concur.marriott.com Open in urlscan Pro
54.82.185.143  Public Scan

38 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://links.concurtechnologies.mkt7817.com/ctt?kn=6&ms=MTQxNjE5MDYS1&r=Mjg4NjkxMDQxNzY5S0&b=0&j=MTQ2MjY4NzIxMQS2&mt=1&rt=0 HTTP 302
   https://concur.marriott.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

• http://cache.marriott.com/Images/Arrows/icon_newwindow_9x8.gif HTTP 301
• https://cache.marriott.com/Images/Arrows/icon_newwindow_9x8.gif

Request Chain 35

• https://dc.ads.linkedin.com/collect/?pid=360572&fmt=gif HTTP 302
• https://dc.ads.linkedin.com/collect/?pid=360572&fmt=gif&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Fpid%3D360572%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect/?pid=360572&fmt=gif&cookiesTest=true&liSync=true

Request Chain 39

• https://pixel.mathtag.com/event/js?mt_id=928582&mt_adid=157694&v1=&v2=&v3= HTTP 302
• https://pixel.mathtag.com/event/js?mt_id=928582&mt_adid=157694&v1=&v2=&v3=&mm_bnc&mm_bct HTTP 302
• https://ak1s.abmr.net/is/pixel.mathtag.com?U=/event/js&V=3-2sFXQvVp%2fqmv9hmKh%2f6gKt9jz0euM+1tRGYNAXmGyUDA20hV2xuKBA%3d%3d&I=55F8C9FC45B1C4D&D=mathtag.com&01AD=1&mt_id=928582&mt_adid=157694&v1=&v2=&v3=&mm_bnc&mm_bct HTTP 302
• https://pixel.mathtag.com/event/js?01AD=3xo5JV4di0lMhKD12yFTznOH39Y4bTE9adRtDZ72Xu_cKx8gHt1FBUw&01RI=55F8C9FC45B1C4D&01NA=na&mt_id=928582&mt_adid=157694&v1=&v2=&v3=&mm_bnc&mm_bct

Request Chain 40

• https://tag.yieldoptimizer.com/ps/ps?t=s&p=1062&pg=hm&u=&umm=&si=&bd=&t=s HTTP 302
• https://tag.yieldoptimizer.com/ps/ps?tc=661636143&t=s&p=1062&pg=hm&u=&umm=&si=&bd=&t=s

Request Chain 42

• https://tag.yieldoptimizer.com/ps/ps?t=s&p=1062&sg=y&t=s HTTP 302
• https://tag.yieldoptimizer.com/ps/ps?tc=497951744&t=s&p=1062&sg=y&t=s

Request Chain 45

• https://www.facebook.com/tr?id=836072006419889&ev=AdditionalInfo&cd[brandsite]=&cd[SPG_level]=&cd[language]=&cd[propertycountry]=&cd[propertystate]=&cd[propertycity]=&cd[propertyID]=&content_type=product&content_ids=&cd[SPG_signin]= HTTP 302
• https://cx.atdmt.com/?c=14083011483849897743&f=AYweqbqCLpzzKEulrdzjhUBUtl9F6Gd5GLk0Ad5oH_aqW_FYneBHhNoTl8vHkW_cEBO2l_TMO5Bdu0jUlpqyqPpk&id=836072006419889&l=3&v=0

Request Chain 50

• https://s.tribalfusion.com/i.cid?c=710883&d=30&page=landingPage HTTP 302
• https://s.tribalfusion.com/z/i.cid?c=710883&d=30&page=landingPage HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662449803888194 HTTP 302
• https://a.tribalfusion.com/i.match?p=b6&u=CAESEPPEE974nhbE6Rx9UMHNPJs&google_cver=1&google_ula=2786954,0

Request Chain 52

• https://gwmtracking.com/p/v/1/58056711f8708173f6cd7c4e/format/img HTTP 302
• https://ad.doubleclick.net/ddm/activity/src=8359723;type=invmedia;cat=leaohz58;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
• https://ad.doubleclick.net/ddm/activity/src=8359723;dc_pre=CO3urYmil90CFVLgGwodJsEPLg;type=invmedia;cat=leaohz58;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
• https://adservice.google.com/ddm/fls/z/src=8359723;dc_pre=CO3urYmil90CFVLgGwodJsEPLg;type=invmedia;cat=leaohz58;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 53

• https://pixel.sojern.com/pixel/img/45982?p_v=1&f_v=v3_image&vid=hot HTTP 307
• https://cm.g.doubleclick.net/pixel?google_cm=&google_hm=QHw-EopYAuEhYAn89z5K6Q&google_nid=sojern__adx_open_bidder_seat&google_sc=&sjrn_e=c3JjPTQ4MDc1MjQ7dHlwZT1zYWxlcztjYXQ9YnFhOGpwa2o7cXR5PTE7Y29zdD0wO3UxPTt1MTY9O2RjX2xhdD07ZGNfcmRpZD07dGFnX2Zvcl9jaGlsZF9kaXJlY3RlZF90cmVhdG1lbnQ9O29yZD1bT3JkZXJJRF0&sjrn_id=8Rju9fsc3YluvYwK4KzVGcgKKN3syycWOTR1WMpOutnC1gPZ2-zcdinWmhUrP7HA&sjrn_p=dbm&sjrn_pid=45982&sjrn_ula=437475082 HTTP 302
• https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_e=c3JjPTQ4MDc1MjQ7dHlwZT1zYWxlcztjYXQ9YnFhOGpwa2o7cXR5PTE7Y29zdD0wO3UxPTt1MTY9O2RjX2xhdD07ZGNfcmRpZD07dGFnX2Zvcl9jaGlsZF9kaXJlY3RlZF90cmVhdG1lbnQ9O29yZD1bT3JkZXJJRF0&sjrn_id=8Rju9fsc3YluvYwK4KzVGcgKKN3syycWOTR1WMpOutnC1gPZ2-zcdinWmhUrP7HA&sjrn_p=dbm&sjrn_pid=45982&sjrn_ula=437475082&google_gid=CAESEJDiDTpBMrymll1du8YRs9k&google_cver=1 HTTP 307
• https://ad.doubleclick.net/ddm/activity/src=4807524;type=sales;cat=bqa8jpkj;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID] HTTP 302
• https://ad.doubleclick.net/ddm/activity/src=4807524;dc_pre=CIWMg4mil90CFZQSGwodu70F0A;type=sales;cat=bqa8jpkj;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID] HTTP 302
• https://adservice.google.com/ddm/fls/z/src=4807524;dc_pre=CIWMg4mil90CFZQSGwodu70F0A;type=sales;cat=bqa8jpkj;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID]

Request Chain 55

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980103997/?guid=ON&script=0 HTTP 302
• https://www.google.com/ads/user-lists/980103997/?guid=ON&script=0&cdct=2&is_vtc=1&random=3348857713 HTTP 302
• https://www.google.de/ads/user-lists/980103997/?guid=ON&script=0&cdct=2&is_vtc=1&random=3348857713&ipr=y&ulfeg=n

Request Chain 57

• https://gwmtracking.com/p/v/1/59399701f870816e84e9fb92/format/img HTTP 302
• https://ad.doubleclick.net/ddm/activity/src=8359723;type=invmedia;cat=fa6ivejj;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
• https://ad.doubleclick.net/ddm/activity/src=8359723;dc_pre=CJivuImil90CFUxsGwodt70FFA;type=invmedia;cat=fa6ivejj;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
• https://adservice.google.com/ddm/fls/z/src=8359723;dc_pre=CJivuImil90CFUxsGwodt70FFA;type=invmedia;cat=fa6ivejj;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 61

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880594411/?value=0&guid=ON&script=0&data=SPG_TIER%3D%3BBRAND_SITE%3D%3Bgoogle_custom_params%3Dwindow.google_tag_params%3Bvar%20google_remarketing_only%3Dtrue HTTP 302
• https://www.google.com/ads/user-lists/880594411/?value=0&guid=ON&script=0&data=SPG_TIER%3D%3BBRAND_SITE%3D%3Bgoogle_custom_params%3Dwindow.google_tag_params%3Bvar%20google_remarketing_only%3Dtrue&cdct=2&is_vtc=1&random=440322389 HTTP 302
• https://www.google.de/ads/user-lists/880594411/?value=0&guid=ON&script=0&data=SPG_TIER%3D%3BBRAND_SITE%3D%3Bgoogle_custom_params%3Dwindow.google_tag_params%3Bvar%20google_remarketing_only%3Dtrue&cdct=2&is_vtc=1&random=440322389&ipr=y&ulfeg=n

Request Chain 65

• https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/5905 HTTP 302
• https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

Request Chain 67

• https://cm.g.doubleclick.net/pixel?google_nid=yo&google_hm=MzA4NDA3OTU5OTgy&google_sc&google_cm HTTP 302
• https://tag.yieldoptimizer.com/ps/cmap?t=i&n=20&x=&google_gid=CAESELpjRCzvTBGp_qQ7MjUj_RU&google_cver=1

Request Chain 68

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0 HTTP 302
• https://www.google.com/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&crd=CITQGw&cdct=2&is_vtc=1&random=3380507259 HTTP 302
• https://www.google.de/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&crd=CITQGw&cdct=2&is_vtc=1&random=3380507259&ipr=y

Request Chain 70

• https://idsync.rlcdn.com/394499.gif?partner_uid=308407959982 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CIOKGBIXChMIARDPZBoMMzA4NDA3OTU5OTgyEAAaDQiU4qTcBRIFCOgHEAA HTTP 307
• https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIlOKk3AUSBAgCEAA HTTP 302
• https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIlOKk3AUSBAgCEAA&google_gid=CAESELcsoAPfoUYEldPNnjyYqSA&google_cver=1 HTTP 307
• https://pixel.sojern.com/idSync/sync?pid=arbor

Request Chain 73

• https://ad.doubleclick.net/ddm/activity/src=8012915;type=invmedia;cat=kbq6lsee;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
• https://ad.doubleclick.net/ddm/activity/src=8012915;dc_pre=CIvlk4mil90CFc6eGwod61UNYg;type=invmedia;cat=kbq6lsee;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
• https://adservice.google.com/ddm/fls/z/src=8012915;dc_pre=CIvlk4mil90CFc6eGwod61UNYg;type=invmedia;cat=kbq6lsee;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 74

• https://ad.doubleclick.net/ddm/activity/src=4576008;type=invmedia;cat=uorroi2k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
• https://ad.doubleclick.net/ddm/activity/src=4576008;dc_pre=CMHlk4mil90CFdNEGwodO2YG1A;type=invmedia;cat=uorroi2k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
• https://adservice.google.com/ddm/fls/z/src=4576008;dc_pre=CMHlk4mil90CFdNEGwodO2YG1A;type=invmedia;cat=uorroi2k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 75

• https://ad.doubleclick.net/ddm/activity/src=5640398;type=invmedia;cat=civlabkg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
• https://ad.doubleclick.net/ddm/activity/src=5640398;dc_pre=CMjqk4mil90CFQmRGwodohkKwQ;type=invmedia;cat=civlabkg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
• https://adservice.google.com/ddm/fls/z/src=5640398;dc_pre=CMjqk4mil90CFQmRGwodohkKwQ;type=invmedia;cat=civlabkg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 76

