges
bytes
cf-ray
7e0e7e96687a9170-FRA
ping.min.js
cdn.pdst.fm/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:27:06 GMT
content-encoding
gzip
age
634
x-guploader-uploadid
ADPycdtZyEKKrscfx2vK4RGHn9G8cyFQEZr2B4-FuzrduTZpnHAm3CzbGgmFNRNS_q6MjMFrQbD_nINnhLNpJ4m0LYEjcw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-generation
1622234043862937
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Mon, 03 Jul 2023 11:27:06 GMT
csp-reports
qoe-1.yottaa.net/_/ 		3 B
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.174.14.84 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/csp-report

Response headers

access-control-allow-origin
*
date
Mon, 03 Jul 2023 10:37:40 GMT
access-control-expose-headers
X-Results-Data-Source
access-control-allow-credentials
true
cache-control
no-cache
timing-allow-origin
*
content-type
text/json
insight.min.js
snap.licdn.com/li.lms-analytics/ 		0
0
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?pid=1419361&tm=gtmv2&url=https%3A%2F%2Fwww.simon.com%2F&v=2&fmt=js&time=1688380660208
  • https://px.ads.linkedin.com/collect?pid=1419361&tm=gtmv2&url=https%3A%2F%2Fwww.simon.com%2F&v=2&fmt=js&time=1688380660208&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D1419361%26tm%3Dgtmv2%26url%3Dhttps%253A%252F%252Fwww.simon.com%252F%26v%3D2%26fmt%3Djs%26time%3D1688...
  • https://px.ads.linkedin.com/collect?pid=1419361&tm=gtmv2&url=https%3A%2F%2Fwww.simon.com%2F&v=2&fmt=js&time=1688380660208&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?pid=1419361&tm=gtmv2&url=https%3A%2F%2Fwww.simon.com%2F&v=2&fmt=js&time=1688380660208&cookiesTest=true&liSync=true&e_ipv6=AQJcYdNk6vuk3AAAAYkbVFwewXVC31Pm-_YqRb...
0
0
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1565945725&t=pageview&_s=1&dl=https%3A%2F%2Fwww.simon.com%2F&ul=en-us&de=UTF-8&dt=Simon%3A%20Shopping%2C%20Dining%20and%20Entertainment%20Destinations%20Near%20You&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=2141285541&gjid=640259593&cid=397096001.1688380660&tid=UA-26778601-3&_gid=1950048817.1688380660&_r=1&_slc=1&gtm=45He36s0n51BXDR&z=1563264103
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 10:37:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.simon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-reports
qoe-1.yottaa.net/_/ 		3 B
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Requested by
Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.174.14.84 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/csp-report

Response headers

access-control-allow-origin
*
date
Mon, 03 Jul 2023 10:37:40 GMT
access-control-expose-headers
X-Results-Data-Source
access-control-allow-credentials
true
cache-control
no-cache
timing-allow-origin
*
content-type
text/json
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-26778601-3&cid=397096001.1688380660&jid=2141285541&gjid=640259593&_gid=1950048817.1688380660&_u=YEBAAAAAAAAAAC~&z=420238977
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 03 Jul 2023 10:37:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.simon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
image.aspx
84061.global.siteimproveanalytics.io/ 		34 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://84061.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.simon.com%2F&title=Simon%3A%20Shopping%2C%20Dining%20and%20Entertainment%20Destinations%20Near%20You&res=1600x1200&accountid=84061&rt=1968&prev=c0336b1b-8548-5d2b-e1f0-a4ea33bff2a2&luid=695b5cba-fbd5-0992-5cf9-53a11234a9de&rnd=55238
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.7.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-7-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 03 Jul 2023 10:37:40 GMT
cache-control
max-age=0
content-length
34
expires
Mon, 03 Jul 2023 10:37:40 UTC
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26778601-3&cid=397096001.1688380660&jid=2141285541&_u=YEBAAAAAAAAAAC~&z=1890178718
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 10:37:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-reports
qoe-1.yottaa.net/_/ 		3 B
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.174.14.84 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/csp-report

Response headers

access-control-allow-origin
*
date
Mon, 03 Jul 2023 10:37:40 GMT
access-control-expose-headers
X-Results-Data-Source
access-control-allow-credentials
true
cache-control
no-cache
timing-allow-origin
*
content-type
text/json
ga-audiences
www.google.de/ads/ 		0
0
csp-reports
qoe-1.yottaa.net/_/ 		3 B
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.174.14.84 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/csp-report