• https://sslwidget.criteo.com/event?a=18543&v=4.7.0&p0=e%3Dexd%26site_type%3Dd%26ui_memberlevel%3D&p1=e%3Dvh%26ci_site%3D&p2=e%3Dvh&p3=e%3Ddis%26a%3D%255Ban%25253Dweb-marriottus.com%252526cn%25253D%252526ln%25253D%252Can%25253Dweb-starwood.com%252526cn%25253D%252526ln%25253D%252Can%25253Dweb-ritzcarlton.com%252526cn%25253D%252526ln%25253D%252C18543%255D&adce=1&lwid=5f8874e2-9792-46ac-9006-d22baafe400f&tld=marriott.com&dtycbr=98799 HTTP 302
• https://widget.us.criteo.com/event?a=18543&v=4.7.0&p0=e%3Dexd%26site_type%3Dd%26ui_memberlevel%3D&p1=e%3Dvh%26ci_site%3D&p2=e%3Dvh&p3=e%3Ddis%26a%3D%255Ban%25253Dweb-marriottus.com%252526cn%25253D%252526ln%25253D%252Can%25253Dweb-starwood.com%252526cn%25253D%252526ln%25253D%252Can%25253Dweb-ritzcarlton.com%252526cn%25253D%252526ln%25253D%252C18543%255D&adce=1&lwid=5f8874e2-9792-46ac-9006-d22baafe400f&tld=marriott.com&dtycbr=98799

Request Chain 83

• https://sync.jivox.com/tags/sync/usync.php?px=Nc6gu0QY&src=re&id=65b1e69a256048&r=0.48455148746152776 HTTP 302
• https://s.thebrighttag.com/cs?tp=jx&uid=r2iSLkUjQTHc&gdpr=0