Response headers

access-control-allow-origin
*
date
Mon, 03 Jul 2023 10:37:40 GMT
access-control-expose-headers
X-Results-Data-Source
access-control-allow-credentials
true
cache-control
no-cache
timing-allow-origin
*
content-type
text/json
event
qoe-1.yottaa.net/log-nt/ 		3 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/log-nt/event
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.174.14.84 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 03 Jul 2023 10:37:40 GMT
access-control-expose-headers
X-Results-Data-Source
access-control-allow-credentials
true
cache-control
no-cache
timing-allow-origin
*
content-type
text/json
init.js
www.simon.com/46SCNLxs/ 		245 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simon.com/46SCNLxs/init.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.12.171 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
332d3c316d7f4cb0630b63825e57e3efed89d39d9158fa64687435577e5ef2de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
content-encoding
gzip
etag
"3d4c2-h5TDZPX0yEqP1qKeynwBwkIaJUA"
active-cdn
Akamai
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
x-yottaa-metrics
33D18cae0cab/[-,13.539]
x-px-hash
OWQyOGVkODA2YzVlZjgxY2YxNTk1N2VjZWMwNzI1YzNjMDEyMzQyMDg3YThmMzJlZDA3NTk3ZmFkYzdhMDU1Mw==
x-yottaa-optimizations
ob/0 si/33D18cae0cab-1688062147-2774632774 tts/1688380661013 ti/0 ai/555a305b2bb0ac71b9002d22
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202306.1.0/ 		404 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 10:37:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XJk1ZZTljtwHFT3qcIJg+w==
age
38146
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
99599
x-ms-lease-status
unlocked
last-modified
Tue, 20 Jun 2023 16:31:22 GMT
server
cloudflare
etag
0x8DB71ABC8D4306D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b174a570-101e-0164-3014-a42e13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7e0e7e9b1bd018d4-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/478881250/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/478881250/?random=1688380660152&cv=11&fst=1688380660152&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.simon.com%2F&hn=www.googleadservices.com&frm=0&tiba=Simon%3A%20Shopping%2C%20Dining%20and%20Entertainment%20Destinations%20Near%20You&auid=67316742.1688380660&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
622b87cd323c2bf72be5f32cd0c0aebeda076a77a7b25053f0b38f099f9c4b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 10:37:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 03 Jul 2023 10:37:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46863
x-xss-protection
0
pragma
public
x-fb-debug
JGJyW/5fnpjYdwRNzAkkYk2fZmdjaBXedqdkuU9+QkGccLmP30LTOjl1WPtsrlvV7sOn94ukY7HyINwi7A1j6g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/05ed0efa-bf20-4973-aadc-0fc8f2935d9b/abb50ad5-987f-4035-901e-d62aec9a7a7b/ 		55 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/05ed0efa-bf20-4973-aadc-0fc8f2935d9b/abb50ad5-987f-4035-901e-d62aec9a7a7b/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c3438e50d58de84321c3339634dec4c3157aee8d4624778de5b2a8b91ff4a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 10:37:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
49744
content-md5
LOeYL9dF8c4dINJbYcMWAA==
content-length
14046
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jun 2023 22:10:12 GMT
server
cloudflare
etag
0x8DB78ED9C60CA16
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7b266e2a-601e-0002-77d6-aada1c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7e0e7e9b5fce2c7b-FRA
expires
Tue, 04 Jul 2023 10:37:41 GMT
pa-5a1c6fb130a8ef0007000046.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/pa-5a1c6fb130a8ef0007000046.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3768 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c64d290a7512287a9585ce911116c0c6eb19f4ff4ffb4d90623e8e2916bf8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 06:22:28 GMT
server
cloudflare
age
206
etag
W/"63490024-1852"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7e0e7e9b9a7a1bc3-FRA
expires
Mon, 03 Jul 2023 10:39:15 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 03 Jul 2023 02:20:06 GMT
Content-Encoding
gzip
Via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
29856
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
I2j3vgNZ49UjS6USkt3hRPRJaZLknHYq6LVTtmCFpGB-e8SfW4NlYQ==
sync
live.rezync.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=9d321148551c740d7d66707d6c10601b&k=spg-simon-b2c-pixel-4166&zmpID=spg-simon-b2c
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-64.fra56.r.cloudfront.net
Software
lighttpd/1.4.59 /
Resource Hash
0a149cda044f75e0d2f9f88b1427aff1c503cd39893f914895764ca6fa6a1bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
server
lighttpd/1.4.59
x-amz-cf-pop
FRA56-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
1372
x-amz-cf-id
ZWCD9w9L_QLThSrtC1t7g0AGgkt0a9W4khtBuCmi0M3fD74HMLAUew==
otFlat.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 10:37:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5mNZducabMgxSDzBo+ZI8w==
age
29208
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Tue, 20 Jun 2023 16:31:16 GMT
server
cloudflare
etag
0x8DB71ABC4FD722C
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8702089d-001e-0012-775b-a4ecfa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7e0e7e9ba8332c7b-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
oWkBTLgDDXvrUsd93y/Zxg==
age
29208
x-ms-lease-status
unlocked
last-modified
Tue, 20 Jun 2023 16:31:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
0f5a8b15-801e-0008-235b-a4c395000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7e0e7e9ba8362c7b-FRA
1140158146042774
connect.facebook.net/signals/config/ 		376 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1140158146042774?v=2.9.110&r=stable
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
134f74b3d684a91c5c505836dec77039fa7045355b7a44714e9bbf66d814f034
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 03 Jul 2023 10:37:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
109947
x-xss-protection
0
pragma
public
x-fb-debug
Msr8q1gO291ZhEaoaPWv1KMJaq89HWHrFKAcSQhFhCXUYTz4XbzEK0q7ijlwYIKU9uX//6Sh8YyxVpHKIbaceg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-27H1864FVV&l=dataLayer&cx=c
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0cee4838624a1011102d5ecd6bf0086a6a96f006525bb583eefa8f2304e544f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85868
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 03 Jul 2023 10:37:41 GMT
up
insight.adsrvr.org/track/ Frame D0DD 		0
0
/
znbxgbnorumafz325-spg.siteintercept.qualtrics.com/SIE/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://znbxgbnorumafz325-spg.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_bxgBnoRUMAfz325
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d89049f3611234880b7ac692230e4c4f4607b8fd3b292764a8f7ab9d19edf846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
97319
cf-polished
origSize=9051
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"235b-UPhRs/36Ms+GYwwt4dRgtfk+LOo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7e0e7e9c4aef1c07-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
22251
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jun 2023 19:28:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
2b300303-501e-0023-6f20-abb72d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7e0e7e9c0cf418d4-FRA
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=5a1c6fb130a8ef0007000046&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=699&cE=916&dLE=699&dLS=306&fS=306&hS=804&rE=-1&rS=-1&reS=916&resS=1226&resE=1341&uEE=-1&uES=-1&dL=1233&dI=1654&dCLES=1699&dCLEE=1712&dC=2511&lES=2511&lEE=2513&s=nt&title=Simon%3A%20Shopping%2C%20Dining%20and%20Entertainment%20Destinations%20Near%20You&path=https%3A%2F%2Fwww.simon.com%2F&ref=&sId=ab24g643&sST=1688380661&sIS=1&rV=0&v=1.4.1
Requested by
Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5a1c6fb130a8ef0007000046.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.199.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-199-158.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Mon, 03 Jul 2023 10:37:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
161020634341891
connect.facebook.net/signals/config/ 		376 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/161020634341891?v=2.9.110&r=stable
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f7188218c14d8507d77d094e1e936a2c66327c6fdf895843e019f37aa69af501
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 03 Jul 2023 10:37:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
109777
x-xss-protection
0
pragma
public
x-fb-debug
Y66T3qi9DRkJ4mTaUYnVIHB8ays2pHuTEYnePqtmCD9GgjdAtOWdO+dTdosB3Q+/OYmFyD5DR0IiM6PkiOx3Xw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1140158146042774&ev=PageView&dl=https%3A%2F%2Fwww.simon.com%2F&rl=&if=false&ts=1688380661147&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.1.1688380661145.552869010&cs_est=true&it=1688380661073&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 03 Jul 2023 10:37:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/478881250/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/478881250/?random=1688380660152&cv=11&fst=1688378400000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.simon.com%2F&frm=0&tiba=Simon%3A%20Shopping%2C%20Dining%20and%20Entertainment%20Destinations%20Near%20You&fmt=3&is_vtc=1&random=2779113970&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 10:37:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-reports
qoe-1.yottaa.net/_/ 		3 B
190 B 		Other
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.174.14.84 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/csp-report