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response concur.marriott.com/ Redirect Chain http://links.concurtechnologies.mkt7817.com/ctt?kn=6&ms=MTQxNjE5MDYS1&r=Mjg4NjkxMDQxNzY5S0&b=0&j=MTQ2MjY4NzIxMQS2&mt=1&rt=0 https://concur.marriott.com/	45 KB 9 KB	367ms 134ms	Document text/html	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash ee64a1b43029cfcb0a6a4021eae40c79437a0d59182b69998e82e06b0bc47e5d Request headers :method GET :authority concur.marriott.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 3DF07EDC456320B783E3FCCD77AFC045 Response headers status 200 server nginx date Fri, 31 Aug 2018 12:14:10 GMT content-type text/html; charset=UTF-8 link <https://concur.marriott.com/wp-json/>; rel="https://api.w.org/" <https://concur.marriott.com/>; rel=shortlink wpe-backend apache x-cacheable SHORT vary Accept-Encoding,Cookie cache-control max-age=600, must-revalidate x-cache HIT: 2 x-pass-why x-cache-group normal x-type default content-encoding gzip Redirect headers Date Fri, 31 Aug 2018 12:14:10 GMT Location https://concur.marriott.com/ Content-Length 0 Connection close Content-Type text/plain; charset=UTF-8
GET H2	200	parent.css concur.marriott.com/wp-content/themes/marriott-members-child/assets/styles/	28 KB 6 KB	105ms 104ms	Stylesheet text/css	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/wp-content/themes/marriott-members-child/assets/styles/parent.css Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash 76230f99cdb7f34ea2df4e6c808f3092ab9385e4329584b0f7ecd2a89c6c5132 Request headers :path /wp-content/themes/marriott-members-child/assets/styles/parent.css pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/ :scheme https :method GET Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip last-modified Thu, 16 Aug 2018 19:06:11 GMT server nginx status 200 etag W/"5b75cb23-6e2f" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=2592000
GET H2	200	main.css concur.marriott.com/wp-content/themes/marriott-members/dist/styles/	181 KB 36 KB	201ms 199ms	Stylesheet text/css	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/wp-content/themes/marriott-members/dist/styles/main.css Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash 820c5f8c78803817242dd095f565c880a7594d1c61089f444ef33b28032d3f83 Request headers :path /wp-content/themes/marriott-members/dist/styles/main.css pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/ :scheme https :method GET Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip last-modified Thu, 16 Aug 2018 19:06:11 GMT server nginx status 200 etag W/"5b75cb23-2d59c" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=2592000
GET H2	200	jquery.js Show response concur.marriott.com/wp-includes/js/jquery/	95 KB 39 KB	203ms 202ms	Script application/x-javascript	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/wp-includes/js/jquery/jquery.js?ver=1.12.4 Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e Request headers :path /wp-includes/js/jquery/jquery.js?ver=1.12.4 pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/ :scheme https :method GET Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip last-modified Thu, 16 Aug 2018 19:06:08 GMT server nginx status 200 etag W/"5b75cb20-17ba0" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=2592000
GET H2	200	jquery-migrate.min.js Show response concur.marriott.com/wp-includes/js/jquery/	10 KB 4 KB	105ms 104ms	Script application/x-javascript	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers :path /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/ :scheme https :method GET Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip last-modified Thu, 16 Aug 2018 19:06:08 GMT server nginx status 200 etag W/"5b75cb20-2748" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=2592000
GET H2	200	logolockup.svg concur.marriott.com/wp-content/uploads/2018/07/	20 KB 7 KB	300ms 299ms	Image image/svg+xml	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://concur.marriott.com/wp-content/uploads/2018/07/logolockup.svg Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash 4324d87fdb8b8bd6e0c34c85c4c35f40983ec70467cd7805995eadc4b50c7e09 Request headers :path /wp-content/uploads/2018/07/logolockup.svg pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/ :scheme https :method GET Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip last-modified Thu, 16 Aug 2018 19:06:10 GMT server nginx status 200 etag W/"5b75cb22-4f21" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=2592000
GET S	200	SAP_Concur_horz_R_pos_blugld.png concurcontent.wpengine.com/wp-content/uploads/2018/07/	11 KB 11 KB	430ms 199ms	Image image/png	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://concurcontent.wpengine.com/wp-content/uploads/2018/07/SAP_Concur_horz_R_pos_blugld.png Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash b4bbc6c187af4a7bac4585abdf0f0a786ebbb5a800ec2ca365a3940b63358cd4 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT last-modified Mon, 23 Jul 2018 20:23:26 GMT server nginx status 200 etag "5b56393e-2b9a" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes content-length 11162
GET S	200	icon_newwindow_9x8.gif cache.marriott.com/Images/Arrows/ Redirect Chain http://cache.marriott.com/Images/Arrows/icon_newwindow_9x8.gif https://cache.marriott.com/Images/Arrows/icon_newwindow_9x8.gif	117 B 275 B	36ms 9ms	Image image/gif	104.108.45.72 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://cache.marriott.com/Images/Arrows/icon_newwindow_9x8.gif Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.45.72 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-108-45-72.deploy.static.akamaitechnologies.com Software nginx / Resource Hash da430749ab9b03b3a94ba564d998ac27fdabfbd1863be3a09453e9cf8f7eadfa Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:11 GMT last-modified Sat, 18 Jul 2015 22:37:12 GMT server nginx status 200 content-type image/gif access-control-allow-origin * cache-control private, max-age=53096 accept-ranges bytes content-length 117 expires Sat, 01 Sep 2018 02:59:07 GMT Redirect headers Date Fri, 31 Aug 2018 12:14:11 GMT Server AkamaiGHost Location https://cache.marriott.com/Images/Arrows/icon_newwindow_9x8.gif Access-Control-Allow-Origin * Cache-Control max-age=0 Connection keep-alive Content-Length 0 Expires Fri, 31 Aug 2018 12:14:11 GMT
GET S	200	notice Show response consent.truste.com/	4 KB 2 KB	86ms 28ms	Script text/javascript	54.72.30.167 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://consent.truste.com/notice?domain=marriott.com&c=teconsent&text=true Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.30.167 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-72-30-167.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash f00b48f110d864d1a9ed7a33221dd21da6d05ca4128c48e03f797bd71d1bf7fd Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://concur.marriott.com/ Origin https://concur.marriott.com Response headers date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip server nginx status 200 vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control no-cache content-length 1472 expires Fri, 31 Aug 2018 12:14:10 GMT
GET H2	200	main.bundle.js Show response concur.marriott.com/wp-content/themes/marriott-members-child/assets/scripts/	225 KB 85 KB	297ms 296ms	Script application/x-javascript	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/wp-content/themes/marriott-members-child/assets/scripts/main.bundle.js Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash 138ae1661ff11fff579ff0c1074ee9b9751f07dee6986730540cbced99901dab Request headers :path /wp-content/themes/marriott-members-child/assets/scripts/main.bundle.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/ :scheme https :method GET Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip last-modified Thu, 16 Aug 2018 19:06:11 GMT server nginx status 200 etag W/"5b75cb23-3854c" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=2592000
GET H2	200	main.js Show response concur.marriott.com/wp-content/themes/marriott-members/dist/scripts/	107 KB 25 KB	392ms 392ms	Script application/x-javascript	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/wp-content/themes/marriott-members/dist/scripts/main.js Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash 08c10185065c5d7cce700ba4b32d4033b1c3c1f2d97285ed64824d6e7318e739 Request headers :path /wp-content/themes/marriott-members/dist/scripts/main.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/ :scheme https :method GET Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip last-modified Thu, 16 Aug 2018 19:06:11 GMT server nginx status 200 etag W/"5b75cb23-1ac43" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=2592000
GET H2	200	wp-embed.min.js Show response concur.marriott.com/wp-includes/js/	1 KB 990 B	393ms 392ms	Script application/x-javascript	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/wp-includes/js/wp-embed.min.js?ver=4.9.8 Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0 Request headers :path /wp-includes/js/wp-embed.min.js?ver=4.9.8 pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/ :scheme https :method GET Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip last-modified Thu, 16 Aug 2018 19:06:09 GMT server nginx status 200 etag W/"5b75cb21-576" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=2592000
GET H2	200	sprite.svg concur.marriott.com/wp-content/themes/marriott-members-child/assets/images/	7 KB 3 KB	99ms 98ms	Other image/svg+xml	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/wp-content/themes/marriott-members-child/assets/images/sprite.svg Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash 9eb242723289822a5b8b9c64ccfbbc73e45b1adf34d4467254ae3b5e415783be Request headers :path /wp-content/themes/marriott-members-child/assets/images/sprite.svg pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/ :scheme https :method GET Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip last-modified Thu, 16 Aug 2018 19:06:11 GMT server nginx status 200 etag W/"5b75cb23-1cf8" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=2592000
GET H2	200	brown-regular.woff2 concur.marriott.com/wp-content/themes/marriott-members/dist/fonts/	21 KB 21 KB	100ms 99ms	Font application/x-font-woff	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/wp-content/themes/marriott-members/dist/fonts/brown-regular.woff2 Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash 3a35cfd167c5690e5498942ea0555f45c28bff59155e6d02a1741db91d4610fa Request headers :path /wp-content/themes/marriott-members/dist/fonts/brown-regular.woff2 pragma no-cache origin https://concur.marriott.com accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/wp-content/themes/marriott-members/dist/styles/main.css :scheme https :method GET User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://concur.marriott.com/wp-content/themes/marriott-members/dist/styles/main.css Origin https://concur.marriott.com Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT last-modified Thu, 16 Aug 2018 19:06:19 GMT server nginx status 200 etag "5b75cb2b-5370" vary Accept-Encoding content-type application/x-font-woff access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes content-length 21360
GET H2	200	brown-bold.woff2 concur.marriott.com/wp-content/themes/marriott-members/dist/fonts/	22 KB 22 KB	99ms 99ms	Font application/x-font-woff	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/wp-content/themes/marriott-members/dist/fonts/brown-bold.woff2 Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash 744032229cb76855eaf58ec2c52366a80845b650ad5d9a0d13470d44c28228af Request headers :path /wp-content/themes/marriott-members/dist/fonts/brown-bold.woff2 pragma no-cache origin https://concur.marriott.com accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/wp-content/themes/marriott-members/dist/styles/main.css :scheme https :method GET User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://concur.marriott.com/wp-content/themes/marriott-members/dist/styles/main.css Origin https://concur.marriott.com Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT last-modified Thu, 16 Aug 2018 19:06:13 GMT server nginx status 200 etag "5b75cb25-56bc" vary Accept-Encoding content-type application/x-font-woff access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes content-length 22204
GET H2	200	Marriott-Brand-Icons.ttf concur.marriott.com/wp-content/themes/marriott-members-child/assets/fonts/marriott-brands/	92 KB 92 KB	100ms 100ms	Font font/truetype	54.82.185.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://concur.marriott.com/wp-content/themes/marriott-members-child/assets/fonts/marriott-brands/Marriott-Brand-Icons.ttf?65xkc1 Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.82.185.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-82-185-143.compute-1.amazonaws.com Software nginx / Resource Hash dad91b46f6d897a6934ed0a846297400194114a5b12dc2347ded314b8ea09cd9 Request headers :path /wp-content/themes/marriott-members-child/assets/fonts/marriott-brands/Marriott-Brand-Icons.ttf?65xkc1 pragma no-cache origin https://concur.marriott.com accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority concur.marriott.com referer https://concur.marriott.com/wp-content/themes/marriott-members-child/assets/styles/parent.css :scheme https :method GET User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://concur.marriott.com/wp-content/themes/marriott-members-child/assets/styles/parent.css Origin https://concur.marriott.com Response headers x-type static/known date Fri, 31 Aug 2018 12:14:11 GMT last-modified Thu, 16 Aug 2018 19:06:11 GMT server nginx status 200 etag "5b75cb23-17090" vary Accept-Encoding content-type font/truetype access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes content-length 94352
GET H/1.1	200 OK	tag.js Show response s.btstatic.com/	34 KB 12 KB	21ms 6ms	Script application/javascript	2.19.41.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.btstatic.com/tag.js Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.19.41.153 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-19-41-153.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d83b628407a21e171eab4ebd3baa638ecda547d65cc8d7d4443939e5ec3a0c41 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 31 Aug 2018 12:14:11 GMT Content-Encoding gzip Last-Modified Thu, 23 Aug 2018 15:27:39 GMT Server nginx Vary Accept-Encoding P3P CP=NOI DSP COR NID Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes Content-Type application/javascript Content-Length 12398
GET S	200	1.1 Show response consent.trustarc.com/asset/notice.js/v/	52 KB 18 KB	115ms 53ms	Script application/javascript	54.171.36.43 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/asset/notice.js/v/1.1 Requested by Host: consent.truste.com URL: https://consent.truste.com/notice?domain=marriott.com&c=teconsent&text=true Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.36.43 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-171-36-43.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 70e120d107539c75225afb02b99fdc7ca34f1202af4e3122f45eb32c20b21b9c Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://concur.marriott.com/ Origin https://concur.marriott.com Response headers pragma public date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip last-modified Tue, 7 Aug 2018 05:02:43 GMT server nginx status 200 vary Accept-Encoding content-type application/javascript;charset=UTF-8 access-control-allow-origin *
GET H/1.1	200 OK	tag Show response s.thebrighttag.com/	13 KB 3 KB	125ms 42ms	Script text/javascript	52.30.5.88 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.thebrighttag.com/tag?site=REqL8dD&H=-rw6nhm Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.5.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-30-5-88.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 914d49f4a4c6889b2f0748c65f506fbecc98f02487b5dc7416ff9be82f7b2895 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:11 GMT Content-Encoding gzip Server nginx ETag 31821c44f597c7f52174077ac2de5396 Vary Accept-Encoding P3P CP=NOI DSP COR NID Cache-Control private, must-revalidate Transfer-Encoding chunked Connection keep-alive Content-Type text/javascript X-BT-RequestId 5e7418c1-ad17-11e8-bbc0-0000ac1507c0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	/ consent-pref.trustarc.com/ Frame E6E8	0 0	97ms 27ms	Document text/html	34.250.42.110 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://consent-pref.trustarc.com/?type=marriott&ostype=mobile&site=marriott.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/ Requested by Host: consent.trustarc.com URL: https://consent.trustarc.com/asset/notice.js/v/1.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.250.42.110 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-250-42-110.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash Request headers :method GET :authority consent-pref.trustarc.com :scheme https :path /?type=marriott&ostype=mobile&site=marriott.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://concur.marriott.com/ accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 3DF07EDC456320B783E3FCCD77AFC045 Referer https://concur.marriott.com/ Response headers status 200 date Fri, 31 Aug 2018 12:14:11 GMT content-type text/html; charset=UTF-8 server nginx vary Accept-Encoding etag W/"5706-1533168000000" last-modified Thu, 02 Aug 2018 00:00:00 GMT content-encoding gzip
GET S	200	get consent.trustarc.com/	95 B 282 B	81ms 26ms	Image image/png	34.247.133.113 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://consent.trustarc.com/get?name=transparent.png Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.247.133.113 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-247-133-113.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c Security Headers Name Value X-Frame-Options ALLOWALL Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma public date Fri, 31 Aug 2018 12:14:11 GMT server nginx status 200 x-frame-options ALLOWALL content-type image/png access-control-allow-origin * cache-control max-age=2592000 content-length 95 expires Sun, 30 Sep 2018 12:14:11 GMT
GET S	200	noticemsg consent.trustarc.com/	43 B 205 B	84ms 29ms	Image image/gif	34.247.133.113 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://consent.trustarc.com/noticemsg?action=consent&domain=marriott.com&behavior=expressed&country=de&language=en&rand=0.6711025835289524 Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.247.133.113 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-247-133-113.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT server nginx status 200 content-type image/gif access-control-allow-origin * cache-control no-cache content-length 43 expires Fri, 31 Aug 2018 12:14:10 GMT
GET S	200	get consent.trustarc.com/	923 B 1 KB	52ms 27ms	Image image/png	34.247.133.113 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://consent.trustarc.com/get?name=trans.png Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.247.133.113 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-247-133-113.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05 Security Headers Name Value X-Frame-Options ALLOWALL Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma public date Fri, 31 Aug 2018 12:14:11 GMT server nginx status 200 x-frame-options ALLOWALL content-type image/png access-control-allow-origin * cache-control max-age=2592000 content-length 923 expires Sun, 30 Sep 2018 12:14:11 GMT
GET S	200	js Show response www.googletagmanager.com/gtag/	72 KB 25 KB	15ms 15ms	Script application/javascript	2a00:1450:4001:806::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-1359549 Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:806::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager (scaffolding) / Resource Hash be6970935fcfa6a48b41bcea22fc7bc47b968ebb31a9eb8cff592a21da7b3161 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip server Google Tag Manager (scaffolding) access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 25662 x-xss-protection 1; mode=block expires Fri, 31 Aug 2018 12:14:11 GMT
GET H/1.1	200 OK	5e33cffed7a55cce4ad8ba98662553a034392e10.js Show response s.btstatic.com/lib/	183 B 495 B	9ms 9ms	Script application/javascript	2.19.41.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.btstatic.com/lib/5e33cffed7a55cce4ad8ba98662553a034392e10.js?v=2 Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.19.41.153 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-19-41-153.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 3fa793aef9535e10680faed0f43c685811255a1a392dbdac69a3f8a1a73729d6 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 31 Aug 2018 12:14:11 GMT Content-Encoding gzip Last-Modified Thu, 01 Jan 1970 00:00:00 GMT Server nginx ETag W/"b7-2476192308" Vary Accept-Encoding P3P CP=NOI DSP COR NID Cache-Control max-age=31536000 Connection keep-alive Content-Type application/javascript; charset=utf-8 Content-Length 150
GET S	200	conversion_async.js Show response www.googleadservices.com/pagead/	18 KB 7 KB	31ms 16ms	Script text/javascript	172.217.22.34 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-1359549 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 09084bec4bc2d7da148d7e329a36603e0815f1beed13a94f5c1b51cc1c45c6c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 6841 x-xss-protection 1; mode=block server cafe etag 4773842462054707879 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 31 Aug 2018 12:14:11 GMT
GET H/1.1	200 OK	d5a23b9a0bb0eff3e2ad9436824ca15394d03044.js Show response s.btstatic.com/lib/	42 KB 12 KB	6ms 6ms	Script application/javascript	2.19.41.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.btstatic.com/lib/d5a23b9a0bb0eff3e2ad9436824ca15394d03044.js?v=2 Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.19.41.153 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-19-41-153.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 7f5184c906b41da894e0b04c590c7f835a2734fc270cc66b6617fdb5faa69ded Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 31 Aug 2018 12:14:11 GMT Content-Encoding gzip Last-Modified Thu, 01 Jan 1970 00:00:00 GMT Server nginx ETag W/"a60c-3261136629" Vary Accept-Encoding P3P CP=NOI DSP COR NID Cache-Control max-age=31536000 Connection keep-alive Content-Type application/javascript; charset=utf-8 Content-Length 11888
GET H/1.1	200 OK	abb5af81099611c078c8d31d574d570cf624f04a.js Show response s.btstatic.com/lib/	606 B 691 B	6ms 6ms	Script application/javascript	2.19.41.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.btstatic.com/lib/abb5af81099611c078c8d31d574d570cf624f04a.js?v=2 Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.19.41.153 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-19-41-153.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a12b34694e2f3977f5238934add3609f3cfcfc336b932a95e8c01340ce4e8666 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 31 Aug 2018 12:14:11 GMT Content-Encoding gzip Last-Modified Thu, 01 Jan 1970 00:00:00 GMT Server nginx ETag W/"25e-510435462" Vary Accept-Encoding P3P CP=NOI DSP COR NID Cache-Control max-age=31536000 Connection keep-alive Content-Type application/javascript; charset=utf-8 Content-Length 346
GET H/1.1	200 OK	9678bf35299e349945b5aa75edde9ba1607d97a9.js Show response s.btstatic.com/lib/	1 KB 774 B	6ms 5ms	Script application/javascript	2.19.41.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.btstatic.com/lib/9678bf35299e349945b5aa75edde9ba1607d97a9.js?v=2 Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.19.41.153 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-19-41-153.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 684dd3c1887df5152f9f43c27cdb37bb1a6d7d329efd1cf4440480a7860df678 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 31 Aug 2018 12:14:11 GMT Content-Encoding gzip Last-Modified Thu, 01 Jan 1970 00:00:00 GMT Server nginx ETag W/"41f-2315795944" Vary Accept-Encoding P3P CP=NOI DSP COR NID Cache-Control max-age=31536000 Connection keep-alive Content-Type application/javascript; charset=utf-8 Content-Length 428
GET S	200	outpace_marriott_combined.min.js Show response d1mqz30n8nowyf.cloudfront.net/prod/js/	36 KB 6 KB	43ms 6ms	Script application/javascript	2600:9000:2047:7400:1d:cb70:f5c0:21 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d1mqz30n8nowyf.cloudfront.net/prod/js/outpace_marriott_combined.min.js Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2047:7400:1d:cb70:f5c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash 9ebbf6c25ceaa699eb6bf644fee1376c67671619877818258048ca26b7cff1e6 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Jun 2018 21:06:51 GMT content-encoding gzip last-modified Tue, 26 Jun 2018 20:03:37 GMT server AmazonS3 age 53014 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 x-amz-cf-id GOzfGvemAbLQ87mhTT3sXB489G3laGBW5vIRao8AW4FA560bct9CNg== via 1.1 b74a7a3f7ddfd685212e870d027c332d.cloudfront.net (CloudFront)
GET S	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/979933936/	2 KB 1 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:817::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979933936/?random=1535717651646&cv=9&fst=1535717651646&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=d8o&sendb=1&frm=0&url=https%3A%2F%2Fconcur.marriott.com%2F&tiba=SAP%20Concur%20Updates%20for%20Marriott%20Rewards%20and%20SPG%20Accounts&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 1277095db20478d79ec755236a3fb0951e35a8863c8bd76defee673201160d9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 976 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	/ www.google.com/ads/user-lists/979933936/	42 B 116 B	16ms 14ms	Image image/gif	2a00:1450:4001:806::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/user-lists/979933936/?random=1535717651646&cv=9&fst=1535716800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=d8o&sendb=1&frm=0&url=https%3A%2F%2Fconcur.marriott.com%2F&tiba=SAP%20Concur%20Updates%20for%20Marriott%20Rewards%20and%20SPG%20Accounts&async=1&fmt=3&cdct=2&is_vtc=1&random=408226470&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software adclick_server / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT x-content-type-options nosniff server adclick_server content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	/ www.google.de/ads/user-lists/979933936/	42 B 107 B	19ms 19ms	Image image/gif	2a00:1450:4001:806::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/user-lists/979933936/?random=1535717651646&cv=9&fst=1535716800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=d8o&sendb=1&frm=0&url=https%3A%2F%2Fconcur.marriott.com%2F&tiba=SAP%20Concur%20Updates%20for%20Marriott%20Rewards%20and%20SPG%20Accounts&async=1&fmt=3&cdct=2&is_vtc=1&random=408226470&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software adclick_server / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT x-content-type-options nosniff server adclick_server content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	bat.js Show response bat.bing.com/	22 KB 7 KB	103ms 103ms	Script application/javascript	13.107.21.200 Microsoft Corpora...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software / Resource Hash 3a9b1aaf047d7ab5119bb338a86bee9788c4e79392d4abb12408d62bec6e86fb Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip last-modified Thu, 26 Jul 2018 13:15:21 GMT x-msedge-ref Ref A: BE9C74C2166044EE83BE43E854D14A56 Ref B: FRAEDGE0518 Ref C: 2018-08-31T12:14:11Z status 200 etag "80ba7eb4e224d41:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 accept-ranges bytes content-length 7020