Response headers

access-control-allow-origin
*
date
Mon, 03 Jul 2023 10:37:41 GMT
access-control-expose-headers
X-Results-Data-Source
access-control-allow-credentials
true
cache-control
no-cache
timing-allow-origin
*
content-type
text/json
/
www.google.de/pagead/1p-user-list/478881250/ 		0
0
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-27H1864FVV&gtm=45je36s0&_p=1565945725&cid=397096001.1688380660&ul=en-us&_geo=1&_rdi=1&ngs=1&_s=1&sid=1688380661&sct=1&seg=0&dl=https%3A%2F%2Fwww.simon.com%2F&dt=Simon%3A%20Shopping%2C%20Dining%20and%20Entertainment%20Destinations%20Near%20You&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-27H1864FVV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 10:37:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.simon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=161020634341891&ev=PageView&dl=https%3A%2F%2Fwww.simon.com%2F&rl=&if=false&ts=1688380661223&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.1.1688380661145.552869010&cs_est=true&it=1688380661073&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 03 Jul 2023 10:37:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
10.f608fb185c0061ce2cda.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/10.f608fb185c0061ce2cda.chunk.js?Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web&Q_BRANDID=www.simon.com
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02605b08aeb30976d465a0e228e61a1e02f87f8138e64d0cf11cf19782e18881
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
378687
cf-polished
origSize=65578
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 06 Jun 2023 20:15:58 GMT
cf-bgj
minify
server
cloudflare
etag
W/"1002a-188925a1830"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7e0e7e9ccbf31c07-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
p13n.min.js
cdn.boomtrain.com/p13n/spg-simon-b2c/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.boomtrain.com/p13n/spg-simon-b2c/p13n.min.js
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-42.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
571a3554d5d5ba18b6ab0475a0b82ce59b0d0abc7bb3308096448a7ee4306418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
dYtED1FQht1bgtpA_nELsJWd6yqWKspc
Content-Encoding
gzip
Via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
Date
Mon, 03 Jul 2023 10:24:15 GMT
X-Amz-Cf-Pop
FRA60-P2
Age
1381
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 27 Jun 2023 13:36:43 GMT
Server
AmazonS3
ETag
W/"70932de3342c108050b30104ee56789f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
aO5KObzQY2fjJjzD9kv1hAVjRc5WjsRT2AnmgiTnDNESDxvIgvs2Xw==
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_bxgBnoRUMAfz325&Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.f608fb185c0061ce2cda.chunk.js?Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web&Q_BRANDID=www.simon.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c3a01fab7fec52a28c366db61fb20cf6af8c0e731192c127a8282febf6dad9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.simon.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
fb0d817b851be99a
cf-ray
7e0e7e9d0c521c07-FRA
timing-allow-origin
*
resolve
people.api.boomtrain.com/identify/ 		147 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiZTM4ZWIzYjAtNTkzZi00MmFmLWE1NjItODg1ZDhlOWU2OTcxOjE2ODgzODA2NjEuMTUzMzA4In19&site_id=spg-simon-b2c
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/spg-simon-b2c/p13n.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.117.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-117-98.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ec170cf44fe73519bbaa205eaee7cd092f710a69e16641fc155840b14b435b1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 03 Jul 2023 10:37:41 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
147
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web&Q_BRANDID=spg
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80612033ea475d4cebf196357cc1f0b9eec98c0cfcaff55531acacd5bf3a459a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
378613
cf-polished
origSize=104979
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 06 Jun 2023 20:15:58 GMT
cf-bgj
minify
server
cloudflare
etag
W/"19a13-188925a1830"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7e0e7e9d5ce31c07-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
5.79c06a662290d5dad57e.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/5.79c06a662290d5dad57e.chunk.js?Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web&Q_BRANDID=spg
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d39de1e43c8c2413703d0d877d50edd3868d51b122002ce02f08731ad75e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
378691
cf-polished
origSize=2522
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 06 Jun 2023 20:15:58 GMT
cf-bgj
minify
server
cloudflare
etag
W/"9da-188925a1830"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7e0e7e9d9d661c07-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
1.302c5d4e03d5995e6bc3.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.302c5d4e03d5995e6bc3.chunk.js?Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web&Q_BRANDID=spg
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e15470c119b4ed0f52719b61a194a9843da12683fe1d9bf0c3b491bb388258ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
378690
cf-polished
origSize=29372
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 06 Jun 2023 20:15:58 GMT
cf-bgj
minify
server
cloudflare
etag
W/"72bc-188925a1830"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7e0e7e9d9d681c07-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web&Q_BRANDID=spg
Requested by
Host: www.simon.com
URL: https://www.simon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b24c5b325810b01a60487c8a42151b8f6ac44d1173722ec526c54fe7c4b7c762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
378691
cf-polished
origSize=65177
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 20 Jun 2023 20:42:51 GMT
cf-bgj
minify
server
cloudflare
etag
W/"fe99-188da8bbcf8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7e0e7e9d9d6a1c07-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_agkD9kbbfyulObX&Version=11&Q_ORIGIN=https://www.simon.com&Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.f608fb185c0061ce2cda.chunk.js?Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web&Q_BRANDID=www.simon.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64235efc707bd297246bde0489812ab9d2550b1f5e0809360d34bdcd873ecfde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

servershortname
date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
328200
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 29 Jun 2023 15:27:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7e0e7e9dbc9e383e-FRA
expires
Sun, 26 Jun 2033 15:27:41 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_50HhUC4JudKTp89&Version=6&Q_InterceptID=SI_agkD9kbbfyulObX&Q_ORIGIN=https://www.simon.com&Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.f608fb185c0061ce2cda.chunk.js?Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web&Q_BRANDID=www.simon.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e2fa7256c0116cb6081f0e53dc8caed24ac2b02800a03ad9428a87621af153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

servershortname
date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
355303
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 29 Jun 2023 07:55:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7e0e7e9dbca3383e-FRA
expires
Sun, 26 Jun 2033 07:55:58 GMT
collector
collector-px46scnlxs.px-cloud.net/api/v2/ 		568 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-px46scnlxs.px-cloud.net/api/v2/collector
Requested by
Host: www.simon.com
URL: https://www.simon.com/46SCNLxs/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
632ab2b45090f9a26d484d43e3937d7f5d5bf95bd9a1bb5c070fce022edf5b51

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.simon.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
568
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		45 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_50HhUC4JudKTp89&Q_SIID=SI_agkD9kbbfyulObX&Q_ASID=AS_30846982&Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web&r=1688380661528
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.93.0&Q_CLIENTTYPE=web&Q_BRANDID=spg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.simon.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
b4c09d7c36152098
cf-ray
7e0e7e9e9e99383e-FRA
wr-dialog-close-btn-white.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 		254 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Fri, 23 Jan 2032 09:42:17 GMT
date
Mon, 03 Jul 2023 10:37:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
45276924
cf-polished
origSize=759
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time
4
content-length
254
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 10 Jan 2022 17:59:44 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
7e0e7e9e9eb41c07-FRA
trace-id
352ac693724f814b
servershortname
p
b.px-cdn.net/api/v1/PX46SCNLxs/d/ 		197 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.px-cdn.net/api/v1/PX46SCNLxs/d/p
Requested by
Host: www.simon.com
URL: https://www.simon.com/46SCNLxs/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.92.56 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
56.92.120.34.bc.googleusercontent.com
Software
/
Resource Hash
d2fb8efa9117a6726007d297cc6f961b971fd10157a5799ad5ad1473db0b844d

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
multipart/form-data; boundary=----------------4z2dqc1b8t1excep