GET H/1.1	200 OK	pxjs.php Show response pxl.jivox.com/tags/re/	7 KB 3 KB	417ms 103ms	Script application/javascript	50.19.249.182 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://pxl.jivox.com/tags/re/pxjs.php?px=65b1e69a256048&destinationCity=&checkInDate=&checkOutDate=&hotelSearchedPropertyID=&hotelViewedPropertyID=&Domain=https://concur.marriott.com/&NoOfRooms=&NoOfAdults=&NoOfKids=&MembershipStatus=&Brand=&Language= Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.19.249.182 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-50-19-249-182.compute-1.amazonaws.com Software Jetty(9.3.z-SNAPSHOT) / Resource Hash cbff88b85a7a8bd8685c30a66475a42bcc7897480b171da3ed4d11e460cc860c Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:12 GMT Content-Encoding gzip Server Jetty(9.3.z-SNAPSHOT) Content-Type application/javascript;charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 Connection keep-alive Access-Control-Allow-Headers content-type Content-Length 2117 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	tag Show response s.thebrighttag.com/	14 KB 4 KB	46ms 45ms	Script text/javascript	52.30.5.88 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.thebrighttag.com/tag?site=REqL8dD&H=-rw6nhm&referrer=https%3A%2F%2Fconcur.marriott.com%2F&mode=v2&cf=4853268%2C5187898%2C5753727%2C79557%2C3018159%2C3018164%2C3027238%2C3294783%2C3294820%2C3325354%2C3378482%2C3402934%2C3402941%2C3402948%2C3536337%2C3907543%2C4016124%2C4035713%2C4063940%2C4088336%2C4283181%2C4322565%2C4374237%2C4377251%2C4412746%2C4977973%2C4982560%2C5068811%2C5072151%2C5092654%2C5313402%2C5479231%2C6350152&_cb_bt_data(%27wedding%20rfi%3A%20property%20name%27)=&_cb_bt_data(%27refid%20url%20parameter%27)=&_cb_bt_data(%27window.outpacepcid%27)= Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.5.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-30-5-88.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 93ea2f410e3d65cf00a8c257cd6defe3acc08e25a2f415e142bcc78f9214d4f5 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:11 GMT Content-Encoding gzip Server nginx ETag ade1057abdf1d44292d6e0847aeeccd7 Vary Accept-Encoding P3P CP=NOI DSP COR NID Cache-Control private, must-revalidate Transfer-Encoding chunked Connection keep-alive Content-Type text/javascript X-BT-RequestId 5e9eab30-ad17-11e8-879e-0000ac15093c Expires Thu, 01 Jan 1970 00:00:00 GMT
GET S	200	/ px.ads.linkedin.com/collect/ Redirect Chain https://dc.ads.linkedin.com/collect/?pid=360572&fmt=gif https://dc.ads.linkedin.com/collect/?pid=360572&fmt=gif&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Fpid%3D360572%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue https://px.ads.linkedin.com/collect/?pid=360572&fmt=gif&cookiesTest=true&liSync=true	43 B 218 B	142ms 111ms	Image image/gif	2a05:f500:10:101::b93f:9105 LinkedIn Corporation
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect/?pid=360572&fmt=gif&cookiesTest=true&liSync=true Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US), Reverse DNS Software Play / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:12 GMT content-encoding gzip server Play vary Accept-Encoding x-li-fabric prod-lva1 status 200 x-li-proto http/2 x-li-pop prod-efr5 content-type image/gif content-length 58 x-li-uuid 3mNScRH3TxXQOOcQYisAAA== Redirect headers date Fri, 31 Aug 2018 12:14:12 GMT content-encoding gzip x-content-type-options nosniff status 302 vary Accept-Encoding content-length 20 x-li-uuid hZNjaBH3TxUAglNJoSsAAA== server Play pragma no-cache x-li-pop prod-efr5 x-frame-options sameorigin strict-transport-security max-age=2592000 x-li-fabric prod-lva1 location https://px.ads.linkedin.com/collect/?pid=360572&fmt=gif&cookiesTest=true&liSync=true x-xss-protection 1; mode=block cache-control no-cache, no-store content-security-policy default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	ld.js Show response static.criteo.net/js/ld/	18 KB 8 KB	68ms 15ms	Script text/javascript	178.250.0.130 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/ld.js Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 203e16103277a61109ec2ad65a9c9fd152dd3a78ed541f874821bbe15a512408 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 31 Aug 2018 12:14:11 GMT Content-Encoding gzip Last-Modified Wed, 19 Sep 2007 08:50:25 GMT Server nginx ETag W/"5b585c14-48a7" Transfer-Encoding chunked Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=86400, public Connection keep-alive Timing-Allow-Origin * Expires Sat, 01 Sep 2018 12:14:11 GMT
GET H/1.1	200 OK	/ servedby.flashtalking.com/container/6896;53357;5142;iframe/ Frame 58E5	0 0	65ms 14ms	Document text/html	205.185.216.10 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://servedby.flashtalking.com/container/6896;53357;5142;iframe/?cachebuster=1859306356&spotname=STWDENT_Branded_HP_ Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS map2.hwcdn.net Software prod-xre-app8.frk11 / Resource Hash Request headers Host servedby.flashtalking.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://concur.marriott.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 3DF07EDC456320B783E3FCCD77AFC045 Referer https://concur.marriott.com/ Response headers Date Fri, 31 Aug 2018 12:14:11 GMT Connection close Cache-Control no-cache, no-store Content-Type text/html Server prod-xre-app8.frk11 Pragma no-cache X-HW 1535717651.dop006.fr8.t,1535717651.cds009.fr8.shn,1535717651.dop006.fr8.t,1535717651.cds001.fr8.sc,1535717651.cds001.fr8.p
GET S	200	ytc.js Show response s.yimg.com/wi/	15 KB 4 KB	54ms 42ms	Script application/javascript	2a00:1288:80:800::7000 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/ytc.js Requested by Host: concur.marriott.com URL: https://concur.marriott.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, DE), Reverse DNS Software ATS / Resource Hash bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip x-content-type-options nosniff age 0 status 200 vary Accept-Encoding content-length 4111 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 17 May 2018 12:51:55 GMT server ATS x-frame-options DENY expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 content-type application/javascript via http/1.1 spdc0015.pbp.ir2.yahoo.com (ApacheTrafficServer), https/1.1 e23.ycpi.deb.yahoo.com (ApacheTrafficServer [cMsSf ]) public-key-pins-report-only max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only" accept-ranges bytes
GET H/1.1	200 OK	js Show response pixel.mathtag.com/event/ Redirect Chain https://pixel.mathtag.com/event/js?mt_id=928582&mt_adid=157694&v1=&v2=&v3= https://pixel.mathtag.com/event/js?mt_id=928582&mt_adid=157694&v1=&v2=&v3=&mm_bnc&mm_bct https://ak1s.abmr.net/is/pixel.mathtag.com?U=/event/js&V=3-2sFXQvVp%2fqmv9hmKh%2f6gKt9jz0euM+1tRGYNAXmGyUDA20hV2xuKBA%3d%3d&I=55F8C9FC45B1C4D&D=mathtag.com&01AD=1&mt_id=928582&mt_adid=157694&v1=&v2... https://pixel.mathtag.com/event/js?01AD=3xo5JV4di0lMhKD12yFTznOH39Y4bTE9adRtDZ72Xu_cKx8gHt1FBUw&01RI=55F8C9FC45B1C4D&01NA=na&mt_id=928582&mt_adid=157694&v1=&v2=&v3=&mm_bnc&mm_bct	2 KB 3 KB	20ms 20ms	Script text/javascript	2.18.233.201 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://pixel.mathtag.com/event/js?01AD=3xo5JV4di0lMhKD12yFTznOH39Y4bTE9adRtDZ72Xu_cKx8gHt1FBUw&01RI=55F8C9FC45B1C4D&01NA=na&mt_id=928582&mt_adid=157694&v1=&v2=&v3=&mm_bnc&mm_bct Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 1.26.12.0 f85fe72 RELEASE cdg-pixel-x21 / Resource Hash da7c3d6fb9e02a1d840a1d33b0d6a0570d583caa8916ca3d6baa810c315fc9f0 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:11 GMT Server MT3 1.26.12.0 f85fe72 RELEASE cdg-pixel-x21 P3P CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/javascript Content-Length 2462 Expires Fri, 31 Aug 2018 12:14:11 GMT Redirect headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:11 GMT P3P policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND" Location https://pixel.mathtag.com/event/js?01AD=3xo5JV4di0lMhKD12yFTznOH39Y4bTE9adRtDZ72Xu_cKx8gHt1FBUw&01RI=55F8C9FC45B1C4D&01NA=na&mt_id=928582&mt_adid=157694&v1=&v2=&v3=&mm_bnc&mm_bct Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 0 Expires Fri, 31 Aug 2018 12:14:11 GMT
GET S	200	ps Show response tag.yieldoptimizer.com/ps/ Redirect Chain https://tag.yieldoptimizer.com/ps/ps?t=s&p=1062&pg=hm&u=&umm=&si=&bd=&t=s https://tag.yieldoptimizer.com/ps/ps?tc=661636143&t=s&p=1062&pg=hm&u=&umm=&si=&bd=&t=s	2 B 94 B	14ms 14ms	Script text/javascript	35.186.212.60 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tag.yieldoptimizer.com/ps/ps?tc=661636143&t=s&p=1062&pg=hm&u=&umm=&si=&bd=&t=s Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.186.212.60 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 60.212.186.35.bc.googleusercontent.com Software Apache-Coyote/1.1 / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT via 1.1 google server Apache-Coyote/1.1 content-type text/javascript;charset=ISO-8859-1 status 200 cache-control no-cache alt-svc clear content-length 2 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT via 1.1 google server Apache-Coyote/1.1 status 302 p3p CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC" location https://tag.yieldoptimizer.com/ps/ps?tc=661636143&t=s&p=1062&pg=hm&u=&umm=&si=&bd=&t=s cache-control no-cache alt-svc clear content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET S	200	ebOneTag.js Show response secure-ds.serving-sys.com/SemiCachedScripts/	44 KB 13 KB	32ms 7ms	Script application/javascript	104.111.250.158 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js Requested by Host: s.btstatic.com URL: https://s.btstatic.com/tag.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.250.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-250-158.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ARR/2.5, ASP.NET Resource Hash 6a5ffe0156b261b93cd8944f9aa2ca33dc6d8c5b781e359629b4be86ebb8610d Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:11 GMT content-encoding gzip status 200 last-modified Mon, 06 Aug 2018 06:51:59 GMT server Microsoft-IIS/8.5 x-powered-by ARR/2.5, ASP.NET etag "42214ef9512dd41:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=502 accept-ranges bytes content-length 13431
GET S	200	ps Show response tag.yieldoptimizer.com/ps/ Redirect Chain https://tag.yieldoptimizer.com/ps/ps?t=s&p=1062&sg=y&t=s https://tag.yieldoptimizer.com/ps/ps?tc=497951744&t=s&p=1062&sg=y&t=s	1 KB 2 KB	16ms 16ms	Script text/javascript	35.186.212.60 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tag.yieldoptimizer.com/ps/ps?tc=497951744&t=s&p=1062&sg=y&t=s Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.186.212.60 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 60.212.186.35.bc.googleusercontent.com Software Apache-Coyote/1.1 / Resource Hash db5bfbea951ccf86cf1c0c23f07357251b701b5b557f7433d42119296c882568 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC" status 200 cache-control no-cache content-type text/javascript;charset=ISO-8859-1 alt-svc clear content-length 1434 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT via 1.1 google server Apache-Coyote/1.1 status 302 p3p CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC" location https://tag.yieldoptimizer.com/ps/ps?tc=497951744&t=s&p=1062&sg=y&t=s cache-control no-cache alt-svc clear content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET S	200	/ www.facebook.com/tr/	44 B 296 B	24ms 6ms	Image image/gif	2a03:2880:f11c:8186:face:b00c:0:50fb Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=836072006419889&ev=PageView&cd[language]=&cd[brand]=&cd[pageURL]=https://concur.marriott.com/&cd[spglvl]= Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:11 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 content-length 44 expires Fri, 31 Aug 2018 12:14:11 GMT
GET S	200	tr www.facebook.com/	44 B 200 B	24ms 6ms	Image image/gif	2a03:2880:f11c:8186:face:b00c:0:50fb Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr?id=836072006419889&ev=HomePage&cd[brand]=&cd[SPG_level]=&cd[language]=&cd[SPG_signin]= Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:11 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 content-length 44 expires Fri, 31 Aug 2018 12:14:11 GMT