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
via
1.1 google
access-control-allow-methods
HEAD,GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.simon.com
access-control-allow-credentials
true
access-control-allow-headers
authorization
content-length
197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1140158146042774&ev=Microdata&dl=https%3A%2F%2Fwww.simon.com%2F&rl=&if=false&ts=1688380661681&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Simon%3A%20Shopping%2C%20Dining%20and%20Entertainment%20Destinations%20Near%20You%22%2C%22meta%3Adescription%22%3A%22Find%20a%20Simon%20Malls%2C%20Simon%20Mills%20and%20Simon%20Premium%20Outlets%20near%20you.%20Touch%2C%20try%2C%20buy%20your%20favorite%20fashion%20discovery%20at%20a%20Simon%20Center.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Simon%20Property%20Group%22%2C%22url%22%3A%22https%3A%2F%2Fwww.simon.com%22%2C%22logo%22%3A%22https%3A%2F%2Fadc3ef35f321fe6e725a-fb8aac3b3bf42afe824f73b606f0aa4c.ssl.cf1.rackcdn.com%2Flogos%2FSimon-Malls-Logo-black.png%22%2C%22alternateName%22%3A%22Simon%20Premium%20Outlets%22%2C%22brand%22%3A%22Premium%20Outlets%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.youtube.com%2Fuser%2FSimonPropertyGroup%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fpremiumoutlets%2F%22%2C%22https%3A%2F%2Fwww.facebook.com%2Fpremiumoutlets%22%2C%22https%3A%2F%2Ftwitter.com%2FPremiumOutlets%22%5D%2C%22contactPoint%22%3A%7B%22%40type%22%3A%22ContactPoint%22%2C%22telephone%22%3A%22%2B1-317-636-1600%22%2C%22contactType%22%3A%22customer%20support%22%2C%22email%22%3A%22customercare%40simon.com%22%2C%22areaServed%22%3A%5B%22US%22%5D%7D%7D%5D&sw=1600&sh=1200&v=2.9.110&r=stable&ec=1&o=30&fbp=fb.1.1688380661145.552869010&it=1688380661073&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 03 Jul 2023 10:37:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=161020634341891&ev=Microdata&dl=https%3A%2F%2Fwww.simon.com%2F&rl=&if=false&ts=1688380661725&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Simon%3A%20Shopping%2C%20Dining%20and%20Entertainment%20Destinations%20Near%20You%22%2C%22meta%3Adescription%22%3A%22Find%20a%20Simon%20Malls%2C%20Simon%20Mills%20and%20Simon%20Premium%20Outlets%20near%20you.%20Touch%2C%20try%2C%20buy%20your%20favorite%20fashion%20discovery%20at%20a%20Simon%20Center.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Simon%20Property%20Group%22%2C%22url%22%3A%22https%3A%2F%2Fwww.simon.com%22%2C%22logo%22%3A%22https%3A%2F%2Fadc3ef35f321fe6e725a-fb8aac3b3bf42afe824f73b606f0aa4c.ssl.cf1.rackcdn.com%2Flogos%2FSimon-Malls-Logo-black.png%22%2C%22alternateName%22%3A%22Simon%20Premium%20Outlets%22%2C%22brand%22%3A%22Premium%20Outlets%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.youtube.com%2Fuser%2FSimonPropertyGroup%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fpremiumoutlets%2F%22%2C%22https%3A%2F%2Fwww.facebook.com%2Fpremiumoutlets%22%2C%22https%3A%2F%2Ftwitter.com%2FPremiumOutlets%22%5D%2C%22contactPoint%22%3A%7B%22%40type%22%3A%22ContactPoint%22%2C%22telephone%22%3A%22%2B1-317-636-1600%22%2C%22contactType%22%3A%22customer%20support%22%2C%22email%22%3A%22customercare%40simon.com%22%2C%22areaServed%22%3A%5B%22US%22%5D%7D%7D%5D&sw=1600&sh=1200&v=2.9.110&r=stable&ec=1&o=30&fbp=fb.1.1688380661145.552869010&it=1688380661073&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 03 Jul 2023 10:37:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
track
events.api.boomtrain.com/event/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.boomtrain.com/event/track
Requested by
Host: www.simon.com
URL: https://www.simon.com/46SCNLxs/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.253.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-253-103.compute-1.amazonaws.com
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 03 Jul 2023 10:37:42 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, x-app-id
content-length
2
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/plain
collector
collector-px46scnlxs.px-cloud.net/api/v2/ 		572 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-px46scnlxs.px-cloud.net/api/v2/collector
Requested by
Host: www.simon.com
URL: https://www.simon.com/46SCNLxs/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7518947920dcdc40094ad4b3c4f2207d191cf6363b046b2ad0c41e2dc355eca3

Request headers

Referer
https://www.simon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Jul 2023 10:37:41 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.simon.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
572

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
10955082.fls.doubleclick.net
URL
https://10955082.fls.doubleclick.net/activityi;src=10955082;type=ret01;cat=simon0;ord=9203725468039;gtm=45He36s0;auiddc=67316742.1688380660;u1=https%3A%2F%2Fwww.simon.com%2F;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.simon.com%2F?
Domain
snap.licdn.com
URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Domain
px4.ads.linkedin.com
URL
https://px4.ads.linkedin.com/collect?pid=1419361&tm=gtmv2&url=https%3A%2F%2Fwww.simon.com%2F&v=2&fmt=js&time=1688380660208&cookiesTest=true&liSync=true&e_ipv6=AQJcYdNk6vuk3AAAAYkbVFwewXVC31Pm-_YqRbAdRjBhTg5x6TtuFku1h5QFSLdcawKlLlOf
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26778601-3&cid=397096001.1688380660&jid=2141285541&_u=YEBAAAAAAAAAAC~&z=1890178718
Domain
insight.adsrvr.org
URL
https://insight.adsrvr.org/track/up?adv=o8x4hrm&ref=https%3A%2F%2Fwww.simon.com%2F&upid=8g4lneo&upv=1.1.0
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/478881250/?random=1688380660152&cv=11&fst=1688378400000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.simon.com%2F&frm=0&tiba=Simon%3A%20Shopping%2C%20Dining%20and%20Entertainment%20Destinations%20Near%20You&fmt=3&is_vtc=1&random=2779113970&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo string| yo_urlprefix object| OneTrustStub function| OptanonWrapper object| dataLayer string| apiUrl object| content number| iPos function| $ function| jQuery object| picturefillCFG function| picturefill object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| otStubData object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| fbq function| _fbq string| axel number| a function| zync_call function| pdst object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData object| _sz object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups function| ttd_dom_ready function| TTDUniversalPixelApi function| onYouTubeIframeAPIReady object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.93.0 function| bt object| _bt object| _qsie string| _pxAppId object| PX46SCNLxs object| PX undefined| _46SCNLxshandler string| PX46SCNLxs_csdp

28 Cookies

Domain/Path Name / Value
www.simon.com/ Name: _pxhd
Value: mwk6Xvmnm8vOanuIwL6dWK67RsYpnUjvAtI9iRBlhP-XR6UmjReJ7elZCW3rt-sVknwcZNSfXk1Bnau8AdN2mQ==:LMYdmtdVtSsBAxt6DO2DslHBXk86sPwqOuQL48za49WUc/OCAe8NyCohKvN7qPd2QEBtDzZKnCBUsFxJfAnGHrqBwztbxIoLQFk4riVOdA4=
.simon.com/ Name: _gcl_au
Value: 1.1.67316742.1688380660
.simon.com/ Name: _gid
Value: GA1.2.1950048817.1688380660
.simon.com/ Name: _gat_UA-26778601-3
Value: 1
www.simon.com/ Name: __pdst
Value: 128de50260a14147a8ecf2464abc889f
.simon.com/ Name: nmstat
Value: c0336b1b-8548-5d2b-e1f0-a4ea33bff2a2
84061.global.siteimproveanalytics.io/ Name: AWSALBCORS
Value: KzlB2lT5yx2Q0y3JX8zHuznNGQJlTnSO/eyJD3XUygy5pK+M6fK2LeV65yzfLHruqeN5s34jGvbk4WncYRPHgB8mVBfBAt3JG6V79387vevX562qlwkQfnicWsAd
.linkedin.com/ Name: li_sugr
Value: da75a957-55c8-4ede-96b5-f8abde2dcae6
.linkedin.com/ Name: bcookie
Value: "v=2&4a4701ff-ed96-4c4c-8171-b771c321eae9"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2966:u=1:x=1:i=1688380660:t=1688467060:v=2:sig=AQEwUrP27qeiQq3pdwjW6NPGGQacCrvL"
.linkedin.com/ Name: UserMatchHistory
Value: AQI20Ic75gRLOwAAAYkbVFrr6I0VvECik2SIkedyYPU6fmn2PouSinez40SIwdziwHhm49-F366_eQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKz0EU6VmYu9QAAAYkbVFrrEvLEXW0LXMlXbXKAyjeIaqxGcnz_-brwuiKylgLjOlLik8fz8K6VqCGPP4xoNg
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230703103740f52d6da4-1dee-417a-8d7b-ff0607de12e3AQGI67mCI4K3RlubAar--rdCgjUPIU1c"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODgzODA2NjA7MjswMjGndXqKPbteZmbnEKan2eHFJNxOX09IRIvGPgTXXrtkHA==
.www.simon.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Jul+03+2023+10%3A37%3A41+GMT%2B0000+(GMT)&version=202306.1.0&browserGpcFlag=0&isIABGlobal=false&consentId=38b4d9f2-3e79-4de6-835d-b92b056796bf&interactionCount=0&landingPath=https%3A%2F%2Fwww.simon.com%2F&groups=C0001%3A1%2CC0003%3A0%2CC0005%3A0%2CC0002%3A0%2CC0004%3A0&hosts=H208%3A0%2CH98%3A0%2CH139%3A0%2CH114%3A0%2CH192%3A0%2CH216%3A0%2CH1%3A0%2CH217%3A0%2CH32%3A0%2CH13%3A0%2CH87%3A0%2CH65%3A0%2CH211%3A0%2CH223%3A0%2CH224%3A0&genVendors=
.simon.com/ Name: _fbp
Value: fb.1.1688380661145.552869010
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.simon.com/ Name: _ga_27H1864FVV
Value: GS1.1.1688380661.1.0.1688380661.0.0.0
.simon.com/ Name: _ga
Value: GA1.1.397096001.1688380660
.rezync.com/ Name: zync-uuid
Value: e38eb3b0-593f-42af-a562-885d8e9e6971:1688380661.153308
live.rezync.com/ Name: sd-session-id
Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiZTM4ZWIzYjAtNTkzZi00MmFmLWE1NjItODg1ZDhlOWU2OTcxOjE2ODgzODA2NjEuMTUzMzA4In0.ZKKk9Q.Hpx7JfqKO1aRwLSSS_QSRRLdp7o
.simon.com/ Name: btIdentify
Value: 2f7597ca-defa-4896-d564-cba63fe297ce
.simon.com/ Name: _bts
Value: b6f3e3ea-a5af-43cc-bf28-75641f6c642e
.simon.com/ Name: _pxvid
Value: a1ed3fa1-198d-11ee-9575-2eea449d16e1
.simon.com/ Name: pxcts
Value: a3444f1e-198d-11ee-8098-48714c594d44
.simon.com/ Name: __pxvid
Value: a357268d-198d-11ee-ac9e-0242ac120003
.simon.com/ Name: _bti
Value: %7B%22app_id%22%3A%22spg-simon-b2c%22%2C%22bsin%22%3A%22uJh6PmgKRs4nBvNBbdwbLEyD0MD3yZUHsMAY3C4AVAR1Vq1pk6qN%2B5M%2BaDnnytGSEJHHOq4enVghmlwGGaeihQ%3D%3D%22%2C%22is_identified%22%3Afalse%7D
.simon.com/ Name: _px3
Value: b09aaa05ea708b44f8a85f2c61c283362f47c6ef315bd56745e13173e03115e3:hutehyDpdT5msqM+ujv9kg/fgEq3h+TrR/cKNPzV68LADGtBoRAQ5ryjb0I27v+JM05y7RV38sTW/aAabjjc8Q==:1000:f2bYDt/xkFmMWixqZr7HoLiXk+apy29IBt7ZUAGWc9Bj2rjnYiq4AI57AJnc+wOfhpFp3Olr6js15UrL/X75DlY9FacnyGBAs5O8CsI0Awka5ybKLEVzvtyh2becW03PB6/G7ru+B6t/VFYQP9Q2IqkrAUMqTchr+1y3aW1uXxBkQO64+SMldKxRgi5/wU3hhO5Zu9LfpyZ2Ce7wqoPZPA==