GET S	200	/ cx.atdmt.com/ Redirect Chain https://www.facebook.com/tr?id=836072006419889&ev=AdditionalInfo&cd[brandsite]=&cd[SPG_level]=&cd[language]=&cd[propertycountry]=&cd[propertystate]=&cd[propertycity]=&cd[propertyID]=&content_type=p... https://cx.atdmt.com/?c=14083011483849897743&f=AYweqbqCLpzzKEulrdzjhUBUtl9F6Gd5GLk0Ad5oH_aqW_FYneBHhNoTl8vHkW_cEBO2l_TMO5Bdu0jUlpqyqPpk&id=836072006419889&l=3&v=0	42 B 406 B	137ms 100ms	Image image/gif	2a03:2880:f02d:5:face:b00c:0:8c Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://cx.atdmt.com/?c=14083011483849897743&f=AYweqbqCLpzzKEulrdzjhUBUtl9F6Gd5GLk0Ad5oH_aqW_FYneBHhNoTl8vHkW_cEBO2l_TMO5Bdu0jUlpqyqPpk&id=836072006419889&l=3&v=0 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Fri, 31 Aug 2018 12:14:12 GMT content-type image/gif content-length 42 p3p CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC" Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT server proxygen-bolt status 302 content-type text/plain location https://cx.atdmt.com/?c=14083011483849897743&f=AYweqbqCLpzzKEulrdzjhUBUtl9F6Gd5GLk0Ad5oH_aqW_FYneBHhNoTl8vHkW_cEBO2l_TMO5Bdu0jUlpqyqPpk&id=836072006419889&l=3&v=0 cache-control no-cache, no-store, must-revalidate content-length 0 expires 0
GET S	404	I smrtpxl.advertising.com/	0 4 KB	228ms 17ms	Image text/html	2a00:1288:80:800::7001 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://smrtpxl.advertising.com/I?spid=430&sit=&spg=&bra= Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, DE), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers content-type text/html cache-control no-store content-language en
GET H/1.1	200 OK	lb secure.leadback.advertising.com/adcedge/	49 B 887 B	397ms 92ms	Image image/gif	152.163.64.1 AOL Transit Data ...
General Check archive.org Show headers Download Go to Show image Full URL https://secure.leadback.advertising.com/adcedge/lb?site=695501&betr=StarwoodEnterprise=[+]4day[96],14day[336],1day[24],30day[720],1hour[1] Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 152.163.64.1 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US), Reverse DNS m-prd-pxl-shared-mr3-blue-a.evip.aol.com Software Apache-Coyote/1.1 / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 31 Aug 2018 12:14:11 GMT Cache-Control private, max-age=3600 Server Apache-Coyote/1.1 P3P CP="NOI DSP COR LAW CUR DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.bt="Y" Content-Length 49 Content-Type image/gif
GET S	400	RT www.tamgrt.com/	28 B 28 B	212ms 167ms	Image text/plain	152.195.52.245 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://www.tamgrt.com/RT?id=674542987&event=PAGEVIEW&SPG_TIER= Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.195.52.245 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software Apache / Resource Hash 5b3a05c7fb2dfe5932dd4634e2fe6b9021b7d64cee849d6d621057d7db337711 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:12 GMT content-encoding gzip server Apache cache-control no-cache,no-store p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT" vary Accept-Encoding content-type text/plain;charset=ISO-8859-1 status 400 x-cnection close timing-allow-origin https://www.tripadvisor.com content-length 54
GET S	204	spp.pl sp.analytics.yahoo.com/	0 874 B	114ms 39ms	Image text/plain	188.125.66.33 YAHOO-IRD
General Check archive.org Show headers Download Go to Show image Full URL https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10005760 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS spdc.pbp.vip.ir2.yahoo.com Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:12 GMT via http/1.1 spdc0021.pbp.ir2.yahoo.com (ApacheTrafficServer) referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY public-key-pins-report-only max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only" status 204 x-xss-protection 1; mode=block strict-transport-security max-age=31536000 x-content-type-options nosniff
GET H/1.1	200 OK	i.match a.tribalfusion.com/ Redirect Chain https://s.tribalfusion.com/i.cid?c=710883&d=30&page=landingPage https://s.tribalfusion.com/z/i.cid?c=710883&d=30&page=landingPage https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662449803888194 https://a.tribalfusion.com/i.match?p=b6&u=CAESEPPEE974nhbE6Rx9UMHNPJs&google_cver=1&google_ula=2786954,0	43 B 545 B	817ms 161ms	Image image/gif	204.11.109.66 Exponential Inter...
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b6&u=CAESEPPEE974nhbE6Rx9UMHNPJs&google_cver=1&google_ula=2786954,0 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 204.11.109.66 Emeryville, United States, ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US), Reverse DNS a.tribalfusion.com Software / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:13 GMT X-Function 302 P3P CP="NOI DEVo TAIa OUR BUS" Cache-Control no-cache, private Connection keep-alive Content-Type image/gif; charset=utf-8 Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT server HTTP server (unknown) status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.tribalfusion.com/i.match?p=b6&u=CAESEPPEE974nhbE6Rx9UMHNPJs&google_cver=1&google_ula=2786954,0 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 313 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	400	RT www.tamgrt.com/	28 B 28 B	205ms 191ms	Image text/plain	152.195.52.245 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://www.tamgrt.com/RT?id=272008979&event=PAGEVIEW&cachebuster=8449539141 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.195.52.245 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software Apache / Resource Hash 5b3a05c7fb2dfe5932dd4634e2fe6b9021b7d64cee849d6d621057d7db337711 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:12 GMT content-encoding gzip server Apache cache-control no-cache,no-store p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT" vary Accept-Encoding content-type text/plain;charset=ISO-8859-1 status 400 x-cnection close timing-allow-origin https://www.tripadvisor.com content-length 54
GET S	200	src=8359723;dc_pre=CO3urYmil90CFVLgGwodJsEPLg;type=invmedia;cat=leaohz58;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 adservice.google.com/ddm/fls/z/ Redirect Chain https://gwmtracking.com/p/v/1/58056711f8708173f6cd7c4e/format/img https://ad.doubleclick.net/ddm/activity/src=8359723;type=invmedia;cat=leaohz58;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? https://ad.doubleclick.net/ddm/activity/src=8359723;dc_pre=CO3urYmil90CFVLgGwodJsEPLg;type=invmedia;cat=leaohz58;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? https://adservice.google.com/ddm/fls/z/src=8359723;dc_pre=CO3urYmil90CFVLgGwodJsEPLg;type=invmedia;cat=leaohz58;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1	42 B 109 B	122ms 120ms	Image image/gif	2a00:1450:4001:816::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/src=8359723;dc_pre=CO3urYmil90CFVLgGwodJsEPLg;type=invmedia;cat=leaohz58;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 content-type text/html; charset=UTF-8 location https://adservice.google.com/ddm/fls/z/src=8359723;dc_pre=CO3urYmil90CFVLgGwodJsEPLg;type=invmedia;cat=leaohz58;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	src=4807524;dc_pre=CIWMg4mil90CFZQSGwodu70F0A;type=sales;cat=bqa8jpkj;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID] adservice.google.com/ddm/fls/z/ Redirect Chain https://pixel.sojern.com/pixel/img/45982?p_v=1&f_v=v3_image&vid=hot https://cm.g.doubleclick.net/pixel?google_cm=&google_hm=QHw-EopYAuEhYAn89z5K6Q&google_nid=sojern__adx_open_bidder_seat&google_sc=&sjrn_e=c3JjPTQ4MDc1MjQ7dHlwZT1zYWxlcztjYXQ9YnFhOGpwa2o7cXR5PTE7Y29z... https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_e=c3JjPTQ4MDc1MjQ7dHlwZT1zYWxlcztjYXQ9YnFhOGpwa2o7cXR5PTE7Y29zdD0wO3UxPTt1MTY9O2RjX2xhdD07ZGNfcmRpZD07dGFnX2Zvcl9jaGlsZF9kaXJlY3RlZF90cmV... https://ad.doubleclick.net/ddm/activity/src=4807524;type=sales;cat=bqa8jpkj;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID] https://ad.doubleclick.net/ddm/activity/src=4807524;dc_pre=CIWMg4mil90CFZQSGwodu70F0A;type=sales;cat=bqa8jpkj;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID] https://adservice.google.com/ddm/fls/z/src=4807524;dc_pre=CIWMg4mil90CFZQSGwodu70F0A;type=sales;cat=bqa8jpkj;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID]	42 B 264 B	121ms 120ms	Image image/gif	2a00:1450:4001:816::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/src=4807524;dc_pre=CIWMg4mil90CFZQSGwodu70F0A;type=sales;cat=bqa8jpkj;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID] Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 content-type text/html; charset=UTF-8 location https://adservice.google.com/ddm/fls/z/src=4807524;dc_pre=CIWMg4mil90CFZQSGwodu70F0A;type=sales;cat=bqa8jpkj;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[OrderID] cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	lb secure.leadback.advertising.com/adcedge/	49 B 860 B	340ms 92ms	Image image/gif	152.163.64.1 AOL Transit Data ...
General Check archive.org Show headers Download Go to Show image Full URL https://secure.leadback.advertising.com/adcedge/lb?site=695501&betr=sslbet_1489588394=ssprlb_1489588394[720] Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 152.163.64.1 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US), Reverse DNS m-prd-pxl-shared-mr3-blue-a.evip.aol.com Software Apache-Coyote/1.1 / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 31 Aug 2018 12:14:11 GMT Cache-Control private, max-age=3600 Server Apache-Coyote/1.1 P3P CP="NOI DSP COR LAW CUR DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.bt="Y" Content-Length 49 Content-Type image/gif
GET S	200	/ www.google.de/ads/user-lists/980103997/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980103997/?guid=ON&script=0 https://www.google.com/ads/user-lists/980103997/?guid=ON&script=0&cdct=2&is_vtc=1&random=3348857713 https://www.google.de/ads/user-lists/980103997/?guid=ON&script=0&cdct=2&is_vtc=1&random=3348857713&ipr=y&ulfeg=n	42 B 107 B	15ms 14ms	Image image/gif	2a00:1450:4001:806::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/user-lists/980103997/?guid=ON&script=0&cdct=2&is_vtc=1&random=3348857713&ipr=y&ulfeg=n Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software adclick_server / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server adclick_server content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server adclick_server status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/user-lists/980103997/?guid=ON&script=0&cdct=2&is_vtc=1&random=3348857713&ipr=y&ulfeg=n cache-control private, max-age=43200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 333 x-xss-protection 1; mode=block expires Fri, 31 Aug 2018 12:14:12 GMT
GET S	204	spp.pl sp.analytics.yahoo.com/	0 30 B	35ms 33ms	Image text/plain	188.125.66.33 YAHOO-IRD
General Check archive.org Show headers Download Go to Show image Full URL https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=433003&ea=StarwoodSiteVisitor Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS spdc.pbp.vip.ir2.yahoo.com Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:12 GMT via http/1.1 spdc0021.pbp.ir2.yahoo.com (ApacheTrafficServer) referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY public-key-pins-report-only max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only" status 204 x-xss-protection 1; mode=block strict-transport-security max-age=31536000 x-content-type-options nosniff
GET S	200	src=8359723;dc_pre=CJivuImil90CFUxsGwodt70FFA;type=invmedia;cat=fa6ivejj;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 adservice.google.com/ddm/fls/z/ Redirect Chain https://gwmtracking.com/p/v/1/59399701f870816e84e9fb92/format/img https://ad.doubleclick.net/ddm/activity/src=8359723;type=invmedia;cat=fa6ivejj;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? https://ad.doubleclick.net/ddm/activity/src=8359723;dc_pre=CJivuImil90CFUxsGwodt70FFA;type=invmedia;cat=fa6ivejj;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? https://adservice.google.com/ddm/fls/z/src=8359723;dc_pre=CJivuImil90CFUxsGwodt70FFA;type=invmedia;cat=fa6ivejj;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1	42 B 109 B	120ms 119ms	Image image/gif	2a00:1450:4001:816::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/src=8359723;dc_pre=CJivuImil90CFUxsGwodt70FFA;type=invmedia;cat=fa6ivejj;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:13 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 content-type text/html; charset=UTF-8 location https://adservice.google.com/ddm/fls/z/src=8359723;dc_pre=CJivuImil90CFUxsGwodt70FFA;type=invmedia;cat=fa6ivejj;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	p-_4fR8ZBCDjMcG.gif pixel.quantserve.com/pixel/	35 B 479 B	39ms 6ms	Image image/gif	18.197.206.194 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel/p-_4fR8ZBCDjMcG.gif?labels=_fp.event.Default Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.197.206.194 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-197-206-194.eu-central-1.compute.amazonaws.com Software QS / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:12 GMT Server QS P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" Cache-Control private, no-cache, no-store, proxy-revalidate Connection keep-alive Content-Type image/gif Content-Length 35 Expires Fri, 04 Aug 1978 12:00:00 GMT
GET S	204	spp.pl sp.analytics.yahoo.com/	0 30 B	52ms 52ms	Image text/plain	188.125.66.33 YAHOO-IRD
General Check archive.org Show headers Download Go to Show image Full URL https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=433003&ea=strg&tr=&emp=INSERTEMPLOYEEMACROHERE Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS spdc.pbp.vip.ir2.yahoo.com Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:12 GMT via http/1.1 spdc0021.pbp.ir2.yahoo.com (ApacheTrafficServer) referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY public-key-pins-report-only max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only" status 204 x-xss-protection 1; mode=block strict-transport-security max-age=31536000 x-content-type-options nosniff
GET S	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1009568068/	2 KB 1 KB	49ms 49ms	Script text/javascript	2a00:1450:4001:817::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1009568068/?random=1535717651859&cv=9&fst=1535717651859&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=SPGlevel%3D%3BSPGpoints%3D%3Bbrandsite%3D&sendb=1&frm=0&url=https%3A%2F%2Fconcur.marriott.com%2F&tiba=SAP%20Concur%20Updates%20for%20Marriott%20Rewards%20and%20SPG%20Accounts&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash f3ff30d11665a3b1c5a773fc8d83d1c4ba5d64fdd91488e57b72d060e8dcd311 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 970 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	/ www.google.de/ads/user-lists/880594411/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880594411/?value=0&guid=ON&script=0&data=SPG_TIER%3D%3BBRAND_SITE%3D%3Bgoogle_custom_params%3Dwindow.google_tag_params%3Bvar%20googl... https://www.google.com/ads/user-lists/880594411/?value=0&guid=ON&script=0&data=SPG_TIER%3D%3BBRAND_SITE%3D%3Bgoogle_custom_params%3Dwindow.google_tag_params%3Bvar%20google_remarketing_only%3Dtrue&c... https://www.google.de/ads/user-lists/880594411/?value=0&guid=ON&script=0&data=SPG_TIER%3D%3BBRAND_SITE%3D%3Bgoogle_custom_params%3Dwindow.google_tag_params%3Bvar%20google_remarketing_only%3Dtrue&cd...	42 B 107 B	14ms 14ms	Image image/gif	2a00:1450:4001:806::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/user-lists/880594411/?value=0&guid=ON&script=0&data=SPG_TIER%3D%3BBRAND_SITE%3D%3Bgoogle_custom_params%3Dwindow.google_tag_params%3Bvar%20google_remarketing_only%3Dtrue&cdct=2&is_vtc=1&random=440322389&ipr=y&ulfeg=n Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software adclick_server / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server adclick_server content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server adclick_server status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/user-lists/880594411/?value=0&guid=ON&script=0&data=SPG_TIER%3D%3BBRAND_SITE%3D%3Bgoogle_custom_params%3Dwindow.google_tag_params%3Bvar%20google_remarketing_only%3Dtrue&cdct=2&is_vtc=1&random=440322389&ipr=y&ulfeg=n cache-control private, max-age=43200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 470 x-xss-protection 1; mode=block expires Fri, 31 Aug 2018 12:14:12 GMT
GET S	204	0 bat.bing.com/action/	0 93 B	100ms 99ms	Image text/plain	13.107.21.200 Microsoft Corpora...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5036290&Ver=2&mid=f8fd9d67-c130-b6cc-bbf9-b7eb4be4e5d2&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=SAP%20Concur%20Updates%20for%20Marriott%20Rewards%20and%20SPG%20Accounts&p=https%3A%2F%2Fconcur.marriott.com%2F&r=&lt=1461&evt=pageLoad&msclkid=N&rn=817161 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 204 pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT cache-control no-cache, must-revalidate x-msedge-ref Ref A: 58CD261933DD48748D486718B335D664 Ref B: FRAEDGE0518 Ref C: 2018-08-31T12:14:12Z access-control-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	204	0 bat.bing.com/action/	0 93 B	100ms 99ms	Image text/plain	13.107.21.200 Microsoft Corpora...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5036290&Ver=2&mid=f8fd9d67-c130-b6cc-bbf9-b7eb4be4e5d2&ec=&ea=&el=&ev=0&gv=0&evt=custom&msclkid=N&rn=977364 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 204 pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT cache-control no-cache, must-revalidate x-msedge-ref Ref A: 45EBD69388564CE99154E5C5B758128C Ref B: FRAEDGE0518 Ref C: 2018-08-31T12:14:12Z access-control-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	204	0 bat.bing.com/action/	0 93 B	100ms 98ms	Image text/plain	13.107.21.200 Microsoft Corpora...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5036290&Ver=2&mid=f8fd9d67-c130-b6cc-bbf9-b7eb4be4e5d2&ec=&ea=&el=&ev=0&gv=0&evt=custom&msclkid=N&rn=182182 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 204 pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT cache-control no-cache, must-revalidate x-msedge-ref Ref A: 76DD3E2F193D4F5190D4ADD7D106BCE9 Ref B: FRAEDGE0518 Ref C: 2018-08-31T12:14:12Z access-control-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	302	OneTagDefaultConfig.json Show response secure-ds.serving-sys.com/BurstingCachedScripts/ Redirect Chain https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/5905 https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json	0 -1 B	149ms 114ms	XHR	104.111.250.158 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.250.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-250-158.deploy.static.akamaitechnologies.com Software AkamaiGHost / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 302 date Fri, 31 Aug 2018 12:14:12 GMT server AkamaiGHost access-control-allow-origin * accept-ranges bytes content-length 0 location https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json Redirect headers status 302 date Fri, 31 Aug 2018 12:14:12 GMT server AkamaiGHost access-control-allow-origin * accept-ranges bytes content-length 0 location https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
GET S	204	sp.pl Show response sp.analytics.yahoo.com/	0 30 B	34ms 33ms	Script text/plain	188.125.66.33 YAHOO-IRD
General Check archive.org Show headers Download Go to Full URL https://sp.analytics.yahoo.com/sp.pl?a=10001655495085&jsonp=YAHOO.ywa.I13N.handleJSONResponse&d=Fri%2C%2031%20Aug%202018%2012%3A14%3A11%20GMT&n=0&b=SAP%20Concur%20Updates%20for%20Marriott%20Rewards%20and%20SPG%20Accounts&.yp=433003&f=https%3A%2F%2Fconcur.marriott.com%2F&enc=UTF-8 Requested by Host: s.yimg.com URL: https://s.yimg.com/wi/ytc.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS spdc.pbp.vip.ir2.yahoo.com Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:12 GMT via http/1.1 spdc0021.pbp.ir2.yahoo.com (ApacheTrafficServer) referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY public-key-pins-report-only max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only" status 204 x-xss-protection 1; mode=block strict-transport-security max-age=31536000 x-content-type-options nosniff
GET S	200	cmap tag.yieldoptimizer.com/ps/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=yo&google_hm=MzA4NDA3OTU5OTgy&google_sc&google_cm https://tag.yieldoptimizer.com/ps/cmap?t=i&n=20&x=&google_gid=CAESELpjRCzvTBGp_qQ7MjUj_RU&google_cver=1	43 B 298 B	14ms 13ms	Image image/gif	35.186.212.60 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tag.yieldoptimizer.com/ps/cmap?t=i&n=20&x=&google_gid=CAESELpjRCzvTBGp_qQ7MjUj_RU&google_cver=1 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.186.212.60 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 60.212.186.35.bc.googleusercontent.com Software Apache-Coyote/1.1 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC" status 200 cache-control no-cache content-type image/gif alt-svc clear content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT server HTTP server (unknown) status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://tag.yieldoptimizer.com/ps/cmap?t=i&n=20&x=&google_gid=CAESELpjRCzvTBGp_qQ7MjUj_RU&google_cver=1 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 316 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	/ www.google.de/pagead/1p-user-list/1044284962/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0 https://www.google.com/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&crd=CITQGw&cdct=2&is_vtc=1&random=3380507259 https://www.google.de/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&crd=CITQGw&cdct=2&is_vtc=1&random=3380507259&ipr=y	42 B 109 B	21ms 20ms	Image image/gif	2a00:1450:4001:806::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&crd=CITQGw&cdct=2&is_vtc=1&random=3380507259&ipr=y Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type image/gif location https://www.google.de/pagead/1p-user-list/1044284962/?value=0&label=6Rz1CJr54wQQooz68QM&guid=ON&script=0&crd=CITQGw&cdct=2&is_vtc=1&random=3380507259&ipr=y cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid secure.adnxs.com/	0 592 B	49ms 12ms	Image text/html	185.33.223.220 AppNexus
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/setuid?entity=6&code=308407959982 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.223.220 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:14 GMT X-Proxy-Origin 148.251.45.254; 148.251.45.254; 309.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.247:80 AN-X-Request-Uuid a115e659-e074-4577-8838-f1ac245cde6d Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET S	200	sync pixel.sojern.com/idSync/ Redirect Chain https://idsync.rlcdn.com/394499.gif?partner_uid=308407959982 https://idsync.rlcdn.com/1000.gif?memo=CIOKGBIXChMIARDPZBoMMzA4NDA3OTU5OTgyEAAaDQiU4qTcBRIFCOgHEAA https://pippio.com/api/sync?pid=5324&_=2 https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIlOKk3AUSBAgCEAA https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIlOKk3AUSBAgCEAA&google_gid=CAESELcsoAPfoUYEldPNnjyYqSA&google_cver=1 https://pixel.sojern.com/idSync/sync?pid=arbor	0 126 B	14ms 14ms	Image text/plain	107.178.244.119 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sojern.com/idSync/sync?pid=arbor Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.178.244.119 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 119.244.178.107.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers content-type text/plain; charset=utf-8 Redirect headers date Fri, 31 Aug 2018 12:14:12 GMT via 1.1 google status 307 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://pixel.sojern.com/idSync/sync?pid=arbor cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
GET S	200	aasync tag.adaraanalytics.com/ps/	0 337 B	35ms 14ms	Image text/plain	35.241.54.161 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tag.adaraanalytics.com/ps/aasync?ckid=MzA4NDA3OTU5OTgyfDE1MzU3MTc2NTE5MDE Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.241.54.161 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 161.54.241.35.bc.googleusercontent.com Software Apache-Coyote/1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:11 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC" status 200 cache-control no-cache alt-svc clear content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/	42 B 371 B	69ms 56ms	Image image/gif	69.173.144.136 The Rubicon Project
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7726&nid=2242&put=308407959982&expires=365 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.136 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US), Reverse DNS Software Rubicon Project / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:11 GMT Server Rubicon Project P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type image/gif Content-Length 42 X-RPHost mJTk--7uj-_sp9cvTzkDjw Expires 0
GET S	200	src=8012915;dc_pre=CIvlk4mil90CFc6eGwod61UNYg;type=invmedia;cat=kbq6lsee;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 adservice.google.com/ddm/fls/z/ Redirect Chain https://ad.doubleclick.net/ddm/activity/src=8012915;type=invmedia;cat=kbq6lsee;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? https://ad.doubleclick.net/ddm/activity/src=8012915;dc_pre=CIvlk4mil90CFc6eGwod61UNYg;type=invmedia;cat=kbq6lsee;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? https://adservice.google.com/ddm/fls/z/src=8012915;dc_pre=CIvlk4mil90CFc6eGwod61UNYg;type=invmedia;cat=kbq6lsee;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1	42 B 109 B	120ms 119ms	Image image/gif	2a00:1450:4001:816::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/src=8012915;dc_pre=CIvlk4mil90CFc6eGwod61UNYg;type=invmedia;cat=kbq6lsee;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 content-type text/html; charset=UTF-8 location https://adservice.google.com/ddm/fls/z/src=8012915;dc_pre=CIvlk4mil90CFc6eGwod61UNYg;type=invmedia;cat=kbq6lsee;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	src=4576008;dc_pre=CMHlk4mil90CFdNEGwodO2YG1A;type=invmedia;cat=uorroi2k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 adservice.google.com/ddm/fls/z/ Redirect Chain https://ad.doubleclick.net/ddm/activity/src=4576008;type=invmedia;cat=uorroi2k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1? https://ad.doubleclick.net/ddm/activity/src=4576008;dc_pre=CMHlk4mil90CFdNEGwodO2YG1A;type=invmedia;cat=uorroi2k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1? https://adservice.google.com/ddm/fls/z/src=4576008;dc_pre=CMHlk4mil90CFdNEGwodO2YG1A;type=invmedia;cat=uorroi2k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1	42 B 109 B	121ms 120ms	Image image/gif	2a00:1450:4001:816::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/src=4576008;dc_pre=CMHlk4mil90CFdNEGwodO2YG1A;type=invmedia;cat=uorroi2k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 content-type text/html; charset=UTF-8 location https://adservice.google.com/ddm/fls/z/src=4576008;dc_pre=CMHlk4mil90CFdNEGwodO2YG1A;type=invmedia;cat=uorroi2k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	src=5640398;dc_pre=CMjqk4mil90CFQmRGwodohkKwQ;type=invmedia;cat=civlabkg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 adservice.google.com/ddm/fls/z/ Redirect Chain https://ad.doubleclick.net/ddm/activity/src=5640398;type=invmedia;cat=civlabkg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? https://ad.doubleclick.net/ddm/activity/src=5640398;dc_pre=CMjqk4mil90CFQmRGwodohkKwQ;type=invmedia;cat=civlabkg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? https://adservice.google.com/ddm/fls/z/src=5640398;dc_pre=CMjqk4mil90CFQmRGwodohkKwQ;type=invmedia;cat=civlabkg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1	42 B 109 B	121ms 120ms	Image image/gif	2a00:1450:4001:816::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/src=5640398;dc_pre=CMjqk4mil90CFQmRGwodohkKwQ;type=invmedia;cat=civlabkg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 content-type text/html; charset=UTF-8 location https://adservice.google.com/ddm/fls/z/src=5640398;dc_pre=CMjqk4mil90CFQmRGwodohkKwQ;type=invmedia;cat=civlabkg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	event Show response widget.us.criteo.com/ Redirect Chain https://sslwidget.criteo.com/event?a=18543&v=4.7.0&p0=e%3Dexd%26site_type%3Dd%26ui_memberlevel%3D&p1=e%3Dvh%26ci_site%3D&p2=e%3Dvh&p3=e%3Ddis%26a%3D%255Ban%25253Dweb-marriottus.com%252526cn%25253D%... https://widget.us.criteo.com/event?a=18543&v=4.7.0&p0=e%3Dexd%26site_type%3Dd%26ui_memberlevel%3D&p1=e%3Dvh%26ci_site%3D&p2=e%3Dvh&p3=e%3Ddis%26a%3D%255Ban%25253Dweb-marriottus.com%252526cn%25253D%...	997 B 1 KB	423ms 109ms	Script application/x-javascript	74.119.119.79 Criteo Corp.
General Check archive.org Show headers Download Go to Full URL https://widget.us.criteo.com/event?a=18543&v=4.7.0&p0=e%3Dexd%26site_type%3Dd%26ui_memberlevel%3D&p1=e%3Dvh%26ci_site%3D&p2=e%3Dvh&p3=e%3Ddis%26a%3D%255Ban%25253Dweb-marriottus.com%252526cn%25253D%252526ln%25253D%252Can%25253Dweb-starwood.com%252526cn%25253D%252526ln%25253D%252Can%25253Dweb-ritzcarlton.com%252526cn%25253D%252526ln%25253D%252C18543%255D&adce=1&lwid=5f8874e2-9792-46ac-9006-d22baafe400f&tld=marriott.com&dtycbr=98799 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 74.119.119.79 Palo Alto, United States, ASN19750 (AS-CRITEO - Criteo Corp., US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 82f4f6f6e7213a1a04e58f08efbdd39aedb87fb7ada7e8a37ec23f1a3aeca98b Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:12 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Timing-Allow-Origin * X-Powered-By ASP.NET Vary Accept-Encoding P3P NON DSP COR CURa PSA PSD OUR BUS NAV STA Cache-Control private Content-Type application/x-javascript Content-Length 742 Expires 0 Redirect headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:11 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type text/html Location https://widget.us.criteo.com/event?a=18543&v=4.7.0&p0=e%3Dexd%26site_type%3Dd%26ui_memberlevel%3D&p1=e%3Dvh%26ci_site%3D&p2=e%3Dvh&p3=e%3Ddis%26a%3D%255Ban%25253Dweb-marriottus.com%252526cn%25253D%252526ln%25253D%252Can%25253Dweb-starwood.com%252526cn%25253D%252526ln%25253D%252Can%25253Dweb-ritzcarlton.com%252526cn%25253D%252526ln%25253D%252C18543%255D&adce=1&lwid=5f8874e2-9792-46ac-9006-d22baafe400f&tld=marriott.com&dtycbr=98799 Cache-Control private Timing-Allow-Origin * Content-Length 0 Expires 0
GET H/1.1	200 OK	img pixel.mathtag.com/misc/	43 B 463 B	15ms 15ms	Image image/gif	2.18.233.201 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 1.26.12.0 f85fe72 RELEASE cdg-pixel-x16 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 31 Aug 2018 12:14:12 GMT Server MT3 1.26.12.0 f85fe72 RELEASE cdg-pixel-x16 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 31 Aug 2018 12:14:11 GMT
GET S	200	OneTagDefaultConfig.json Show response secure-ds.serving-sys.com/BurstingCachedScripts/	11 B 217 B	7ms 7ms	XHR application/json	104.111.250.158 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.250.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-250-158.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ARR/2.5, ASP.NET Resource Hash 9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308 Request headers X-DevTools-Emulate-Network-Conditions-Client-Id 3DF07EDC456320B783E3FCCD77AFC045 Origin https://concur.marriott.com Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 31 Aug 2018 12:14:12 GMT last-modified Tue, 19 Dec 2017 08:44:56 GMT server Microsoft-IIS/8.5 x-powered-by ARR/2.5, ASP.NET etag "5a9573a5a578d31:0" status 200 content-type application/json access-control-allow-origin * accept-ranges bytes content-length 11 expires Mon, 31 Dec 2035 00:00:00 GMT
GET H/1.1	200	Serving Show response bs.serving-sys.com/	301 B 936 B	59ms 15ms	Script text/html	82.199.68.72 TELECITY-LON
General Check archive.org Show headers Download Go to Full URL https://bs.serving-sys.com/Serving?cn=ot&onetagid=5905&dispType=js&sync=0&sessionid=8806659292113070498&pageurl=$$https%3A//concur.marriott.com/$$&activityValues=$$Session=8410912853312064686$$&ns=0&rnd=9798296496270644 Requested by Host: secure-ds.serving-sys.com URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 82.199.68.72 , Netherlands, ASN15830 (TELECITY-LON, GB), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash 66c44a8821189ac3152572c188f1d9ac1930c9c7f04e77820345e61c09640f3b Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:12 GMT Content-Encoding gzip Server Microsoft-IIS/7.5 X-Powered-By ASP.NET P3P CP="NOI DEVa OUR BUS UNI" Access-Control-Allow-Origin * Cache-Control no-cache, no-store Content-Type text/html; charset=UTF-8 Content-Length 239 Expires Sun, 05-Jun-2005 22:00:00 GMT
GET H/1.1	200 OK	iframe pixel.mathtag.com/sync/ Frame 9A1F	0 0	18ms 18ms	Document text/html	2.18.233.201 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://pixel.mathtag.com/sync/iframe?realm=batch_supply&mt_adid=157694&mt_id=928582&mt_nobot=1 Requested by Host: pixel.mathtag.com URL: https://pixel.mathtag.com/event/js?01AD=3xo5JV4di0lMhKD12yFTznOH39Y4bTE9adRtDZ72Xu_cKx8gHt1FBUw&01RI=55F8C9FC45B1C4D&01NA=na&mt_id=928582&mt_adid=157694&v1=&v2=&v3=&mm_bnc&mm_bct Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 1.26.12.0 f85fe72 RELEASE cdg-pixel-x7 / Resource Hash Request headers Host pixel.mathtag.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://concur.marriott.com/ Accept-Encoding gzip, deflate Cookie uuid=12675b89-2e32-4a00-a811-3982c7c92556; HRL8=CT-USR; uuidc=Lm4mPwYSnP9fEX3yWjOunogVw7WFVS8TX7mCwy2ykIhP6e+2e9puk096Vb7Sg7okMTXqUCzoIOrMLg3BPHWXikKZqCZY7+CMKQ4kFpfgrxw= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 3DF07EDC456320B783E3FCCD77AFC045 Referer https://concur.marriott.com/ Response headers Content-Type text/html Content-Length 554 Cache-Control no-cache P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Server MT3 1.26.12.0 f85fe72 RELEASE cdg-pixel-x7 Expires Fri, 31 Aug 2018 12:14:11 GMT Date Fri, 31 Aug 2018 12:14:12 GMT Connection keep-alive
GET H/1.1	200 OK	iframe pixel.mathtag.com/sync/ Frame E073	0 0	46ms 31ms	Document text/html	2.18.233.201 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://pixel.mathtag.com/sync/iframe?mt_uuid=12675b89-2e32-4a00-a811-3982c7c92556&no_iframe=1&mt_adid=157694 Requested by Host: pixel.mathtag.com URL: https://pixel.mathtag.com/event/js?01AD=3xo5JV4di0lMhKD12yFTznOH39Y4bTE9adRtDZ72Xu_cKx8gHt1FBUw&01RI=55F8C9FC45B1C4D&01NA=na&mt_id=928582&mt_adid=157694&v1=&v2=&v3=&mm_bnc&mm_bct Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 1.26.12.0 f85fe72 RELEASE zrh-pixel-x16 / Resource Hash Request headers Host pixel.mathtag.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://concur.marriott.com/ Accept-Encoding gzip, deflate Cookie uuid=12675b89-2e32-4a00-a811-3982c7c92556; HRL8=CT-USR; uuidc=Lm4mPwYSnP9fEX3yWjOunogVw7WFVS8TX7mCwy2ykIhP6e+2e9puk096Vb7Sg7okMTXqUCzoIOrMLg3BPHWXikKZqCZY7+CMKQ4kFpfgrxw= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 3DF07EDC456320B783E3FCCD77AFC045 Referer https://concur.marriott.com/ Response headers Content-Type text/html Cache-Control no-cache P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Server MT3 1.26.12.0 f85fe72 RELEASE zrh-pixel-x16 Expires Fri, 31 Aug 2018 12:14:11 GMT Vary Accept-Encoding Content-Encoding gzip Date Fri, 31 Aug 2018 12:14:12 GMT Content-Length 1583 Connection keep-alive
GET H/1.1	200 OK	pxrc.php Show response pxl.jivox.com/tags/re/	3 B 426 B	103ms 102ms	Script application/javascript	50.19.249.182 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://pxl.jivox.com/tags/re/pxrc.php?c=1&px=65b1e69a256048&cData=&r=0.9634735975726969 Requested by Host: pxl.jivox.com URL: https://pxl.jivox.com/tags/re/pxjs.php?px=65b1e69a256048&destinationCity=&checkInDate=&checkOutDate=&hotelSearchedPropertyID=&hotelViewedPropertyID=&Domain=https://concur.marriott.com/&NoOfRooms=&NoOfAdults=&NoOfKids=&MembershipStatus=&Brand=&Language= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.19.249.182 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-50-19-249-182.compute-1.amazonaws.com Software Jetty(9.3.z-SNAPSHOT) / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:12 GMT Server Jetty(9.3.z-SNAPSHOT) P3P CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA' Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 Connection keep-alive Content-Type application/javascript;charset=utf-8 Access-Control-Allow-Headers content-type Content-Length 3
GET H/1.1	200 OK	cs s.thebrighttag.com/ Redirect Chain https://sync.jivox.com/tags/sync/usync.php?px=Nc6gu0QY&src=re&id=65b1e69a256048&r=0.48455148746152776 https://s.thebrighttag.com/cs?tp=jx&uid=r2iSLkUjQTHc&gdpr=0	35 B 353 B	27ms 27ms	Image image/gif	52.30.5.88 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://s.thebrighttag.com/cs?tp=jx&uid=r2iSLkUjQTHc&gdpr=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.5.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-30-5-88.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 Aug 2018 12:14:12 GMT Server nginx P3P CP=NOI DSP COR NID Cache-Control private, must-revalidate Connection keep-alive X-BT-RequestId 5f3545e0-ad17-11e8-9dda-0000ac1506f7 Content-Type image/gif Content-Length 35 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://s.thebrighttag.com/cs?tp=jx&uid=r2iSLkUjQTHc&gdpr=0 Date Fri, 31 Aug 2018 12:14:12 GMT Server Jetty(9.3.z-SNAPSHOT) Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET S	200	/ www.google.com/ads/user-lists/1009568068/	42 B 116 B	14ms 14ms	Image image/gif	2a00:1450:4001:806::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/user-lists/1009568068/?random=1535717651859&cv=9&fst=1535716800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=SPGlevel%3D%3BSPGpoints%3D%3Bbrandsite%3D&sendb=1&frm=0&url=https%3A%2F%2Fconcur.marriott.com%2F&tiba=SAP%20Concur%20Updates%20for%20Marriott%20Rewards%20and%20SPG%20Accounts&async=1&fmt=3&cdct=2&is_vtc=1&random=2418243336&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software adclick_server / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server adclick_server content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	/ www.google.de/ads/user-lists/1009568068/	42 B 107 B	15ms 14ms	Image image/gif	2a00:1450:4001:806::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/user-lists/1009568068/?random=1535717651859&cv=9&fst=1535716800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=SPGlevel%3D%3BSPGpoints%3D%3Bbrandsite%3D&sendb=1&frm=0&url=https%3A%2F%2Fconcur.marriott.com%2F&tiba=SAP%20Concur%20Updates%20for%20Marriott%20Rewards%20and%20SPG%20Accounts&async=1&fmt=3&cdct=2&is_vtc=1&random=2418243336&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software adclick_server / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://concur.marriott.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Fri, 31 Aug 2018 12:14:12 GMT x-content-type-options nosniff server adclick_server content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	Cookie set dis.aspx dis.us.criteo.com/dis/ Frame C8AA	0 0	419ms 105ms	Document text/html	74.119.119.84 Criteo Corp.
General Check archive.org Show headers Download Go to Full URL https://dis.us.criteo.com/dis/dis.aspx?p=18543&cb=84159878887&ref=&sc_r=1600x1200&sc_d=24 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/ld.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 74.119.119.84 Palo Alto, United States, ASN19750 (AS-CRITEO - Criteo Corp., US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers Host dis.us.criteo.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://concur.marriott.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 3DF07EDC456320B783E3FCCD77AFC045 Referer https://concur.marriott.com/ Response headers Cache-Control private Pragma no-cache Content-Type text/html Content-Encoding gzip Expires Mon, 26 Jul 1997 05:00:00 GMT Vary Accept-Encoding Server Microsoft-IIS/10.0 P3P CP='CUR ADM OUR NOR STA NID' Timing-Allow-Origin * Set-Cookie uid=e470d32f-e7b9-4b47-861a-1bb900e6cb4d; domain=.criteo.com; expires=Sat, 31-Aug-2019 12:14:12 GMT; path=/ X-Powered-By ASP.NET Date Fri, 31 Aug 2018 12:14:13 GMT Content-Length 147