6 Console Messages

Source Level URL
Text
security error URL: https://www.simon.com/(Line 13)
Message:
Refused to load the script 'https://snap.licdn.com/li.lms-analytics/insight.min.js' because it violates the following Content Security Policy directive: "script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net".
security error URL: https://cdn.pdst.fm/ping.min.js
Message:
Refused to connect to 'https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink' because it violates the following Content Security Policy directive: "default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
javascript error URL: https://cdn.pdst.fm/ping.min.js
Message:
Refused to connect to 'https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink' because it violates the document's Content Security Policy.
security error URL: https://www.simon.com/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26778601-3&cid=397096001.1688380660&jid=2141285541&_u=YEBAAAAAAAAAAC~&z=1890178718' because it violates the following Content Security Policy directive: "img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net".
security error URL: https://www.simon.com/
Message:
Refused to load the image 'https://px4.ads.linkedin.com/collect?pid=1419361&tm=gtmv2&url=https%3A%2F%2Fwww.simon.com%2F&v=2&fmt=js&time=1688380660208&cookiesTest=true&liSync=true&e_ipv6=AQJcYdNk6vuk3AAAAYkbVFwewXVC31Pm-_YqRbAdRjBhTg5x6TtuFku1h5QFSLdcawKlLlOf' because it violates the following Content Security Policy directive: "img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net".
security error URL: https://www.simon.com/
Message:
Refused to load the image 'https://www.google.de/pagead/1p-user-list/478881250/?random=1688380660152&cv=11&fst=1688378400000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.simon.com%2F&frm=0&tiba=Simon%3A%20Shopping%2C%20Dining%20and%20Entertainment%20Destinations%20Near%20You&fmt=3&is_vtc=1&random=2779113970&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; frame-ancestors 'self'; img-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; script-src-elem 3lift.com *.adroll.com adsrvr.orgajax.aspnetcdn.com ads.yahoo.com ajax.aspnetcdn.com *.akamaihd.net *.amazonaws.com assets.pinterest.com *.azurewebsites.net *.bambuser.com beacon.sojern.com *.bing.com blob: *.blob.core.windows.net *.boomtrain.com cdnjs.cloudflare.com cdn.shopify.com *.clarity.ms *.clickmeter.com *.cloudfront.net connect.facebook.net connect.nosto.com *.cookielaw.org data: *.doubleclick.net dsum-sec.casalemedia.com eb2.3lift.com *.elfsight.com errorpageseus2.z20.web.core.windows.net facebook.net fcmatch.youtube.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.google.com.mx *.googletagmanager.com *.gstatic.cn *.gstatic.com ib.adnxs.com idsync.rlcdn.com insight.adsrvr.org js.adsrvr.org linkedin.com live.rezync.com log.pinterest.com *.mappedin.ca *.mappedin-cloud.com *.mappedin.com match.adsrvr.org mipubapistorageprod.blob.core.windows.net *.movienewsletters.net *.movies-previews.com *.onetrust.com p.adsymptotic.com *.pdst.fm *.perimeterx.net *.pingdom.net pixel.advertising.com pixel.rubiconproject.com pixel.sojern.com p.placed.com *.premiumoutlets.com *.pubmatic.com px.ads.linkedin.com *.px-cdn.net *.pxchk.net *.px-client.net *.px-cloud.net *.qualtrics.com *.quantcount.com *.quantserve.com *.rackcdn.com *.rackspacecloud.com *.rackspace.com *.recaptcha.net rlcdn.com rtb-csync.smartadserver.com *.s3.amazonaws.com s3.amazonaws.com 'self' *.sentry.io simage2.pubmatic.com *.simon.com *.simonpropertygroup.com *.simonwifi.com *.simpli.fi *.siteimproveanalytics.com siteimproveanalytics.com *.siteimproveanalytics.io smnsrch.azureedge.net sp.analytics.yahoo.com *.splashthat.com sync.outbrain.com sync.taboola.com tag.simpli.fi tags.srv.stackadapt.com themes.googleusercontent.com trc.taboola.com 'unsafe-eval' 'unsafe-inline' ups.analytics.yahoo.com us-u.openx.net *.westworldmedia.com www.facebook.com www.linkedin.com x.bidswitch.net yimg.com *.yottaa.net; report-uri https://qoe-1.yottaa.net/_/csp-reports?siteKey=etWhA4-bSWUsVg
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10955082.fls.doubleclick.net
84061.global.siteimproveanalytics.io
b.px-cdn.net
cdn-fsly.yottaa.net
cdn.boomtrain.com
cdn.cookielaw.org
cdn.pdst.fm
collector-px46scnlxs.px-cloud.net
connect.facebook.net
events.api.boomtrain.com
geolocation.onetrust.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
live.rezync.com
people.api.boomtrain.com
px4.ads.linkedin.com
qoe-1.yottaa.net
region1.google-analytics.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
simon.com
siteimproveanalytics.com
siteintercept.qualtrics.com
snap.licdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.simon.com
znbxgbnorumafz325-spg.siteintercept.qualtrics.com
10955082.fls.doubleclick.net
insight.adsrvr.org
px4.ads.linkedin.com
snap.licdn.com
www.google.de
104.17.208.240
108.138.15.119
140.174.12.171
140.174.14.84
151.101.194.133
18.66.122.42
20.69.216.13
2001:4860:4802:34::36
2001:4860:4802:36::178
2606:4700:10::6816:3768
2606:4700::6812:1d26
2606:4700::6812:aa72
2606:4700:e4::ac40:ac0c
2a00:1450:4001:802::2008
2a00:1450:4001:806::2004
2a00:1450:4001:813::2002
2a00:1450:400c:c0d::9c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.120.92.56
35.158.7.124
35.190.10.96
35.244.142.80
52.71.117.98
54.194.199.158
54.197.253.103
65.9.66.64
01c3438e50d58de84321c3339634dec4c3157aee8d4624778de5b2a8b91ff4a2
02605b08aeb30976d465a0e228e61a1e02f87f8138e64d0cf11cf19782e18881
0a149cda044f75e0d2f9f88b1427aff1c503cd39893f914895764ca6fa6a1bcc
0cee4838624a1011102d5ecd6bf0086a6a96f006525bb583eefa8f2304e544f6
0ee000695d8f35a770d62ed584eaa991295202feda24deddb8e6b9af81225ccd
115b3ac3b510c72e96eaf0c25fbcff7a5e2027a6438cc80eb91c6c6f2fa5d25f
134f74b3d684a91c5c505836dec77039fa7045355b7a44714e9bbf66d814f034
165dcc8e5e1f4a598bfaae7a74122d15c7bb3ed5d282a3358d750774553211d8
16c4b7933a93e06aa3495c11d36345baaa488ddf4f12a01dbb6e51bb3e887d10
1dd92b7c91fcd1e1ae95e9e306fa6b038925171f4577a728443366082d78eb8c
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2bc02ad4ce3b6ddb6b52086e288eab32ca3bd77ea0098593300747f9b16ec0b8
30e2fa7256c0116cb6081f0e53dc8caed24ac2b02800a03ad9428a87621af153
32f2a7f7c9e87eacc7b20ecccb96217a1f5587a5b397c0a1a93d0529eb6ca63d
332d3c316d7f4cb0630b63825e57e3efed89d39d9158fa64687435577e5ef2de
4a34565d31986f41b63e320ba6116c560664c1bad04a7900158246ecd5c3f4fd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
571a3554d5d5ba18b6ab0475a0b82ce59b0d0abc7bb3308096448a7ee4306418
622b87cd323c2bf72be5f32cd0c0aebeda076a77a7b25053f0b38f099f9c4b90
632ab2b45090f9a26d484d43e3937d7f5d5bf95bd9a1bb5c070fce022edf5b51
64235efc707bd297246bde0489812ab9d2550b1f5e0809360d34bdcd873ecfde
7518947920dcdc40094ad4b3c4f2207d191cf6363b046b2ad0c41e2dc355eca3
80612033ea475d4cebf196357cc1f0b9eec98c0cfcaff55531acacd5bf3a459a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87eb33e98aee5464f94adc1fee011223d092134bc21d78b1a9b4b2532f18a7d0
8e0864947aef199aff5de0d134415c55f868f6c245bd3daeab2f7068f790e6a5
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
93c64d290a7512287a9585ce911116c0c6eb19f4ff4ffb4d90623e8e2916bf8c
99a6bc93e96588a4f16db8dde79dd1b740de7402b46882312de8fbd4a7fe2983
acb3a6cbb5590c605c01b49c4cc352735e1612c4094e5e7e5e38205b57df5495
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b24c5b325810b01a60487c8a42151b8f6ac44d1173722ec526c54fe7c4b7c762
b2c3a01fab7fec52a28c366db61fb20cf6af8c0e731192c127a8282febf6dad9
b719c660e90be982fe04cb70948a4a11c759acc63693e5778863816bd0829252
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0d39de1e43c8c2413703d0d877d50edd3868d51b122002ce02f08731ad75e2c
c55c5e9ffb5817611cd465e48bb1fb180e221cd31b9a275b9e7c8d7b78a4632a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cd5496f75a7c1029bc681f639794b83f034d5ecd884e8514ae12b13eee9eec70
ce971a85a7560663277a75616c10868440115f03271a68cd05a7d27f5dcbf585
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d2fb8efa9117a6726007d297cc6f961b971fd10157a5799ad5ad1473db0b844d
d5d739f1ba697b38e23af17131b12a8e092b4b0e3a625859c6ebf5cd9c9b7ca5
d89049f3611234880b7ac692230e4c4f4607b8fd3b292764a8f7ab9d19edf846
d8b5868763ca6a59150ba893e61fdb95bb4bf05e57d058fce35269db8fec2aea
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8b7eefdf0a42f27db830cc777daa110c7d4244afb4d60471d230b567cbee9d
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
e15470c119b4ed0f52719b61a194a9843da12683fe1d9bf0c3b491bb388258ac
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ec170cf44fe73519bbaa205eaee7cd092f710a69e16641fc155840b14b435b1c
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f7188218c14d8507d77d094e1e936a2c66327c6fdf895843e019f37aa69af501
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
ffb53a5076d2dd933b8eb43ce7b4d38601c8068f948855265a05e38d5cf7f8a4
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba